Exemplo n.º 1
* Build link to a month's page
* @param    string  $dir_topic  current topic
* @param    int     $year   year to link to
* @param    int     $month  month to link to
* @param    int     $count  number of stories for that month (may be 0)
* @return   string          month name + count, as link or plain text
function DIR_monthLink($dir_topic, $year, $month, $count)
    global $_CONF, $LANG_MONTH;
    $retval = $LANG_MONTH[$month] . ' (' . COM_numberFormat($count) . ')' . LB;
    if ($count > 0) {
        $month_url = COM_buildUrl($_CONF['site_url'] . '/directory.php' . '?topic=' . urlencode($dir_topic) . '&year=' . $year . '&month=' . $month);
        $retval = COM_createLink($retval, $month_url);
    $retval .= LB;
    return $retval;
Exemplo n.º 2
function _showSelectTree($aid = 0, $level = 0)
    $album = new mgAlbum($aid);
    $retval = '';
    $children = $album->getChildren();
    if ($album->id != 0 && $album->access > 0) {
        $block = '';
        if (!empty($children)) {
            $retval .= "<script type=\"text/javascript\"><!--" . LB . "function enableBlock" . $album->id . "() {" . LB . "  if (document.galselect.elements['album[" . $album->id . "]'].checked) {" . LB;
            foreach ($children as $child) {
                $retval .= "    document.galselect.elements['album[" . $child . "]'].disabled = true;" . LB;
                $retval .= "    document.galselect.elements['album[" . $child . "]'].checked = true;" . LB;
            $retval .= "  } else {" . LB;
            foreach ($children as $child) {
                $retval .= "    document.galselect.elements['album[" . $child . "]'].disabled = false;" . LB;
                $retval .= "    document.galselect.elements['album[" . $child . "]'].checked = false;" . LB;
            $retval .= "  }" . LB;
            foreach ($children as $child) {
                $child_of_child = $album->getChildren($child);
                if (!empty($child_of_child)) {
                    $retval .= '  enableBlock' . $child . '();' . LB;
            $retval .= "}" . LB . "// -->" . LB . "</script>" . LB;
            $block = 'onclick="enableBlock' . $album->id . '()" onchange="enableBlock' . $album->id . '()"';
        if ($album->parent != 0) {
            $block = '';
        $px = ($level - 1) * 15;
        $retval .= '<div style="margin-left:' . $px . 'px;">' . '<input type="checkbox" name="album[' . $album->id . ']" id="album_' . $album->id . '" value="1" ' . $block . XHTML . '>&nbsp;&nbsp;' . strip_tags($album->title) . ' (' . COM_numberFormat($album->album_disk_usage / 1024) . ' Kb)</div>' . LB;
    foreach ($children as $child) {
        $retval .= _showSelectTree($child, $level);
    return $retval;
Exemplo n.º 3
* This function used to send out reminders to users to access the site or account may be deleted
* @return   string          HTML with success or error message
function batchreminders()
    global $_CONF, $_TABLES, $LANG04, $LANG28;
    $msg = '';
    $user_list = array();
    if (isset($_POST['delitem'])) {
        $user_list = $_POST['delitem'];
    if (count($user_list) == 0) {
        $msg = $LANG28[79] . '<br' . XHTML . '>';
    $c = 0;
    if (isset($_POST['delitem']) and is_array($_POST['delitem'])) {
        foreach ($_POST['delitem'] as $delitem) {
            $userid = COM_applyFilter($delitem);
            $useremail = DB_getItem($_TABLES['users'], 'email', "uid = '{$userid}'");
            $username = DB_getItem($_TABLES['users'], 'username', "uid = '{$userid}'");
            $lastlogin = DB_getItem($_TABLES['userinfo'], 'lastlogin', "uid = '{$userid}'");
            $lasttime = COM_getUserDateTimeFormat($lastlogin);
            if (file_exists($_CONF['path_data'] . 'reminder_email.txt')) {
                $template = COM_newTemplate($_CONF['path_data']);
                $template->set_file(array('mail' => 'reminder_email.txt'));
                $template->set_var('site_name', $_CONF['site_name']);
                $template->set_var('site_slogan', $_CONF['site_slogan']);
                $template->set_var('lang_username', $LANG04[2]);
                $template->set_var('username', $username);
                $template->set_var('name', COM_getDisplayName($uid));
                $template->set_var('lastlogin', $lasttime[0]);
                $template->parse('output', 'mail');
                $mailtext = $template->finish($template->get_var('output'));
            } else {
                if ($lastlogin == 0) {
                    $mailtext = $LANG28[83] . "\n\n";
                } else {
                    $mailtext = sprintf($LANG28[82], $lasttime[0]) . "\n\n";
                $mailtext .= sprintf($LANG28[84], $username) . "\n";
                $mailtext .= sprintf($LANG28[85], $_CONF['site_url'] . '/users.php?mode=getpassword') . "\n\n";
            $subject = sprintf($LANG28[81], $_CONF['site_name']);
            if ($_CONF['site_mail'] !== $_CONF['noreply_mail']) {
                $mailfrom = $_CONF['noreply_mail'];
                $mailtext .= LB . LB . $LANG04[159];
            } else {
                $mailfrom = $_CONF['site_mail'];
            if (COM_mail($useremail, $subject, $mailtext, $mailfrom)) {
                DB_query("UPDATE {$_TABLES['users']} SET num_reminders=num_reminders+1 WHERE uid={$userid}");
            } else {
                COM_errorLog("Error attempting to send account reminder to use:{$username} ({$userid})");
    // Since this function is used for deletion only, its necessary to say that
    // zero where deleted instead of just leaving this message away.
    // just in case we have more than 999)..
    $msg .= "{$LANG28[80]}: {$c}<br" . XHTML . ">\n";
    return $msg;
Exemplo n.º 4
*   List all backups, i.e. all files ending in .sql or .sql.gz
*   @return string  HTML for the list of files or an error when not writable
function DBADMIN_list()
    global $token;
    $retval = '';
    if (is_writable($_CONF['backup_path'])) {
        $backups = array();
        $fd = opendir($_CONF['backup_path']);
        $index = 0;
        while (false !== ($file = @readdir($fd))) {
            if ($file != '.' && $file != '..' && $file != 'CVS' && preg_match('/\\.sql(\\.gz)?$/i', $file)) {
                $backups[] = $file;
        // AS, 2004-03-29 - Sort backup files by date, newest first.
        // Order given by 'readdir' might not be correct.
        usort($backups, 'DBADMIN_compareBackupFiles');
        $data_arr = array();
        $diskIconUrl = $_CONF['layout_url'] . '/images/admin/disk.' . $_IMAGE_TYPE;
        $attr['title'] = $LANG_DB_BACKUP['download'];
        $alt = $LANG_DB_BACKUP['download'];
        $num_backups = count($backups);
        $icon_img = COM_createImage($diskIconUrl, $alt, $attr);
        for ($i = 0; $i < $num_backups; $i++) {
            $downloadUrl = LGLIB_ADMIN_URL . '/index.php?download=x&amp;file=' . urlencode($backups[$i]);
            $downloadLink = COM_createLink($icon_img, $downloadUrl, $attr);
            $downloadLink .= '&nbsp;&nbsp;';
            $attr['style'] = 'vertical-align:top;';
            $downloadLink .= COM_createLink($backups[$i], $downloadUrl, $attr);
            $backupfile = $_CONF['backup_path'] . $backups[$i];
            $backupfilesize = COM_numberFormat(filesize($backupfile)) . ' <b>' . $LANG_DB_BACKUP['bytes'] . '</b>';
            $data_arr[$i] = array('file' => $downloadLink, 'size' => $backupfilesize, 'filename' => $backups[$i]);
        $retval .= DBADMIN_menu("<p>{$LANG_DB_BACKUP['db_explanation']}</p><p>" . sprintf($LANG_DB_BACKUP['total_number'], $index) . '</p>');
        $header_arr = array(array('text' => $LANG_DB_BACKUP['backup_file'], 'field' => 'file'), array('text' => $LANG_DB_BACKUP['size'], 'field' => 'size'));
        $text_arr = array('form_url' => LGLIB_ADMIN_URL . '/index.php');
        $form_arr = array('bottom' => '', 'top' => '');
        if ($num_backups > 0) {
            $form_arr['bottom'] = '<input type="hidden" name="delete" value="x" />' . '<input type="hidden" name="' . CSRF_TOKEN . '" value="' . $token . '" />' . LB;
        $options = array('chkselect' => true, 'chkminimum' => 0, 'chkfield' => 'filename');
        $retval .= ADMIN_simpleList('', $header_arr, $text_arr, $data_arr, $options, $form_arr);
        $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    } else {
        $retval .= COM_startBlock($LANG08[06], '', COM_getBlockTemplate('_msg_block', 'header'));
        $retval .= $LANG_DB_BACKUP['no_access'];
        COM_errorLog($_CONF['backup_path'] . ' is not writable.', 1);
        $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
    return $retval;
Exemplo n.º 5
function links_edit_category($cid, $pid)
    $retval = '';
    $cid = addslashes($cid);
    if (!empty($pid)) {
        // have parent id, so making a new subcategory
        // get parent access rights
        $result = DB_query("SELECT group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['linkcategories']} WHERE cid='" . addslashes($pid) . "'");
        $A = DB_fetchArray($result);
        $A['owner_id'] = $_USER['uid'];
        $A['pid'] = $pid;
    } elseif (!empty($cid)) {
        // have category id, so editing a category
        $sql = "SELECT * FROM {$_TABLES['linkcategories']} WHERE cid='{$cid}'" . COM_getPermSQL('AND');
        $result = DB_query($sql);
        $A = DB_fetchArray($result);
    } else {
        // nothing, so making a new top-level category
        // get default access rights
        $A['group_id'] = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name='Links Admin'");
        SEC_setDefaultPermissions($A, $_LI_CONF['category_permissions']);
        $A['owner_id'] = $_USER['uid'];
        $A['pid'] = $_LI_CONF['root'];
    $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    if ($access < 3) {
        return COM_showMessage(6, 'links');
    $token = SEC_createToken();
    $retval .= COM_startBlock($LANG_LINKS_ADMIN[56], '', COM_getBlockTemplate('_admin_block', 'header'));
    $retval .= SEC_getTokenExpiryNotice($token);
    $T = new Template($_CONF['path'] . 'plugins/links/templates/admin');
    $T->set_file(array('page' => 'categoryeditor.thtml'));
    $T->set_var('xhtml', XHTML);
    $T->set_var('site_url', $_CONF['site_url']);
    $T->set_var('site_admin_url', $_CONF['site_admin_url']);
    $T->set_var('layout_url', $_CONF['layout_url']);
    $T->set_var('lang_pagetitle', $LANG_LINKS_ADMIN[28]);
    $T->set_var('lang_link_list', $LANG_LINKS_ADMIN[53]);
    $T->set_var('lang_new_link', $LANG_LINKS_ADMIN[51]);
    $T->set_var('lang_validate_links', $LANG_LINKS_ADMIN[26]);
    $T->set_var('lang_list_categories', $LANG_LINKS_ADMIN[50]);
    $T->set_var('lang_new_category', $LANG_LINKS_ADMIN[52]);
    $T->set_var('lang_admin_home', $LANG_ADMIN['admin_home']);
    $T->set_var('instructions', $LANG_LINKS_ADMIN[29]);
    $T->set_var('lang_category', $LANG_LINKS_ADMIN[30]);
    $T->set_var('lang_cid', $LANG_LINKS_ADMIN[32]);
    $T->set_var('lang_description', $LANG_LINKS_ADMIN[31]);
    $T->set_var('lang_topic', $LANG_LINKS_ADMIN[33]);
    $T->set_var('lang_parent', $LANG_LINKS_ADMIN[34]);
    $T->set_var('lang_save', $LANG_ADMIN['save']);
    if (!empty($cid)) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $T->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $T->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
    } else {
        $T->set_var('delete_option', '');
    $T->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    if (!empty($cid)) {
        $T->set_var('cid_value', $A['cid']);
        $T->set_var('old_cid_value', $A['cid']);
        $T->set_var('category_options', links_select_box(3, $A['pid']));
        $T->set_var('category_value', $A['category']);
        $T->set_var('description_value', $A['description']);
    } else {
        $A['cid'] = COM_makeSid();
        $T->set_var('cid_value', $A['cid']);
        $T->set_var('old_cid_value', '');
        $T->set_var('category_options', links_select_box(3, $A['pid']));
        $T->set_var('category_value', '');
        $T->set_var('description_value', '');
    if (!isset($A['tid'])) {
        $A['tid'] = 'all';
    $topics = COM_topicList('tid,topic', $A['tid'], 1, true);
    $T->set_var('topic_list', $topics);
    $alltopics = '<option value="all"';
    if ($A['tid'] == 'all') {
        $alltopics .= ' selected="selected"';
    $alltopics .= '>' . $LANG_LINKS_ADMIN[35] . '</option>' . LB;
    $T->set_var('topic_selection', '<select name="tid">' . $alltopics . $topics . '</select>');
    if (empty($cid)) {
        $num_links = $LANG_ADMIN['na'];
    } else {
        $nresult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['links']} WHERE cid='{$cid}'" . COM_getPermSQL('AND'));
        $N = DB_fetchArray($nresult);
        $num_links = COM_numberFormat($N['count']);
    $T->set_var('lang_num_links', $LANG_LINKS_ADMIN[61]);
    $T->set_var('num_links', $num_links);
    // user access info
    $T->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $T->set_var('lang_owner', $LANG_ACCESS['owner']);
    $T->set_var('owner_name', COM_getDisplayName($A['owner_id']));
    $T->set_var('cat_ownerid', $A['owner_id']);
    $T->set_var('lang_group', $LANG_ACCESS['group']);
    $T->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
    $T->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $T->set_var('lang_permissionskey', $LANG_ACCESS['permissionskey']);
    $T->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $T->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
    $T->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $T->set_var('lang_lockmsg', $LANG_ACCESS['permmsg']);
    $T->set_var('gltoken_name', CSRF_TOKEN);
    $T->set_var('gltoken', $token);
    $T->parse('output', 'page');
    $retval .= $T->finish($T->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
Exemplo n.º 6
                        if (SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3 && SEC_hasRights('calendarjp.edit')) {
                            $editurl = $_CONF['site_admin_url'] . '/plugins/calendarjp/index.php?mode=edit&amp;eid=' . $A['eid'];
                            $cal_templates->set_var('event_edit', COM_createLink($LANG01[4], $editurl));
                            $img = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG01[4] . '" title="' . $LANG01[4] . '"' . XHTML . '>';
                            $cal_templates->set_var('edit_icon', COM_createLink($img, $editurl));
                            $cal_templates->set_var('hits_admin', COM_numberFormat($A['hits']));
                            $cal_templates->set_var('lang_hits_admin', $LANG10[30]);
                        } else {
                            $cal_templates->set_var('event_edit', '');
                            $cal_templates->set_var('edit_icon', '');
                    if ($mode == 'personal') {
                        // personal events don't have a hits counter
                        $cal_templates->set_var('lang_hits', '');
                        $cal_templates->set_var('hits', '');
                    } else {
                        $cal_templates->set_var('lang_hits', $LANG10[30]);
                        $cal_templates->set_var('hits', COM_numberFormat($A['hits']));
                    $cal_templates->parse('event_details', 'details', true);
            $cal_templates->parse('output', 'events');
            $display .= $cal_templates->finish($cal_templates->get_var('output'));
        $display .= COM_endBlock();
        $display = COM_createHTMLDocument($display, array('pagetitle' => $pagetitle));
// end switch
Exemplo n.º 7
* Show topic administration form
* @param    string  tid     ID of topic to edit
* @return   string          HTML for the topic editor
function edittopic($tid = '')
    $retval = '';
    if (empty($tid)) {
        // new topic - set defaults
        $A = array();
        $A['tid'] = '';
        $A['topic'] = '';
        $A['sortnum'] = 0;
        $A['limitnews'] = '';
        // leave empty!
        $A['is_default'] = 0;
        $A['archive_flag'] = 0;
    } else {
        $result = DB_query("SELECT * FROM {$_TABLES['topics']} WHERE tid ='{$tid}'");
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
        if ($access == 0 or $access == 2) {
            $retval .= COM_startBlock($LANG27[12], '', COM_getBlockTemplate('_msg_block', 'header'));
            $retval .= $LANG27[13];
            $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
            COM_accessLog("User {$_USER['username']} tried to illegally create or edit topic {$tid}.");
            return $retval;
    $token = SEC_createToken();
    $retval .= COM_startBlock($LANG27[1], '', COM_getBlockTemplate('_admin_block', 'header'));
    $retval .= SEC_getTokenExpiryNotice($token);
    if (!is_array($A) || empty($A['owner_id'])) {
        $A['owner_id'] = $_USER['uid'];
        // this is the one instance where we default the group
        // most topics should belong to the Topic Admin group
        if (isset($_GROUPS['Topic Admin'])) {
            $A['group_id'] = $_GROUPS['Topic Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('topic.edit');
        SEC_setDefaultPermissions($A, $_CONF['default_permissions_topic']);
        $access = 3;
    $topic_templates = new Template($_CONF['path_layout'] . 'admin/topic');
    $topic_templates->set_file('editor', 'topiceditor.thtml');
    $topic_templates->set_var('xhtml', XHTML);
    $topic_templates->set_var('site_url', $_CONF['site_url']);
    $topic_templates->set_var('site_admin_url', $_CONF['site_admin_url']);
    $topic_templates->set_var('layout_url', $_CONF['layout_url']);
    if (!empty($tid) && SEC_hasRights('topic.edit')) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $topic_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $topic_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
        $topic_templates->set_var('warning_msg', $LANG27[6]);
    $topic_templates->set_var('lang_topicid', $LANG27[2]);
    $topic_templates->set_var('topic_id', $A['tid']);
    $topic_templates->set_var('lang_donotusespaces', $LANG27[5]);
    $topic_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $topic_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($A['owner_id']);
    $topic_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"));
    $topic_templates->set_var('owner_name', $ownername);
    $topic_templates->set_var('owner', $ownername);
    $topic_templates->set_var('owner_id', $A['owner_id']);
    $topic_templates->set_var('lang_group', $LANG_ACCESS['group']);
    $topic_templates->set_var('lang_save', $LANG_ADMIN['save']);
    $topic_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $topic_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
    $topic_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $topic_templates->set_var('lang_permissions_key', $LANG_ACCESS['permissionskey']);
    $topic_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $topic_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
    $topic_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $topic_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
    // show sort order only if they specified sortnum as the sort method
    if ($_CONF['sortmethod'] != 'alpha') {
        $topic_templates->set_var('lang_sortorder', $LANG27[10]);
        if ($A['sortnum'] == 0) {
            $A['sortnum'] = '';
        $topic_templates->set_var('sort_order', '<input type="text" size="3" maxlength="3" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>');
    } else {
        $topic_templates->set_var('lang_sortorder', $LANG27[14]);
        $topic_templates->set_var('sort_order', $LANG27[15]);
    $topic_templates->set_var('lang_storiesperpage', $LANG27[11]);
    if ($A['limitnews'] == 0) {
        $topic_templates->set_var('story_limit', '');
    } else {
        $topic_templates->set_var('story_limit', $A['limitnews']);
    $topic_templates->set_var('default_limit', $_CONF['limitnews']);
    $topic_templates->set_var('lang_defaultis', $LANG27[16]);
    $topic_templates->set_var('lang_topicname', $LANG27[3]);
    $topic_templates->set_var('topic_name', stripslashes($A['topic']));
    if (empty($A['tid'])) {
        $A['imageurl'] = '/images/topics/';
    $topic_templates->set_var('lang_topicimage', $LANG27[4]);
    $topic_templates->set_var('lang_uploadimage', $LANG27[27]);
    $topic_templates->set_var('icon_dimensions', $_CONF['max_topicicon_width'] . ' x ' . $_CONF['max_topicicon_height']);
    $topic_templates->set_var('lang_maxsize', $LANG27[28]);
    $topic_templates->set_var('max_url_length', 255);
    $topic_templates->set_var('image_url', $A['imageurl']);
    $topic_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
    $topic_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
    if (!empty($A['meta_description'])) {
        $topic_templates->set_var('meta_description', $A['meta_description']);
    if (!empty($A['meta_keywords'])) {
        $topic_templates->set_var('meta_keywords', $A['meta_keywords']);
    $topic_templates->set_var('lang_defaulttopic', $LANG27[22]);
    $topic_templates->set_var('lang_defaulttext', $LANG27[23]);
    if ($A['is_default'] == 1) {
        $topic_templates->set_var('default_checked', 'checked="checked"');
    } else {
        $topic_templates->set_var('default_checked', '');
    $topic_templates->set_var('lang_archivetopic', $LANG27[25]);
    $topic_templates->set_var('lang_archivetext', $LANG27[26]);
    $topic_templates->set_var('archive_disabled', '');
    if ($A['archive_flag'] == 1) {
        $topic_templates->set_var('archive_checked', 'checked="checked"');
    } else {
        $topic_templates->set_var('archive_checked', '');
        // Only 1 topic can be the archive topic - so check if there already is one
        if (DB_count($_TABLES['topics'], 'archive_flag', '1') > 0) {
            $topic_templates->set_var('archive_disabled', 'disabled');
    if (empty($tid)) {
        $num_stories = $LANG_ADMIN['na'];
    } else {
        $nresult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE tid = '" . addslashes($tid) . "'" . COM_getPermSql('AND'));
        $N = DB_fetchArray($nresult);
        $num_stories = COM_numberFormat($N['count']);
    $topic_templates->set_var('lang_num_stories', $LANG27[30]);
    $topic_templates->set_var('num_stories', $num_stories);
    $topic_templates->set_var('gltoken_name', CSRF_TOKEN);
    $topic_templates->set_var('gltoken', $token);
    $topic_templates->parse('output', 'editor');
    $retval .= $topic_templates->finish($topic_templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
Exemplo n.º 8
* Shows a profile for a user
* This grabs the user profile for a given user and displays it
* @param    int     $user   User ID of profile to get
* @param    int     $msg    Message to display (if != 0)
* @return   string          HTML for user profile page
function userprofile($user, $msg = 0)
    global $_CONF, $_TABLES, $_USER, $LANG01, $LANG04, $LANG09, $LANG_LOGIN;
    $retval = '';
    if (empty($_USER['username']) && ($_CONF['loginrequired'] == 1 || $_CONF['profileloginrequired'] == 1)) {
        $retval .= COM_siteHeader('menu');
        $retval .= COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header'));
        $login = new Template($_CONF['path_layout'] . 'submit');
        $login->set_file(array('login' => 'submitloginrequired.thtml'));
        $login->set_var('xhtml', XHTML);
        $login->set_var('login_message', $LANG_LOGIN[2]);
        $login->set_var('site_url', $_CONF['site_url']);
        $login->set_var('site_admin_url', $_CONF['site_admin_url']);
        $login->set_var('layout_url', $_CONF['layout_url']);
        $login->set_var('lang_login', $LANG_LOGIN[3]);
        $login->set_var('lang_newuser', $LANG_LOGIN[4]);
        $login->parse('output', 'login');
        $retval .= $login->finish($login->get_var('output'));
        $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
        $retval .= COM_siteFooter();
        return $retval;
    $result = DB_query("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,homepage,about,location,pgpkey,photo,email FROM {$_TABLES['userinfo']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['users']}.uid = {$user}");
    $nrows = DB_numRows($result);
    if ($nrows == 0) {
        // no such user
        return COM_refresh($_CONF['site_url'] . '/index.php');
    $A = DB_fetchArray($result);
    $display_name = COM_getDisplayName($user, $A['username'], $A['fullname']);
    // format date/time to user preference
    $curtime = COM_getUserDateTimeFormat($A['regdate']);
    $A['regdate'] = $curtime[0];
    $user_templates = new Template($_CONF['path_layout'] . 'users');
    $user_templates->set_file(array('profile' => 'profile.thtml', 'row' => 'commentrow.thtml', 'strow' => 'storyrow.thtml'));
    $user_templates->set_var('xhtml', XHTML);
    $user_templates->set_var('site_url', $_CONF['site_url']);
    $user_templates->set_var('start_block_userprofile', COM_startBlock($LANG04[1] . ' ' . $display_name));
    $user_templates->set_var('end_block', COM_endBlock());
    $user_templates->set_var('lang_username', $LANG04[2]);
    if ($_CONF['show_fullname'] == 1) {
        $user_templates->set_var('username', $A['fullname']);
        $user_templates->set_var('user_fullname', $A['username']);
    } else {
        $user_templates->set_var('username', $A['username']);
        $user_templates->set_var('user_fullname', $A['fullname']);
    if (SEC_hasRights('user.edit')) {
        global $_IMAGE_TYPE, $LANG_ADMIN;
        $edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG_ADMIN['edit'] . '" title="' . $LANG_ADMIN['edit'] . '"' . XHTML . '>';
        $edit_link_url = COM_createLink($edit_icon, "{$_CONF['site_admin_url']}/user.php?mode=edit&amp;uid={$A['uid']}");
        $user_templates->set_var('edit_link', $edit_link_url);
    $photo = USER_getPhoto($user, $A['photo'], $A['email'], -1);
    $user_templates->set_var('user_photo', $photo);
    $user_templates->set_var('lang_membersince', $LANG04[67]);
    $user_templates->set_var('user_regdate', $A['regdate']);
    $user_templates->set_var('lang_email', $LANG04[5]);
    $user_templates->set_var('user_id', $user);
    $user_templates->set_var('lang_sendemail', $LANG04[81]);
    $user_templates->set_var('lang_homepage', $LANG04[6]);
    $user_templates->set_var('user_homepage', COM_killJS($A['homepage']));
    $user_templates->set_var('lang_location', $LANG04[106]);
    $user_templates->set_var('user_location', strip_tags($A['location']));
    $user_templates->set_var('lang_bio', $LANG04[7]);
    $user_templates->set_var('user_bio', nl2br(stripslashes($A['about'])));
    $user_templates->set_var('lang_pgpkey', $LANG04[8]);
    $user_templates->set_var('user_pgp', nl2br($A['pgpkey']));
    $user_templates->set_var('start_block_last10stories', COM_startBlock($LANG04[82] . ' ' . $display_name));
    $user_templates->set_var('start_block_last10comments', COM_startBlock($LANG04[10] . ' ' . $display_name));
    $user_templates->set_var('start_block_postingstats', COM_startBlock($LANG04[83] . ' ' . $display_name));
    $user_templates->set_var('lang_title', $LANG09[16]);
    $user_templates->set_var('lang_date', $LANG09[17]);
    // for alternative layouts: use these as headlines instead of block titles
    $user_templates->set_var('headline_last10stories', $LANG04[82]);
    $user_templates->set_var('headline_last10comments', $LANG04[10]);
    $user_templates->set_var('headline_postingstats', $LANG04[83]);
    $result = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL());
    $nrows = DB_numRows($result);
    $tids = array();
    for ($i = 0; $i < $nrows; $i++) {
        $T = DB_fetchArray($result);
        $tids[] = $T['tid'];
    $topics = "'" . implode("','", $tids) . "'";
    // list of last 10 stories by this user
    if (count($tids) > 0) {
        $sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = {$user}) AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
        $sql .= " ORDER BY unixdate DESC LIMIT 10";
        $result = DB_query($sql);
        $nrows = DB_numRows($result);
    } else {
        $nrows = 0;
    if ($nrows > 0) {
        for ($i = 0; $i < $nrows; $i++) {
            $C = DB_fetchArray($result);
            $user_templates->set_var('cssid', $i % 2 + 1);
            $user_templates->set_var('row_number', $i + 1 . '.');
            $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $C['sid']);
            $user_templates->set_var('article_url', $articleUrl);
            $C['title'] = str_replace('$', '&#36;', $C['title']);
            $user_templates->set_var('story_title', COM_createLink(stripslashes($C['title']), $articleUrl, array('class' => 'b')));
            $storytime = COM_getUserDateTimeFormat($C['unixdate']);
            $user_templates->set_var('story_date', $storytime[0]);
            $user_templates->parse('story_row', 'strow', true);
    } else {
        $user_templates->set_var('story_row', '<tr><td>' . $LANG01[37] . '</td></tr>');
    // list of last 10 comments by this user
    $sidArray = array();
    if (count($tids) > 0) {
        // first, get a list of all stories the current visitor has access to
        $sql = "SELECT sid FROM {$_TABLES['stories']} WHERE (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
        $result = DB_query($sql);
        $numsids = DB_numRows($result);
        for ($i = 1; $i <= $numsids; $i++) {
            $S = DB_fetchArray($result);
            $sidArray[] = $S['sid'];
    $sidList = implode("', '", $sidArray);
    $sidList = "'{$sidList}'";
    // then, find all comments by the user in those stories
    $sql = "SELECT sid,title,cid,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['comments']} WHERE (uid = {$user}) GROUP BY sid,title,cid,UNIX_TIMESTAMP(date)";
    // SQL NOTE:  Using a HAVING clause is usually faster than a where if the
    // field is part of the select
    // if (!empty ($sidList)) {
    //     $sql .= " AND (sid in ($sidList))";
    // }
    if (!empty($sidList)) {
        $sql .= " HAVING sid in ({$sidList})";
    $sql .= " ORDER BY unixdate DESC LIMIT 10";
    $result = DB_query($sql);
    $nrows = DB_numRows($result);
    if ($nrows > 0) {
        for ($i = 0; $i < $nrows; $i++) {
            $C = DB_fetchArray($result);
            $user_templates->set_var('cssid', $i % 2 + 1);
            $user_templates->set_var('row_number', $i + 1 . '.');
            $comment_url = $_CONF['site_url'] . '/comment.php?mode=view&amp;cid=' . $C['cid'];
            $C['title'] = str_replace('$', '&#36;', $C['title']);
            $user_templates->set_var('comment_title', COM_createLink(stripslashes($C['title']), $comment_url, array('class' => 'b')));
            $commenttime = COM_getUserDateTimeFormat($C['unixdate']);
            $user_templates->set_var('comment_date', $commenttime[0]);
            $user_templates->parse('comment_row', 'row', true);
    } else {
        $user_templates->set_var('comment_row', '<tr><td>' . $LANG01[29] . '</td></tr>');
    // posting stats for this user
    $user_templates->set_var('lang_number_stories', $LANG04[84]);
    $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (uid = {$user}) AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL('AND');
    $result = DB_query($sql);
    $N = DB_fetchArray($result);
    $user_templates->set_var('number_stories', COM_numberFormat($N['count']));
    $user_templates->set_var('lang_number_comments', $LANG04[85]);
    $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['comments']} WHERE (uid = {$user})";
    if (!empty($sidList)) {
        $sql .= " AND (sid in ({$sidList}))";
    $result = DB_query($sql);
    $N = DB_fetchArray($result);
    $user_templates->set_var('number_comments', COM_numberFormat($N['count']));
    $user_templates->set_var('lang_all_postings_by', $LANG04[86] . ' ' . $display_name);
    // Call custom registration function if enabled and exists
    if ($_CONF['custom_registration'] && function_exists('CUSTOM_userDisplay')) {
        $user_templates->set_var('customfields', CUSTOM_userDisplay($user));
    PLG_profileVariablesDisplay($user, $user_templates);
    $user_templates->parse('output', 'profile');
    $retval .= $user_templates->finish($user_templates->get_var('output'));
    $retval .= PLG_profileBlocksDisplay($user);
    return $retval;
Exemplo n.º 9
* This function displays the comment control bar
* Prints the control that allows the user to interact with Geeklog Comments
* @param    string  $sid    ID of item in question
* @param    string  $title  Title of item
* @param    string  $type   Type of item (i.e. article, photo, etc)
* @param    string  $order  Order that comments are displayed in
* @param    string  $mode   Mode (nested, flat, etc.)
* @param    int     $ccode  Comment code: -1=no comments, 0=allowed, 1=closed
* @return   string          HTML Formated comment bar
* @see CMT_userComments
function CMT_commentBar($sid, $title, $type, $order, $mode, $ccode = 0)
    global $_CONF, $_TABLES, $_USER, $LANG01;
    $parts = explode('/', $_SERVER['PHP_SELF']);
    $page = array_pop($parts);
    $nrows = DB_count($_TABLES['comments'], array('sid', 'type'), array($sid, $type));
    $commentbar = new Template($_CONF['path_layout'] . 'comment');
    $commentbar->set_file(array('commentbar' => 'commentbar.thtml'));
    $commentbar->set_var('xhtml', XHTML);
    $commentbar->set_var('site_url', $_CONF['site_url']);
    $commentbar->set_var('site_admin_url', $_CONF['site_admin_url']);
    $commentbar->set_var('layout_url', $_CONF['layout_url']);
    $commentbar->set_var('lang_comments', $LANG01[3]);
    $commentbar->set_var('lang_refresh', $LANG01[39]);
    $commentbar->set_var('lang_reply', $LANG01[60]);
    $commentbar->set_var('lang_disclaimer', $LANG01[26]);
    if ($ccode == 0) {
        $commentbar->set_var('reply_hidden_or_submit', 'submit');
    } else {
        $commentbar->set_var('reply_hidden_or_submit', 'hidden');
    $commentbar->set_var('num_comments', COM_numberFormat($nrows));
    $commentbar->set_var('comment_type', $type);
    $commentbar->set_var('sid', $sid);
    $cmt_title = stripslashes($title);
    $commentbar->set_var('story_title', $cmt_title);
    // Article's are pre-escaped.
    if ($type != 'article') {
        $cmt_title = htmlspecialchars($cmt_title);
    $commentbar->set_var('comment_title', $cmt_title);
    if ($type == 'article') {
        $articleUrl = COM_buildUrl($_CONF['site_url'] . "/article.php?story={$sid}");
    } else {
        // for a plugin
         * Link to plugin defined link or lacking that a generic link
         * that the plugin should support (hopefully)
        list($plgurl, $plgid) = PLG_getCommentUrlId($type);
        $articleUrl = "{$plgurl}?{$plgid}={$sid}";
    $commentbar->set_var('article_url', $articleUrl);
    if ($page == 'comment.php') {
        $link = COM_createLink($cmt_title, $articleUrl, array('class' => 'non-ul b'));
        $commentbar->set_var('story_link', $link);
        $commentbar->set_var('start_storylink_anchortag', '<a href="' . $articleUrl . '" class="non-ul">');
        $commentbar->set_var('end_storylink_anchortag', '</a>');
    } else {
        $commentbar->set_var('story_link', $articleUrl);
    if (!empty($_USER['uid']) && $_USER['uid'] > 1) {
        $username = $_USER['username'];
        $fullname = $_USER['fullname'];
    } else {
        $result = DB_query("SELECT username,fullname FROM {$_TABLES['users']} WHERE uid = 1");
        $N = DB_fetchArray($result);
        $username = $N['username'];
        $fullname = $N['fullname'];
    if (empty($fullname)) {
        $fullname = $username;
    $commentbar->set_var('user_name', $username);
    $commentbar->set_var('user_fullname', $fullname);
    if (!empty($_USER['username'])) {
        $author = COM_getDisplayName($_USER['uid'], $username, $fullname);
        $commentbar->set_var('user_nullname', $author);
        $commentbar->set_var('author', $author);
        $commentbar->set_var('login_logout_url', $_CONF['site_url'] . '/users.php?mode=logout');
        $commentbar->set_var('lang_login_logout', $LANG01[35]);
    } else {
        $commentbar->set_var('user_nullname', '');
        $commentbar->set_var('login_logout_url', $_CONF['site_url'] . '/users.php?mode=new');
        $commentbar->set_var('lang_login_logout', $LANG01[61]);
    if ($page == 'comment.php') {
        $commentbar->set_var('parent_url', $_CONF['site_url'] . '/comment.php');
        $hidden = '';
        if ($_REQUEST['mode'] == 'view') {
            $hidden .= '<input type="hidden" name="cid" value="' . $_REQUEST['cid'] . '"' . XHTML . '>';
            $hidden .= '<input type="hidden" name="pid" value="' . $_REQUEST['cid'] . '"' . XHTML . '>';
        } else {
            if ($_REQUEST['mode'] == 'display') {
                $hidden .= '<input type="hidden" name="pid" value="' . $_REQUEST['pid'] . '"' . XHTML . '>';
        $commentbar->set_var('hidden_field', $hidden . '<input type="hidden" name="mode" value="' . $_REQUEST['mode'] . '"' . XHTML . '>');
    } else {
        if ($type == 'article') {
            $commentbar->set_var('parent_url', $_CONF['site_url'] . '/article.php');
            $commentbar->set_var('hidden_field', '<input type="hidden" name="story" value="' . $sid . '"' . XHTML . '>');
        } else {
            // plugin
            // Link to plugin defined link or lacking that a generic link that the plugin should support (hopefully)
            list($plgurl, $plgid) = PLG_getCommentUrlId($type);
            $commentbar->set_var('parent_url', $plgurl);
            $commentbar->set_var('hidden_field', '<input type="hidden" name="' . $plgid . '" value="' . $sid . '"' . XHTML . '>');
    // Order
    $selector = '<select name="order">' . LB . COM_optionList($_TABLES['sortcodes'], 'code,name', $order) . LB . '</select>';
    $commentbar->set_var('order_selector', $selector);
    // Mode
    if ($page == 'comment.php') {
        $selector = '<select name="format">';
    } else {
        $selector = '<select name="mode">';
    $selector .= LB . COM_optionList($_TABLES['commentmodes'], 'mode,name', $mode) . LB . '</select>';
    $commentbar->set_var('mode_selector', $selector);
    return $commentbar->finish($commentbar->parse('output', 'commentbar'));
Exemplo n.º 10
  *   Get the variables from the return URL to display a "thank-you"
  *   message to the buyer.
  *   @uses   getMainUrl()
  *   @uses   PaymentGw::Description()
  *   @param  array   $A      Optionally override the $_GET parameters
  *   @return array           Array of standard name=>value pairs
 public function thanksVars($A = '')
     if (empty($A)) {
         $A = $_GET;
         // Amazon's returnUrl uses $_GET
     list($currency, $amount) = preg_split('/\\s+/', $A['transactionAmount']);
     $amount = COM_numberFormat($amount, 2);
     $R = array('payment_date' => strftime('%d %b %Y @ %H:%M:%S', $A['transactionDate']), 'currency' => $currency, 'payment_amount' => $amount, 'gateway_url' => self::getMainUrl(), 'gateway_name' => self::Description());
     return $R;
Exemplo n.º 11
* This function used to send out reminders to users to access the site or account may be deleted
* @return   string          HTML with success or error message
function USER_sendReminders()
    global $_CONF, $_TABLES, $LANG04, $LANG28;
    $msg = '';
    $user_list = array();
    if (isset($_POST['delitem'])) {
        $user_list = $_POST['delitem'];
    $nusers = count($user_list);
    if (count($user_list) == 0) {
        $msg = $LANG28[79] . '<br/>';
    } else {
        $c = 0;
        if (isset($_POST['delitem']) and is_array($_POST['delitem'])) {
            foreach ($_POST['delitem'] as $delitem) {
                $uid = COM_applyFilter($delitem);
                $useremail = DB_getItem($_TABLES['users'], 'email', "uid = '{$uid}'");
                $username = DB_getItem($_TABLES['users'], 'username', "uid = '{$uid}'");
                $lastlogin = DB_getItem($_TABLES['userinfo'], 'lastlogin', "uid = '{$uid}'");
                $lasttime = COM_getUserDateTimeFormat($lastlogin);
                if (file_exists($_CONF['path_data'] . 'reminder_email.txt')) {
                    $template = new Template($_CONF['path_data']);
                    $template->set_file(array('mail' => 'reminder_email.txt'));
                    $template->set_var('site_url', $_CONF['site_url']);
                    $template->set_var('site_name', $_CONF['site_name']);
                    $template->set_var('site_slogan', $_CONF['site_slogan']);
                    $template->set_var('lang_username', $LANG04[2]);
                    $template->set_var('username', $username);
                    $template->set_var('name', COM_getDisplayName($uid));
                    $template->set_var('lastlogin', $lasttime[0]);
                    $template->parse('output', 'mail');
                    $mailtext = $template->get_var('output');
                } else {
                    if ($lastlogin == 0) {
                        $mailtext = $LANG28[83] . "\n\n";
                    } else {
                        $mailtext = sprintf($LANG28[82], $lasttime[0]) . "\n\n";
                    $mailtext .= sprintf($LANG28[84], $username) . "\n";
                    $mailtext .= sprintf($LANG28[85], $_CONF['site_url'] . '/users.php?mode=getpassword') . "\n\n";
                $subject = sprintf($LANG28[81], $_CONF['site_name']);
                if ($_CONF['site_mail'] !== $_CONF['noreply_mail']) {
                    $mailfrom = $_CONF['noreply_mail'];
                    global $LANG_LOGIN;
                    $mailtext .= LB . LB . $LANG04[159];
                } else {
                    $mailfrom = $_CONF['site_mail'];
                $to = array();
                $to = COM_formatEmailAddress($username, $useremail);
                $from = array();
                $from = COM_formatEmailAddress('', $mailfrom);
                if (COM_mail($to, $subject, $mailtext, $from)) {
                    DB_query("UPDATE {$_TABLES['users']} SET num_reminders=num_reminders+1 WHERE uid={$uid}");
                } else {
                    COM_errorLog("Error attempting to send account reminder to user: {$username} ({$uid})");
        // just in case we have more than 999)..
        $msg .= "{$LANG28[80]}: {$c}<br/>\n";
    return $msg;
Exemplo n.º 12
function MG_listDir($dir, $album_id, $purgefiles, $recurse)
    global $_CONF, $_TABLES, $_MG_CONF, $LANG_MG01, $LANG_MG02, $destDirCount, $pCount;
    // What we may do is scan for directories first, build that array
    // then scan for files and build that array, I always want the directories to be on the top!
    // array_multisort()
    $x = strlen($_MG_CONF['ftp_path']);
    if ($_MG_CONF['ftp_path'][$x] == '/' || $_MG_CONF['ftp_path'][$x] == '\\') {
        $directory = $_MG_CONF['ftp_path'] . $dir;
    } else {
        $directory = $_MG_CONF['ftp_path'] . '/' . $dir;
    if (!@is_dir($directory)) {
        return COM_showMessageText($LANG_MG02['invalid_directory'] . '<br' . XHTML . '>' . $directory . '  [ <a href=\'javascript:history.go(-1)\'>' . $LANG_MG02['go_back'] . '</a> ]');
    if (!($dh = @opendir($directory))) {
        return COM_showMessageText($LANG_MG02['directory_error'] . '  [ <a href=\'javascript:history.go(-1)\'>' . $LANG_MG02['go_back'] . '</a> ]');
    $directory = trim($directory);
    if ($directory[strlen($directory) - 1] != '/') {
        $directory = $directory . '/';
     * Currently we have disabled the selection of Root album.
     * This could cause a problem with the 'create the album structure' feature
     * Need to come up with a better way to handle this.
        $album_selectbox  = '';
        if (SEC_hasRights('mediagallery.admin') || ($_MG_CONF['member_albums'] == 1 && $_MG_CONF['member_album_root'] == 0)) {
            $album_selectbox .= '<option value="0">' . $LANG_MG01['root_album'] . '</option>';
        $root_album = new mgAlbum(0);
        $root_album->buildAlbumBox($album_selectbox, $album_id, 3, -1, 'upload');
        $album_selectbox .= '</select>';
    //    $album_selectbox  = MG_buildAlbumBox($root_album, $album_id, 3, -1, 'upload');
    $rowcounter = 0;
    $retval = '';
    $T = COM_newTemplate(MG_getTemplatePath($album_id));
    $T->set_file('admin', 'filelist.thtml');
    $T->set_var(array('lang_put_files' => $LANG_MG01['put_files'], 'lang_into_album' => $LANG_MG01['into_album']));
    $dest = sprintf("d%04d", $destDirCount);
    // build a select box of valid albums for upload
    require_once $_CONF['path'] . 'plugins/mediagallery/include/classAlbum.php';
    $album_selectbox = '<select name="' . $dest . '">' . LB;
    $root_album = new mgAlbum(0);
    $root_album->buildAlbumBox($album_selectbox, $album_id, 3, -1, 'upload');
    $album_selectbox .= '</select>' . LB;
    $T->set_block('admin', 'dirRow', 'dRow');
    $pdir = $dir == '' ? './' : $dir;
    $T->set_var(array('directory' => $pdir, 'destination' => $album_selectbox, 'dirdest' => $dest));
    $T->set_block('admin', 'fileRow', 'fRow');
    // calculate parent directory...
    $dirParts = array();
    $dirParts = explode('/', $dir);
    $numDirs = count($dirParts);
    $dirPath = '';
    if ($numDirs > 1) {
        for ($x = 0; $x < $numDirs - 1; $x++) {
            $dirPath .= $dirParts[$x];
            if ($x < $numDirs - 2) {
                $dirPath .= '/';
        $dirlink = '<a href="' . $_MG_CONF['site_url'] . '/admin.php?mode=list&amp;album_id=' . $album_id . '&amp;dir=' . $dirPath . '">Parent directory</a>';
        $T->set_var(array('row_class' => $rowcounter % 2 ? '2' : '1', 'checkbox' => '', 'palbum' => '', 'pfile' => '', 'dirid' => '', 'filename' => $dirlink, 'fullname' => '', 'filesize' => '', 'parent_select' => '', 'color' => '', 'type' => ''));
        $T->parse('fRow', 'fileRow', true);
    while (($file = readdir($dh)) != false) {
        if ($file == '..' || $file == '.') {
        $filetmp = $directory . $file;
        $filename = basename($file);
        $file_extension = strtolower(substr(strrchr($filename, '.'), 1));
        $isadirectory = 0;
        if (is_dir($filetmp)) {
            $isadirectory = 1;
            $type = 'Directory';
            $fullDir = urlencode($dir . '/' . $filename);
            $dirlink = '<a href="' . $_MG_CONF['site_url'] . '/admin.php?album_id=' . $album_id . '&amp;mode=list&amp;dir=' . $fullDir . '">' . $filename . '</a>';
        if ($isadirectory == 0) {
            switch ($file_extension) {
                case 'jpg':
                case 'bmp':
                case 'tif':
                case 'png':
                    $type = 'Image';
                case 'avi':
                case 'wmv':
                case 'asf':
                case 'mov':
                    $type = 'Video';
                case 'mp3':
                case 'ogg':
                    $type = 'Audio';
                    $type = 'Unknown';
        $max_filesize = DB_getItem($_TABLES['mg_albums'], 'max_filesize', 'album_id=' . intval($album_id));
        $toobig = 0;
        if ($max_filesize != 0 && filesize($filetmp) > $max_filesize) {
            $toobig = 1;
        $pvalue = sprintf("i%04d", $pCount);
        $T->set_var(array('row_class' => $rowcounter % 2 ? '2' : '1', 'checkbox' => '<input type="checkbox" name="pic[]" value="' . $pvalue . '"' . XHTML . '>', 'palbum' => '<input type="hidden" name="album_lb_id_' . $pvalue . '" value="' . $dest . '"' . XHTML . '>', 'pfile' => '<input type="hidden" name="picfile_' . $pvalue . '" value="' . $filetmp . '"' . XHTML . '>', 'dirid' => '<input type="hidden" name="dest" value="' . $dest . '"' . XHTML . '>', 'filename' => $isadirectory ? $dirlink : $filename, 'fullname' => $filetmp, 'filesize' => COM_numberFormat(filesize($filetmp) / 1024) . ' kB', 'parent_select' => '<select name="parentaid">' . LB . $album_selectbox, 'color' => $toobig ? '<span style="font-color:red;">' : '<span style="font-color:black;">', 'type' => $type));
        $T->parse('fRow', 'fileRow', true);
    $T->parse('dRow', 'dirRow', true);
    $retval .= $T->finish($T->parse('output', 'admin'));
    return $retval;
Exemplo n.º 13
     $bodytext = '<p>' . $bodytext . '</p>';
     $fulltext = '<p>' . $fulltext . '</p>';
     $fulltext_no_br = '<p>' . $fulltext_no_br . '</p>';
 $story_template->set_var('story_introtext', $introtext);
 $story_template->set_var('story_bodytext', $bodytext);
 $story_template->set_var('story_text', $fulltext);
 $story_template->set_var('story_text_no_br', $fulltext_no_br);
 $story_template->set_var('site_name', $_CONF['site_name']);
 $story_template->set_var('site_slogan', $_CONF['site_slogan']);
 $story_template->set_var('story_id', $story->getSid());
 $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid());
 if ($story->DisplayElements('commentcode') >= 0) {
     $commentsUrl = $articleUrl . '#comments';
     $comments = $story->DisplayElements('comments');
     $numComments = COM_numberFormat($comments);
     $story_template->set_var('story_comments', $numComments);
     $story_template->set_var('comments_url', $commentsUrl);
     $story_template->set_var('comments_text', $numComments . ' ' . $LANG01[3]);
     $story_template->set_var('comments_count', $numComments);
     $story_template->set_var('lang_comments', $LANG01[3]);
     $comments_with_count = sprintf($LANG01[121], $numComments);
     if ($comments > 0) {
         $comments_with_count = COM_createLink($comments_with_count, $commentsUrl);
     $story_template->set_var('comments_with_count', $comments_with_count);
 $story_template->set_var('lang_full_article', $LANG08[33]);
 $story_template->set_var('article_url', $articleUrl);
 $printable = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '&amp;mode=print');
 $story_template->set_var('printable_url', $printable);
Exemplo n.º 14
* List all backups, i.e. all files ending in .sql
* @return   string      HTML for the list of files or an error when not writable
function listbackups()
    global $_CONF, $_TABLES, $_IMAGE_TYPE, $LANG08, $LANG_ADMIN, $LANG_DB_BACKUP, $_DB_dbms;
    require_once $_CONF['path_system'] . 'lib-admin.php';
    $retval = '';
    if (is_writable($_CONF['backup_path'])) {
        $backups = array();
        $fd = opendir($_CONF['backup_path']);
        $index = 0;
        while (false !== ($file = @readdir($fd))) {
            if ($file != '.' && $file != '..' && $file != 'CVS' && preg_match('/\\.sql$/i', $file)) {
                $backups[] = $file;
        // AS, 2004-03-29 - Sort backup files by date, newest first.
        // Order given by 'readdir' might not be correct.
        usort($backups, 'compareBackupFiles');
        $data_arr = array();
        $thisUrl = $_CONF['site_admin_url'] . '/database.php';
        $num_backups = count($backups);
        for ($i = 0; $i < $num_backups; $i++) {
            $downloadUrl = $thisUrl . '?mode=download&amp;file=' . urlencode($backups[$i]);
            $downloadLink = COM_createLink($backups[$i], $downloadUrl, array('title' => $LANG_DB_BACKUP['download']));
            $backupfile = $_CONF['backup_path'] . $backups[$i];
            $backupfilesize = COM_numberFormat(filesizeHelper($backupfile)) . ' <b>' . $LANG_DB_BACKUP['bytes'] . '</b>';
            $data_arr[$i] = array('file' => $downloadLink, 'size' => $backupfilesize, 'filename' => $backups[$i]);
        $token = SEC_createToken();
        $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/database.php?mode=backup&amp;' . CSRF_TOKEN . '=' . $token, 'text' => $LANG_ADMIN['create_new']));
        if ($_DB_dbms == 'mysql') {
            $menu_arr[] = array('url' => $thisUrl . '?mode=optimize', 'text' => $LANG_DB_BACKUP['optimize_menu']);
            if (innodb_supported()) {
                $menu_arr[] = array('url' => $thisUrl . '?mode=innodb', 'text' => $LANG_DB_BACKUP['convert_menu']);
        $menu_arr[] = array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']);
        $retval .= COM_startBlock($LANG_DB_BACKUP['last_ten_backups'], '', COM_getBlockTemplate('_admin_block', 'header'));
        $retval .= ADMIN_createMenu($menu_arr, "<p>{$LANG_DB_BACKUP['db_explanation']}</p>" . '<p>' . sprintf($LANG_DB_BACKUP['total_number'], $index) . '</p>', $_CONF['layout_url'] . '/images/icons/database.' . $_IMAGE_TYPE);
        $header_arr = array(array('text' => $LANG_DB_BACKUP['backup_file'], 'field' => 'file'), array('text' => $LANG_DB_BACKUP['size'], 'field' => 'size'));
        $text_arr = array('form_url' => $thisUrl);
        $form_arr = array('bottom' => '', 'top' => '');
        if ($num_backups > 0) {
            $form_arr['bottom'] = '<input type="hidden" name="mode" value="delete"' . XHTML . '>' . '<input type="hidden" name="' . CSRF_TOKEN . '" value="' . $token . '"' . XHTML . '>' . LB;
        $listoptions = array('chkdelete' => true, 'chkminimum' => 0, 'chkfield' => 'filename');
        $retval .= ADMIN_simpleList('', $header_arr, $text_arr, $data_arr, $listoptions, $form_arr);
        $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    } else {
        $retval .= COM_showMessageText($LANG_DB_BACKUP['no_access'], $LANG08[06]);
        COM_errorLog($_CONF['backup_path'] . ' is not writable.', 1);
    return $retval;
Exemplo n.º 15
function _createMailStory($sid)
    global $_CONF, $_TABLES, $LANG_DIRECTION, $LANG01, $LANG08;
    $story = new Story();
    $args = array('sid' => $sid, 'mode' => 'view');
    $output = STORY_LOADED_OK;
    $result = PLG_invokeService('story', 'get', $args, $output, $svc_msg);
    if ($result == PLG_RET_OK) {
        /* loadFromArray cannot be used, since it overwrites the timestamp */
        while (list($fieldname, $save) = each($story->_dbFields)) {
            $varname = '_' . $fieldname;
            if (array_key_exists($fieldname, $output)) {
                $story->{$varname} = $output[$fieldname];
        $story->_username = $output['username'];
        $story->_fullname = $output['fullname'];
    if ($output == STORY_PERMISSION_DENIED) {
        $display = COM_siteHeader('menu', $LANG_ACCESS['accessdenied']) . COM_showMessageText($LANG_ACCESS['storydenialmsg'], $LANG_ACCESS['accessdenied'], true, 'error') . COM_siteFooter();
        echo $display;
    } elseif ($output == STORY_INVALID_SID) {
    } else {
        $T = new Template($_CONF['path_layout'] . 'article');
        $T->set_file('article', 'mailable.thtml');
        list($cacheFile, $style_cache_url) = COM_getStyleCacheLocation();
        $T->set_var('direction', $LANG_DIRECTION);
        $T->set_var('css_url', $style_cache_url);
        $T->set_var('page_title', $_CONF['site_name'] . ': ' . $story->displayElements('title'));
        $T->set_var('story_title', $story->DisplayElements('title'));
        $T->set_var('story_subtitle', $story->DisplayElements('subtitle'));
        $story_image = $story->DisplayElements('story_image');
        if ($story_image != '') {
            $T->set_var('story_image', $story_image);
        } else {
        if ($_CONF['hidestorydate'] != 1) {
            $T->set_var('story_date', $story->displayElements('date'));
        if ($_CONF['contributedbyline'] == 1) {
            $T->set_var('lang_contributedby', $LANG01[1]);
            $authorname = COM_getDisplayName($story->displayElements('uid'));
            $T->set_var('author', $authorname);
            $T->set_var('story_author', $authorname);
            $T->set_var('story_author_username', $story->DisplayElements('username'));
        $T->set_var('story_introtext', $story->DisplayElements('introtext'));
        $T->set_var('story_bodytext', $story->DisplayElements('bodytext'));
        $T->set_var('site_name', $_CONF['site_name']);
        $T->set_var('site_slogan', $_CONF['site_slogan']);
        $T->set_var('story_id', $story->getSid());
        $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid());
        if ($story->DisplayElements('commentcode') >= 0) {
            $commentsUrl = $articleUrl . '#comments';
            $comments = $story->DisplayElements('comments');
            $numComments = COM_numberFormat($comments);
            $T->set_var('story_comments', $numComments);
            $T->set_var('comments_url', $commentsUrl);
            $T->set_var('comments_text', $numComments . ' ' . $LANG01[3]);
            $T->set_var('comments_count', $numComments);
            $T->set_var('lang_comments', $LANG01[3]);
            $comments_with_count = sprintf($LANG01[121], $numComments);
            if ($comments > 0) {
                $comments_with_count = COM_createLink($comments_with_count, $commentsUrl);
            $T->set_var('comments_with_count', $comments_with_count);
        $T->set_var('lang_full_article', $LANG08[33]);
        $T->set_var('article_url', $articleUrl);
        $T->parse('output', 'article');
        $htmlMsg = $T->finish($T->get_var('output'));
        return $htmlMsg;
Exemplo n.º 16
  *   Display the detail page for the event occurrence.
  *   @param  integer $rp_id  ID of the repeat to display
  *   @param  string  $query  Optional query string, for highlighting
  *   @param  string  $tpl    Optional template filename, e.g. 'event_print'
  *   @return string      HTML for the page.
 public function Render($rp_id = 0, $query = '', $tpl = '')
     $retval = '';
     $url = '';
     $location = '';
     $street = '';
     $city = '';
     $province = '';
     $country = '';
     $postal = '';
     $name = '';
     $email = '';
     $phone = '';
     if ($rp_id != 0) {
     if ($this->rp_id == 0) {
         return EVLIST_alertMessage($LANG_EVLIST['access_denied']);
     //update hit count
     $template = 'event';
     if (!empty($tpl)) {
         $template .= '_' . $tpl;
     } else {
         $template .= $_SYSTEM['framework'] == 'uikit' ? '.uikit' : '';
     $T = new Template(EVLIST_PI_PATH . '/templates/');
     $T->set_file(array('event' => $template . '.thtml', 'datetime' => 'date_time.thtml', 'address' => 'address.thtml', 'contact' => 'contact.thtml'));
     // If plain text then replace newlines with <br> tags
     if ($this->Event->postmode == '1') {
         $this->Event->Detail->summary = nl2br($this->Event->Detail->summary);
         $this->Event->Detail->full_description = nl2br($this->Event->Detail->full_description);
         $this->Event->Detail->location = nl2br($this->Event->Detail->location);
     $title = $this->Event->Detail->title;
     if ($this->postmode != 'plaintext') {
         $summary = PLG_replaceTags($this->Event->Detail->summary);
         $fulldescription = PLG_replaceTags($this->Event->Detail->full_description);
         $location = $this->Event->Detail->location != '' ? PLG_replaceTags($this->Event->Detail->location) : '';
     } else {
         $summary = $this->Event->Detail->summary;
         $fulldescription = $this->Event->Detail->full_description;
         $location = $this->Event->Detail->location;
     if ($query != '') {
         $title = COM_highlightQuery($title, $query);
         if (!empty($summary)) {
             $summary = COM_highlightQuery($summary, $query);
         if (!empty($fulldescription)) {
             $fulldescription = COM_highlightQuery($fulldescription, $query);
         if (!empty($location)) {
             $location = COM_highlightQuery($location, $query);
     $date_start = EVLIST_formattedDate($this->date_start);
     if ($this->date_start != $this->date_end) {
         $date_end = EVLIST_formattedDate($this->date_end);
     } else {
         $date_end = '';
     if ($this->Event->allday == '1') {
         $allday = '<br />' . $LANG_EVLIST['all_day_event'];
     } else {
         $allday = '';
         if ($this->time_start1 != '') {
             $time_start1 = EVLIST_formattedTime($this->time_start1);
             $time_end1 = EVLIST_formattedTime($this->time_end1);
         } else {
             $time_start1 = '';
             $time_end1 = '';
         //$time_period = $time_start . $time_end;
         if ($this->Event->split == '1') {
             $time_start2 = EVLIST_formattedTime($this->time_start2);
             $time_end2 = EVLIST_formattedTime($this->time_end2);
     $url = $this->Event->Detail->url;
     $street = $this->Event->Detail->street;
     $city = $this->Event->Detail->city;
     $province = $this->Event->Detail->province;
     $postal = $this->Event->Detail->postal;
     $country = $this->Event->Detail->country;
     // Now get the text description of the recurring interval, if any
     if ($this->Event->recurring && $this->Event->rec_data['type'] < EV_RECUR_DATES) {
         $rec_data = $this->Event->rec_data;
         $rec_string = $LANG_EVLIST['recur_freq_txt'] . ' ' . $this->Event->RecurDescrip();
         switch ($rec_data['type']) {
             case EV_RECUR_WEEKLY:
                 // sequential days
                 $weekdays = array();
                 if (is_array($rec_data['listdays'])) {
                     foreach ($rec_data['listdays'] as $daynum) {
                         $weekdays[] = $LANG_WEEK[$daynum];
                     $days_text = implode(', ', $weekdays);
                 } else {
                     $days_text = '';
                 $rec_string .= ' ' . sprintf($LANG_EVLIST['on_days'], $days_text);
             case EV_RECUR_DOM:
                 $days = array();
                 foreach ($rec_data['interval'] as $key => $day) {
                     $days[] = $LANG_EVLIST['rec_intervals'][$day];
                 $days_text = implode(', ', $days) . ' ' . $LANG_WEEK[$rec_data['weekday']];
                 $rec_string .= ' ' . sprintf($LANG_EVLIST['on_the_days'], $days_text);
         if ($this->Event->rec_data['stop'] != '' && $this->Event->rec_data['stop'] < EV_MAX_DATE) {
             $rec_string .= ' ' . sprintf($LANG_EVLIST['recur_stop_desc'], EVLIST_formattedDate($this->Event->rec_data['stop']));
     } else {
         $rec_string = '';
     $T->set_var(array('pi_url' => EVLIST_URL, 'webcal_url' => preg_replace('/^https?/', 'webcal', EVLIST_URL), 'rp_id' => $this->rp_id, 'ev_id' => $this->ev_id, 'title' => $title, 'summary' => $summary, 'full_description' => $fulldescription, 'can_edit' => $this->isAdmin ? 'true' : '', 'start_time1' => $time_start1, 'end_time1' => $time_end1, 'start_time2' => $time_start2, 'end_time2' => $time_end2, 'start_date' => $date_start, 'end_date' => $date_end, 'start_datetime1' => $date_start . $time_start, 'end_datetime1' => $date_end . $time_end, 'allday_event' => $this->Event->allday == 1 ? 'true' : '', 'is_recurring' => $this->Event->recurring, 'can_subscribe' => $this->Event->Calendar->cal_ena_ical, 'recurring_event' => $rec_string, 'owner_id' => $this->Event->owner_id, 'cal_name' => $this->Event->Calendar->cal_name, 'cal_id' => $this->Event->cal_id, 'site_name' => $_CONF['site_name'], 'site_slogan' => $_CONF['site_slogan'], 'more_info_link' => sprintf($LANG_EVLIST['click_here'], $url)));
     if ($_EV_CONF['enable_rsvp'] == 1 && $this->Event->options['use_rsvp'] > 0) {
         if ($this->Event->options['rsvp_cutoff'] > 0) {
             $dt = new Date($this->event->date_start1 . ' ' . $this->Event->time_start1, $_CONF['timezone']);
             if (time() > $dt->toUnix() - $this->Event->options['rsvp_cutoff'] * 86400) {
                 $past_cutoff = false;
             } else {
                 $past_cutoff = true;
         if (COM_isAnonUser()) {
             // Just show a must-log-in message
             $T->set_var('login_to_register', 'true');
         } elseif (!$past_cutoff) {
             $num_free_tickets = $this->isRegistered(0, true);
             $total_tickets = $this->isRegistered(0, false);
             if ($num_free_tickets > 0) {
                 // If the user is already registered for any free tickets,
                 // show the cancel link
                 $T->set_var(array('unregister_link' => 'true', 'num_free_reg' => $num_free_tickets));
             // Show the registration link
             if (($this->Event->options['max_rsvp'] == 0 || $this->Event->options['rsvp_waitlist'] == 1 || $this->Event->options['max_rsvp'] > $this->TotalRegistrations()) && ($this->Event->options['max_user_rsvp'] == 0 || $total_tickets < $this->Event->options['max_user_rsvp'])) {
                 $Ticks = evTicketType::GetTicketTypes();
                 if ($this->Event->options['max_user_rsvp'] > 0) {
                     $T->set_block('event', 'tickCntBlk', 'tcBlk');
                     $T->set_var('register_multi', true);
                     //$rsvp_user_count = '';
                     $avail_tickets = $this->Event->options['max_user_rsvp'] - $total_tickets;
                     for ($i = 1; $i <= $avail_tickets; $i++) {
                         $T->set_var('tick_cnt', $i);
                         $T->parse('tcBlk', 'tickCntBlk', true);
                         //$rsvp_user_count .= '<option value="'.$i.'">'.$i.
                         //        '</option>'.LB;
                     //$T->set_var('register_multi', $rsvp_user_count);
                 } else {
                     // max_rsvp == 0 indicates openended registration
                     $T->set_var('register_unltd', 'true');
                 $T->set_block('event', 'tickTypeBlk', 'tBlk');
                 foreach ($this->Event->options['tickets'] as $tick_id => $data) {
                     /*$options .= '<option value="' . $tick_id . '">' .
                       if ($data['fee'] > 0) {
                           $options .= ' - ' . COM_numberFormat($data['fee'], 2);
                       $options .= '</option>' . LB;*/
                     $status = LGLIB_invokeService('paypal', 'formatAmount', array('amount' => $data['fee']), $pp_fmt_amt, $svc_msg);
                     $fmt_amt = $status == PLG_RET_OK ? $pp_fmt_amt : COM_numberFormat($data['fee'], 2);
                     $T->set_var(array('tick_type' => $tick_id, 'tick_descr' => $Ticks[$tick_id]->description, 'tick_fee' => $data['fee'] > 0 ? $fmt_amt : 'FREE'));
                     $T->parse('tBlk', 'tickTypeBlk', true);
                 $T->set_var(array('register_link' => 'true', 'ticket_options' => $options, 'ticket_types_multi' => count($this->Event->options['tickets']) > 1 ? 'true' : ''));
         // If ticket printing is enabled for this event, see if the
         // current user has any tickets to print.
         if ($this->Event->options['rsvp_print'] > 0) {
             $paid = $this->Event->options['rsvp_print'] == 1 ? 'paid' : '';
             $tickets = evTicket::GetTickets($this->ev_id, '', $this->uid, $paid);
             if (count($tickets) > 0) {
                 $T->set_var('have_tickets', 'true');
     // if enable_rsvp
     if (!empty($date_start) || !empty($date_end)) {
         $T->parse('datetime_info', 'datetime');
     // Only process the location block if at least one element exists.
     // Don't want an empty block showing.
     if (!empty($location) || !empty($street) || !empty($city) || !empty($province) || !empty($postal)) {
         $T->set_var(array('location' => $location, 'street' => $street, 'city' => $city, 'province' => $province, 'country' => $country, 'postal' => $postal));
         $T->parse('address_info', 'address');
         // Get info from the Weather plugin, if configured and available
         // There has to be at least some location data for this to work.
         if ($_EV_CONF['use_weather']) {
             // The postal code works best, but not internationally.
             // Try the regular address first.
             $loc = '';
             if (!empty($city) && !empty($province)) {
                 $loc = $city . ', ' . $province . ' ' . $country;
             if (!empty($postal)) {
                 $loc .= ' ' . $postal;
             if (!empty($loc)) {
                 // Location info was found, get the weather
                 LGLIB_invokeService('weather', 'embed', array('loc' => $loc), $weather, $svc_msg);
                 if (!empty($weather)) {
                     // Weather info was found
                     $T->set_var('weather', $weather);
     // Get a map from the Locator plugin, if configured and available
     if ($_EV_CONF['use_locator'] == 1 && $this->Event->Detail->lat != 0 && $this->Event->Detail->lng != 0) {
         $status = LGLIB_invokeService('locator', 'getMap', array('lat' => $this->Event->Detail->lat, 'lng' => $this->Event->Detail->lng), $map, $svc_msg);
         if ($status == PLG_RET_OK) {
             $T->set_var(array('map' => $map, 'lat' => number_format($this->Event->Detail->lat, 8, '.', ''), 'lng' => number_format($this->Event->Detail->lng, 8, '.', '')));
     //put contact info here: contact, email, phone#
     $name = $this->Event->Detail->contact != '' ? COM_applyFilter($this->Event->Detail->contact) : '';
     if ($this->Event->Detail->email != '') {
         $email = COM_applyFilter($this->Event->Detail->email);
         $email = EVLIST_obfuscate($email);
     } else {
         $email = '';
     $phone = $this->Event->Detail->phone != '' ? COM_applyFilter($this->Event->Detail->phone) : '';
     if (!empty($name) || !empty($email) || !empty($phone)) {
         $T->set_var(array('name' => $name, 'email' => $email, 'phone' => $phone));
         $T->parse('contact_info', 'contact');
     // TODO: Is the range needed?
     if (!empty($range)) {
         $andrange = '&amp;range=' . $range;
     } else {
         $andrange = '&amp;range=2';
     if (!empty($cat)) {
         $andcat = '&amp;cat=' . $cat;
     } else {
         $andcat = '';
     $cats = $this->Event->GetCategories();
     $catcount = count($cats);
     if ($catcount > 0) {
         $catlinks = array();
         for ($i = 0; $i < $catcount; $i++) {
             $catlinks[] = '<a href="' . COM_buildURL(EVLIST_URL . '/index.php?op=list' . $andrange . '&cat=' . $cats[$i]['id']) . '">' . $cats[$i]['name'] . '</a>&nbsp;';
         $catlink = join('|&nbsp;', $catlinks);
         $T->set_var('category_link', $catlink, true);
     //  reminders must be enabled globally first and then per event in
     //  order to be active
     if (!isset($_EV_CONF['reminder_days'])) {
         $_EV_CONF['reminder_days'] = 1;
     $hasReminder = 0;
     if ($_EV_CONF['enable_reminders'] == '1' && $this->Event->enable_reminders == '1' && time() < strtotime("-" . $_EV_CONF['reminder_days'] . " days", strtotime($this->date_start))) {
         //form will not appear within XX days of scheduled event.
         $show_reminders = true;
         // Let's see if we have already asked for a reminder...
         if ($_USER['uid'] > 1) {
             $hasReminder = DB_count($_TABLES['evlist_remlookup'], array('eid', 'uid', 'rp_id'), array($this->ev_id, $_USER['uid'], $this->rp_id));
     } else {
         $show_reminders = false;
     if ($this->Event->options['contactlink'] == 1) {
         $ownerlink = $_CONF['site_url'] . '/profiles.php?uid=' . $this->Event->owner_id;
         $ownerlink = sprintf($LANG_EVLIST['contact_us'], $ownerlink);
     } else {
         $ownerlink = '';
     $T->set_var(array('owner_link' => $ownerlink, 'reminder_set' => $hasReminder ? 'true' : 'false', 'reminder_email' => isset($_USER['email']) ? $_USER['email'] : '', 'notice' => 1, 'rp_id' => $this->rp_id, 'eid' => $this->ev_id, 'show_reminderform' => $show_reminders ? 'true' : ''));
     $tick_types = evTicketType::GetTicketTypes();
     $T->set_block('event', 'registerBlock', 'rBlock');
     if (is_array($this->Event->options['tickets'])) {
         foreach ($this->Event->options['tickets'] as $tic_type => $info) {
             $T->set_var(array('tic_description' => $tick_types[$tic_type]->description, 'tic_fee' => COM_numberFormat($info['fee'], 2)));
             $T->parse('rBlock', 'registerBlock', true);
     // Show the "manage reservations" link to the event owner
     if ($_EV_CONF['enable_rsvp'] == 1 && $this->Event->options['use_rsvp'] > 0) {
         if ($this->isAdmin) {
             $T->set_var('admin_rsvp', EVLIST_adminRSVP($this->rp_id));
     $T->parse('output', 'event');
     $retval .= $T->finish($T->get_var('output'));
     return $retval;
Exemplo n.º 17
function _fm_getListField_forum($fieldname, $fieldvalue, $A, $icon_arr)
    global $_CONF, $_USER, $_TABLES, $LANG_ADMIN, $LANG04, $LANG28, $_IMAGE_TYPE;
    global $_FF_CONF, $_SYSTEM, $LANG_GF02;
    $retval = '';
    $dt = new Date('now', $_USER['tzid']);
    switch ($fieldname) {
        case 'date':
            $retval = $dt->format('M d, Y', true);
        case 'size':
            if (!empty($fieldvalue) && $fieldvalue > 0) {
                $kb = $fieldvalue / 1024;
                $mb = $kb / 1024;
                $retval = COM_numberFormat($kb) . ' kb';
            } else {
                $retval = 'Remote';
        case 'edit':
            $attr['title'] = $LANG_ADMIN['edit'];
            $retval = COM_createLink($icon_arr['edit'], $_CONF['site_admin_url'] . '/plugins/filemgmt/index.php?lid=' . $A['lid'] . '&amp;op=modDownload', $attr);
            $retval = $fieldvalue;
    return $retval;
Exemplo n.º 18
 * Takes an article class and renders HTML in the specified template and style.
 * Formats the given article into HTML. Called by index.php, article.php,
 * submit.php and admin/story.php (Preview mode for the last two).
 * @param   object  $story      The story to display, an instance of the Story class.
 * @param   string  $index      n = 'Compact display' for list of stories. p = 'Preview' mode. Else full display of article.
 * @param   string  $storytpl   The template to use to render the story.
 * @param   string  $query      A search query, if one was specified.
 * @return  string  Article as formated HTML.
 * Note: Formerly named COM_Article, and re-written totally since then.
function STORY_renderArticle(&$story, $index = '', $storytpl = 'storytext.thtml', $query = '')
    global $_CONF, $_TABLES, $_USER, $LANG01, $LANG05, $LANG11, $LANG_TRB, $_IMAGE_TYPE, $mode;
    static $storycounter = 0;
    if (empty($storytpl)) {
        $storytpl = 'storytext.thtml';
    $introtext = $story->displayElements('introtext');
    $bodytext = $story->displayElements('bodytext');
    if (!empty($query)) {
        $introtext = COM_highlightQuery($introtext, $query);
        $bodytext = COM_highlightQuery($bodytext, $query);
    $article = new Template($_CONF['path_layout']);
    $article->set_file(array('article' => $storytpl, 'bodytext' => 'storybodytext.thtml', 'featuredarticle' => 'featuredstorytext.thtml', 'featuredbodytext' => 'featuredstorybodytext.thtml', 'archivearticle' => 'archivestorytext.thtml', 'archivebodytext' => 'archivestorybodytext.thtml'));
    $article->set_var('xhtml', XHTML);
    $article->set_var('layout_url', $_CONF['layout_url']);
    $article->set_var('site_url', $_CONF['site_url']);
    $article->set_var('site_admin_url', $_CONF['site_admin_url']);
    $article->set_var('site_name', $_CONF['site_name']);
    $article->set_var('story_date', $story->DisplayElements('date'));
    $article->set_var('story_date_short', $story->DisplayElements('shortdate'));
    $article->set_var('story_date_only', $story->DisplayElements('dateonly'));
    if ($_CONF['hideviewscount'] != 1) {
        $article->set_var('lang_views', $LANG01[106]);
        $article->set_var('story_hits', $story->DisplayElements('hits'));
    $article->set_var('story_id', $story->getSid());
    if ($_CONF['contributedbyline'] == 1) {
        $article->set_var('lang_contributed_by', $LANG01[1]);
        $article->set_var('contributedby_uid', $story->DisplayElements('uid'));
        $fullname = $story->DisplayElements('fullname');
        $username = $story->DisplayElements('username');
        $article->set_var('contributedby_user', $username);
        if (empty($fullname)) {
            $article->set_var('contributedby_fullname', $username);
        } else {
            $article->set_var('contributedby_fullname', $fullname);
        $authorname = COM_getDisplayName($story->DisplayElements('uid'), $username, $fullname);
        $article->set_var('contributedby_author', $authorname);
        $article->set_var('author', $authorname);
        if ($story->DisplayElements('uid') > 1) {
            $profileUrl = $_CONF['site_url'] . '/users.php?mode=profile&amp;uid=' . $story->DisplayElements('uid');
            $article->set_var('start_contributedby_anchortag', '<a class="storybyline" href="' . $profileUrl . '">');
            $article->set_var('end_contributedby_anchortag', '</a>');
            $article->set_var('contributedby_url', $profileUrl);
        $photo = '';
        if ($_CONF['allow_user_photo'] == 1) {
            $authphoto = $story->DisplayElements('photo');
            if (empty($authphoto)) {
                $authphoto = '(none)';
                // user does not have a photo
            $photo = USER_getPhoto($story->DisplayElements('uid'), $authphoto, $story->DisplayElements('email'));
        if (!empty($photo)) {
            $article->set_var('contributedby_photo', $photo);
            $article->set_var('author_photo', $photo);
            $camera_icon = '<img src="' . $_CONF['layout_url'] . '/images/smallcamera.' . $_IMAGE_TYPE . '" alt=""' . XHTML . '>';
            $article->set_var('camera_icon', COM_createLink($camera_icon, $profileUrl));
        } else {
            $article->set_var('contributedby_photo', '');
            $article->set_var('author_photo', '');
            $article->set_var('camera_icon', '');
    $topicname = $story->DisplayElements('topic');
    $article->set_var('story_topic_id', $story->DisplayElements('tid'));
    $article->set_var('story_topic_name', $topicname);
    $topicurl = $_CONF['site_url'] . '/index.php?topic=' . $story->DisplayElements('tid');
    if ((!isset($_USER['noicons']) or $_USER['noicons'] != 1) and $story->DisplayElements('show_topic_icon') == 1) {
        $imageurl = $story->DisplayElements('imageurl');
        if (!empty($imageurl)) {
            $imageurl = COM_getTopicImageUrl($imageurl);
            $article->set_var('story_topic_image_url', $imageurl);
            $topicimage = '<img src="' . $imageurl . '" class="float' . $_CONF['article_image_align'] . '" alt="' . $topicname . '" title="' . $topicname . '"' . XHTML . '>';
            $article->set_var('story_anchortag_and_image', COM_createLink($topicimage, $topicurl, array('rel' => "category")));
            $article->set_var('story_topic_image', $topicimage);
            $topicimage_noalign = '<img src="' . $imageurl . '" alt="' . $topicname . '" title="' . $topicname . '"' . XHTML . '>';
            $article->set_var('story_anchortag_and_image_no_align', COM_createLink($topicimage_noalign, $topicurl, array('rel' => "category")));
            $article->set_var('story_topic_image_no_align', $topicimage_noalign);
    $article->set_var('story_topic_url', $topicurl);
    $recent_post_anchortag = '';
    $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid());
    $article->set_var('story_title', $story->DisplayElements('title'));
    $article->set_var('lang_permalink', $LANG01[127]);
    $show_comments = true;
    // n = 'Compact display' for list of stories. p = 'Preview' mode.
    if ($index != 'n' && $index != 'p' || !empty($query)) {
        $attributes = ' class="non-ul"';
        $attr_array = array('class' => 'non-ul');
        if (!empty($query)) {
            $attributes .= ' rel="bookmark"';
            $attr_array['rel'] = 'bookmark';
        $article->set_var('start_storylink_anchortag', '<a href="' . $articleUrl . '"' . $attributes . '>');
        $article->set_var('end_storylink_anchortag', '</a>');
        $article->set_var('story_title_link', COM_createLink($story->DisplayElements('title'), $articleUrl, $attr_array));
    } else {
        $article->set_var('story_title_link', $story->DisplayElements('title'));
    if ($index == 'n' || $index == 'p') {
        if (empty($bodytext)) {
            $article->set_var('story_introtext', $introtext);
            $article->set_var('story_text_no_br', $introtext);
        } else {
            if ($_CONF['allow_page_breaks'] == 1 and $index == 'n') {
                $story_page = 1;
                // page selector
                if (is_numeric($mode)) {
                    $story_page = $mode;
                    if ($story_page <= 0) {
                        $story_page = 1;
                        $mode = 0;
                    } elseif ($story_page > 1) {
                        $introtext = '';
                $article_array = explode('[page_break]', $bodytext);
                $pagelinks = COM_printPageNavigation($articleUrl, $story_page, count($article_array), 'mode=', $_CONF['url_rewrite'], $LANG01[118]);
                if (count($article_array) > 1) {
                    $bodytext = $article_array[$story_page - 1];
                $article->set_var('page_selector', $pagelinks);
                if ($_CONF['page_break_comments'] == 'last' and $story_page < count($article_array) or $_CONF['page_break_comments'] == 'first' and $story_page != 1) {
                    $show_comments = false;
                $article->set_var('story_page', $story_page);
            $article->set_var('story_introtext', $introtext . '<br' . XHTML . '><br' . XHTML . '>' . $bodytext);
            $article->set_var('story_text_no_br', $introtext . ' ' . $bodytext);
        $article->set_var('story_introtext_only', $introtext);
        $article->set_var('story_bodytext_only', $bodytext);
        if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled']) && SEC_hasRights('story.ping')) {
            $url = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&amp;id=' . $story->getSid();
            $article->set_var('send_trackback_link', COM_createLink($LANG_TRB['send_trackback'], $url));
            $pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.' . $_IMAGE_TYPE . '" alt="' . $LANG_TRB['send_trackback'] . '" title="' . $LANG_TRB['send_trackback'] . '"' . XHTML . '>';
            $article->set_var('send_trackback_icon', COM_createLink($pingico, $url));
            $article->set_var('send_trackback_url', $url);
            $article->set_var('lang_send_trackback_text', $LANG_TRB['send_trackback']);
        $article->set_var('story_display', $index == 'p' ? 'preview' : 'article');
        $article->set_var('story_counter', 0);
    } else {
        $article->set_var('story_introtext', $introtext);
        $article->set_var('story_text_no_br', $introtext);
        $article->set_var('story_introtext_only', $introtext);
        if (!empty($bodytext)) {
            $article->set_var('lang_readmore', $LANG01[2]);
            $article->set_var('lang_readmore_words', $LANG01[62]);
            $numwords = COM_numberFormat(count(explode(' ', COM_getTextContent($bodytext))));
            $article->set_var('readmore_words', $numwords);
            $article->set_var('readmore_link', COM_createLink($LANG01[2], $articleUrl, array('class' => 'story-read-more-link')) . ' (' . $numwords . ' ' . $LANG01[62] . ') ');
            $article->set_var('start_readmore_anchortag', '<a href="' . $articleUrl . '" class="story-read-more-link">');
            $article->set_var('end_readmore_anchortag', '</a>');
            $article->set_var('read_more_class', 'class="story-read-more-link"');
        if ($story->DisplayElements('commentcode') >= 0 and $show_comments) {
            $commentsUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()) . '#comments';
            $article->set_var('comments_url', $commentsUrl);
            $article->set_var('comments_text', COM_numberFormat($story->DisplayElements('comments')) . ' ' . $LANG01[3]);
            $article->set_var('comments_count', COM_numberFormat($story->DisplayElements('comments')));
            $article->set_var('lang_comments', $LANG01[3]);
            $comments_with_count = sprintf($LANG01[121], COM_numberFormat($story->DisplayElements('comments')));
            if ($story->DisplayElements('comments') > 0) {
                $result = DB_query("SELECT UNIX_TIMESTAMP(date) AS day,username,fullname,{$_TABLES['comments']}.uid as cuid FROM {$_TABLES['comments']},{$_TABLES['users']} WHERE {$_TABLES['users']}.uid = {$_TABLES['comments']}.uid AND sid = '" . $story->getsid() . "' ORDER BY date desc LIMIT 1");
                $C = DB_fetchArray($result);
                $recent_post_anchortag = '<span class="storybyline">' . $LANG01[27] . ': ' . strftime($_CONF['daytime'], $C['day']) . ' ' . $LANG01[104] . ' ' . COM_getDisplayName($C['cuid'], $C['username'], $C['fullname']) . '</span>';
                $article->set_var('comments_with_count', COM_createLink($comments_with_count, $commentsUrl));
                $article->set_var('start_comments_anchortag', '<a href="' . $commentsUrl . '">');
                $article->set_var('end_comments_anchortag', '</a>');
            } else {
                $article->set_var('comments_with_count', $comments_with_count);
                $recent_post_anchortag = COM_createLink($LANG01[60], $_CONF['site_url'] . '/comment.php?sid=' . $story->getsid() . '&amp;pid=0&amp;type=article');
            if ($story->DisplayElements('commentcode') == 0) {
                $postCommentUrl = $_CONF['site_url'] . '/comment.php?sid=' . $story->getSid() . '&amp;pid=0&amp;type=article';
                $article->set_var('post_comment_link', COM_createLink($LANG01[60], $postCommentUrl, array('rel' => 'nofollow')));
                    $article->set_var( 'subscribe_link',
                            COM_createLink('Nubbies', '', array('rel' => 'nofollow'))
                $article->set_var('lang_post_comment', $LANG01[60]);
                $article->set_var('start_post_comment_anchortag', '<a href="' . $postCommentUrl . '" rel="nofollow">');
                $article->set_var('end_post_comment_anchortag', '</a>');
        if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled']) && $story->DisplayElements('trackbackcode') >= 0 && $show_comments) {
            $num_trackbacks = COM_numberFormat($story->DisplayElements('trackbacks'));
            $trackbacksUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()) . '#trackback';
            $article->set_var('trackbacks_url', $trackbacksUrl);
            $article->set_var('trackbacks_text', $num_trackbacks . ' ' . $LANG_TRB['trackbacks']);
            $article->set_var('trackbacks_count', $num_trackbacks);
            $article->set_var('lang_trackbacks', $LANG_TRB['trackbacks']);
            $article->set_var('trackbacks_with_count', COM_createLink(sprintf($LANG01[122], $num_trackbacks), $trackbacksUrl));
            if (SEC_hasRights('story.ping')) {
                $pingurl = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&amp;id=' . $story->getSid();
                $pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.' . $_IMAGE_TYPE . '" alt="' . $LANG_TRB['send_trackback'] . '" title="' . $LANG_TRB['send_trackback'] . '"' . XHTML . '>';
                $article->set_var('send_trackback_icon', COM_createLink($pingico, $pingurl));
            if ($story->DisplayElements('trackbacks') > 0) {
                $article->set_var('trackbacks_with_count', COM_createLink(sprintf($LANG01[122], $num_trackbacks), $trackbacksUrl));
            } else {
                $article->set_var('trackbacks_with_count', sprintf($LANG01[122], $num_trackbacks));
        if ($_CONF['hideemailicon'] == 1 || empty($_USER['username']) && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
            $article->set_var('email_icon', '');
        } else {
            $emailUrl = $_CONF['site_url'] . '/profiles.php?sid=' . $story->getSid() . '&amp;what=emailstory';
            $emailicon = '<img src="' . $_CONF['layout_url'] . '/images/mail.' . $_IMAGE_TYPE . '" alt="' . $LANG01[64] . '" title="' . $LANG11[2] . '"' . XHTML . '>';
            $article->set_var('email_icon', COM_createLink($emailicon, $emailUrl));
            $article->set_var('email_story_url', $emailUrl);
            $article->set_var('lang_email_story', $LANG11[2]);
            $article->set_var('lang_email_story_alt', $LANG01[64]);
        $printUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '&amp;mode=print');
        if ($_CONF['hideprintericon'] == 1) {
            $article->set_var('print_icon', '');
        } else {
            $printicon = '<img src="' . $_CONF['layout_url'] . '/images/print.' . $_IMAGE_TYPE . '" alt="' . $LANG01[65] . '" title="' . $LANG11[3] . '"' . XHTML . '>';
            $article->set_var('print_icon', COM_createLink($printicon, $printUrl, array('rel' => 'nofollow')));
            $article->set_var('print_story_url', $printUrl);
            $article->set_var('lang_print_story', $LANG11[3]);
            $article->set_var('lang_print_story_alt', $LANG01[65]);
        $article->set_var('story_display', 'index');
        $article->set_var('story_counter', $storycounter);
    $article->set_var('article_url', $articleUrl);
    $article->set_var('recent_post_anchortag', $recent_post_anchortag);
    if ($story->checkAccess() == 3 and SEC_hasrights('story.edit') and $index != 'p') {
        $article->set_var('edit_link', COM_createLink($LANG01[4], $_CONF['site_admin_url'] . '/story.php?mode=edit&amp;sid=' . $story->getSid()));
        $article->set_var('edit_url', $_CONF['site_admin_url'] . '/story.php?mode=edit&amp;sid=' . $story->getSid());
        $article->set_var('lang_edit_text', $LANG01[4]);
        $editicon = $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE;
        $editiconhtml = '<img src="' . $editicon . '" alt="' . $LANG01[4] . '" title="' . $LANG01[4] . '"' . XHTML . '>';
        $article->set_var('edit_icon', COM_createLink($editiconhtml, $_CONF['site_admin_url'] . '/story.php?mode=edit&amp;sid=' . $story->getSid()));
        $article->set_var('edit_image', $editiconhtml);
    if ($story->DisplayElements('featured') == 1) {
        $article->set_var('lang_todays_featured_article', $LANG05[4]);
        $article->parse('story_bodyhtml', 'featuredbodytext', true);
        PLG_templateSetVars('featuredstorytext', $article);
        $article->parse('finalstory', 'featuredarticle');
    } elseif ($story->DisplayElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE and $story->DisplayElements('expire') <= time()) {
        $article->parse('story_bodyhtml', 'archivestorybodytext', true);
        PLG_templateSetVars('archivestorytext', $article);
        $article->parse('finalstory', 'archivearticle');
    } else {
        $article->parse('story_bodyhtml', 'bodytext', true);
        PLG_templateSetVars('storytext', $article);
        $article->parse('finalstory', 'article');
    return $article->finish($article->get_var('finalstory'));
Exemplo n.º 19
 * Takes an article class and renders HTML in the specified template and style.
 * Formats the given article into HTML. Called by index.php, article.php,
 * submit.php and admin/story.php (Preview mode for the last two).
 * @param   Story  $story    The story to display, an instance of the Story class.
 * @param   string $index    n = Full display of article. p = 'Preview' mode. Else introtext only.
 * @param   string $storyTpl The template to use to render the story.
 * @param   string $query    A search query, if one was specified.
 * @return  string           Article as formatted HTML.
 *                            Note: Formerly named COM_Article, and re-written totally since then.
function STORY_renderArticle($story, $index = '', $storyTpl = 'storytext.thtml', $query = '')
    global $_CONF, $_TABLES, $_USER, $LANG01, $LANG05, $LANG11, $LANG_TRB, $_IMAGE_TYPE, $mode;
    static $storyCounter = 0;
    if ($story->DisplayElements('featured') == 1) {
        $article_filevar = 'featuredarticle';
    } elseif ($story->DisplayElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE && $story->DisplayElements('expire') <= time()) {
        $article_filevar = 'archivearticle';
    } else {
        $article_filevar = 'article';
    if (empty($storyTpl)) {
        $storyTpl = 'storytext.thtml';
    // Change article template file with the topic (feature request #275)
    $templateDir = $_CONF['path_layout'];
    $topicDir = $templateDir . 'topics/' . $story->DisplayElements('tid') . '/';
    if (is_dir($topicDir) && file_exists($topicDir . $storyTpl)) {
        $templateDir = $topicDir;
    $article = COM_newTemplate($templateDir);
    $article->set_file(array('article' => $storyTpl, 'bodytext' => 'storybodytext.thtml', 'featuredarticle' => 'featuredstorytext.thtml', 'featuredbodytext' => 'featuredstorybodytext.thtml', 'archivearticle' => 'archivestorytext.thtml', 'archivebodytext' => 'archivestorybodytext.thtml'));
    // begin instance caching...
    $cache_time = $story->DisplayElements('cache_time');
    $current_article_tid = $story->DisplayElements('tid');
    $retval = false;
    // If stays false will rebuild article and not used cache (checks done below)
    if ($cache_time > 0 || $cache_time == -1) {
        $hash = CACHE_security_hash();
        $cacheInstance = 'article__' . $story->getSid() . '_' . $index . $mode . '_' . $article_filevar . '_' . $current_article_tid . '_' . $hash . '_' . $_USER['theme'];
        if ($_CONF['cache_templates']) {
            $retval = $article->check_instance($cacheInstance, $article_filevar);
        } else {
            $retval = CACHE_check_instance($cacheInstance);
        if ($retval && $cache_time == -1) {
            // Cache file found so use it since no time limit set to recreate
        } elseif ($retval && $cache_time > 0) {
            $lu = CACHE_get_instance_update($cacheInstance);
            $now = time();
            if ($now - $lu < $cache_time) {
                // Cache file found so use it since under time limit set to recreate
            } else {
                // generate article and create cache file
                // Cache time is not built into template caching so need to delete it manually and reset $retval
                if ($_CONF['cache_templates']) {
                    // Need to close and recreate template class since issues arise when theme templates are cached
                    // Close template class
                    $article = COM_newTemplate($_CONF['path_layout']);
                    $article->set_file(array('article' => $storyTpl, 'bodytext' => 'storybodytext.thtml', 'featuredarticle' => 'featuredstorytext.thtml', 'featuredbodytext' => 'featuredstorybodytext.thtml', 'archivearticle' => 'archivestorytext.thtml', 'archivebodytext' => 'archivestorybodytext.thtml'));
                } else {
                    // theme templates are not cache so can go ahead and delete story cache
                $retval = false;
        } else {
            // Need to reset especially if caching is disabled for a certain story but template caching has been enabled for the theme
            $retval = false;
    $articleUrl = COM_buildURL($_CONF['site_url'] . '/article.php?story=' . $story->getSid());
    $article->set_var('article_url', $articleUrl);
    $article->set_var('story_title', $story->DisplayElements('title'));
    // Date formatting set by user therefore cannot be cached
    $article->set_var('story_date', $story->DisplayElements('date'), false, true);
    $article->set_var('story_datetime', $story->DisplayElements('datetime'), false, true);
    // Story views increase with every visit so cannot be cached
    if ($_CONF['hideviewscount'] != 1) {
        $article->set_var('lang_views', $LANG01[106], false, true);
        $article->set_var('story_hits', $story->DisplayElements('hits'), false, true);
    // Topic Icon is user configurable so do not cache
    $topicname = $story->DisplayElements('topic');
    $topicurl = COM_buildURL($_CONF['site_url'] . '/index.php?topic=' . $story->DisplayElements('tid'));
    if ((!isset($_USER['noicons']) || $_USER['noicons'] != 1) && $story->DisplayElements('show_topic_icon') == 1) {
        $imageurl = $story->DisplayElements('imageurl');
        if (!empty($imageurl)) {
            $imageurl = COM_getTopicImageUrl($imageurl);
            $article->set_var('story_topic_image_url', $imageurl, false, true);
            $topicimage = '<img src="' . $imageurl . '" class="float' . $_CONF['article_image_align'] . '" alt="' . $topicname . '" title="' . $topicname . '"' . XHTML . '>';
            $article->set_var('story_anchortag_and_image', COM_createLink($topicimage, $topicurl, array()), false, true);
            $article->set_var('story_topic_image', $topicimage, false, true);
            $topicimage_noalign = '<img src="' . $imageurl . '" alt="' . $topicname . '" title="' . $topicname . '"' . XHTML . '>';
            $article->set_var('story_anchortag_and_image_no_align', COM_createLink($topicimage_noalign, $topicurl, array()), false, true);
            $article->set_var('story_topic_image_no_align', $topicimage_noalign, false, true);
    // Main article content
    if ($index == 'p') {
        $introtext = $story->getPreviewText('introtext');
        $bodytext = $story->getPreviewText('bodytext');
    } else {
        $introtext = $story->displayElements('introtext');
        $bodytext = $story->displayElements('bodytext');
    $readmore = empty($bodytext) ? 0 : 1;
    $numwords = COM_numberFormat(count(explode(' ', COM_getTextContent($bodytext))));
    if (COM_onFrontpage()) {
        $bodytext = '';
    if (!empty($query)) {
        $introtext = COM_highlightQuery($introtext, $query);
        $bodytext = COM_highlightQuery($bodytext, $query);
    // Create article only if preview, or query not empty, or if no cache version or cache version is not required
    if ($index == 'p' || !empty($query) || !$retval) {
        $article->set_var('article_filevar', '');
        $article->set_var('site_name', $_CONF['site_name']);
        //$article->set_var( 'story_date', $story->DisplayElements('date') );
        $article->set_var('story_date_short', $story->DisplayElements('shortdate'));
        $article->set_var('story_date_only', $story->DisplayElements('dateonly'));
        $article->set_var('story_id', $story->getSid());
        if ($_CONF['contributedbyline'] == 1) {
            $article->set_var('lang_contributed_by', $LANG01[1]);
            $article->set_var('contributedby_uid', $story->DisplayElements('uid'));
            $fullname = $story->DisplayElements('fullname');
            $username = $story->DisplayElements('username');
            $article->set_var('contributedby_user', $username);
            if (empty($fullname)) {
                $article->set_var('contributedby_fullname', $username);
            } else {
                $article->set_var('contributedby_fullname', $fullname);
            $authorname = COM_getDisplayName($story->DisplayElements('uid'), $username, $fullname);
            $article->set_var('contributedby_author', $authorname);
            $article->set_var('author', $authorname);
            $profileUrl = '';
            if ($story->DisplayElements('uid') > 1) {
                $profileUrl = $_CONF['site_url'] . '/users.php?mode=profile&amp;uid=' . $story->DisplayElements('uid');
                $article->set_var('start_contributedby_anchortag', '<a class="storybyline" href="' . $profileUrl . '" rel="author">');
                $article->set_var('end_contributedby_anchortag', '</a>');
                $article->set_var('contributedby_url', $profileUrl);
            $photo = '';
            if ($_CONF['allow_user_photo'] == 1) {
                $authphoto = $story->DisplayElements('photo');
                if (empty($authphoto)) {
                    $authphoto = '(none)';
                    // user does not have a photo
                $photo = USER_getPhoto($story->DisplayElements('uid'), $authphoto, $story->DisplayElements('email'));
            if (!empty($photo)) {
                $article->set_var('contributedby_photo', $photo);
                $article->set_var('author_photo', $photo);
                $camera_icon = '<img src="' . $_CONF['layout_url'] . '/images/smallcamera.' . $_IMAGE_TYPE . '" alt=""' . XHTML . '>';
                $article->set_var('camera_icon', COM_createLink($camera_icon, $profileUrl));
            } else {
                $article->set_var('contributedby_photo', '');
                $article->set_var('author_photo', '');
                $article->set_var('camera_icon', '');
        $article->set_var('story_topic_id', $story->DisplayElements('tid'));
        $article->set_var('story_topic_name', $topicname);
        $article->set_var('story_topic_url', $topicurl);
        $recent_post_anchortag = '';
        $article->set_var('lang_permalink', $LANG01[127]);
        $show_comments = true;
        // n = Full display of article. p = 'Preview' mode.
        if ($index != 'n' && $index != 'p' || !empty($query)) {
            $attributes = ' class="non-ul"';
            $attr_array = array('class' => 'non-ul');
            if (!empty($query)) {
                $attributes .= ' rel="bookmark"';
                $attr_array['rel'] = 'bookmark';
            $article->set_var('start_storylink_anchortag', '<a href="' . $articleUrl . '"' . $attributes . '>');
            $article->set_var('end_storylink_anchortag', '</a>');
            $article->set_var('story_title_link', COM_createLink($story->DisplayElements('title'), $articleUrl, $attr_array));
        } else {
            $article->set_var('story_title_link', $story->DisplayElements('title'));
        $related_topics = '';
        if ($index == 'n') {
            if ($_CONF['supported_version_theme'] == '1.8.1') {
                $article->set_var('breadcrumb_trail', TOPIC_breadcrumbs('article', $story->getSid()));
            if ($_CONF['related_topics'] > 0) {
                $related_topics = TOPIC_relatedTopics('article', $story->getSid(), $_CONF['related_topics_max']);
                $article->set_var('related_topics', $related_topics);
        } elseif ($index != 'p') {
            if ($_CONF['related_topics'] > 1) {
                $related_topics = TOPIC_relatedTopics('article', $story->getSid(), $_CONF['related_topics_max']);
                $article->set_var('related_topics', $related_topics);
        $page_selector = '';
        $readmore_link = '';
        $post_comment_link = '';
        $plugin_itemdisplay = '';
        $comments_with_count = '';
        $trackbacks_with_count = '';
        if ($index == 'n' || $index == 'p') {
            if (empty($bodytext)) {
                $article->set_var('story_introtext', $introtext);
                $article->set_var('story_text_no_br', $introtext);
            } else {
                if ($_CONF['allow_page_breaks'] == 1 && $index == 'n') {
                    $story_page = 1;
                    // page selector
                    if (is_numeric($mode)) {
                        $story_page = $mode;
                        if ($story_page <= 0) {
                            $story_page = 1;
                            $mode = 0;
                        } elseif ($story_page > 1) {
                            $introtext = '';
                    $article_array = explode('[page_break]', $bodytext);
                    $page_break_count = count($article_array);
                    if ($story_page > $page_break_count) {
                        // Can't have page count greater than actual number of pages
                        $story_page = $page_break_count;
                    $page_selector = COM_printPageNavigation($articleUrl, $story_page, $page_break_count, 'mode=', $_CONF['url_rewrite'], $LANG01[118]);
                    if (count($article_array) > 1) {
                        $bodytext = $article_array[$story_page - 1];
                    $article->set_var('page_selector', $page_selector);
                    if ($_CONF['page_break_comments'] == 'last' && $story_page < count($article_array) || $_CONF['page_break_comments'] == 'first' && $story_page != 1) {
                        $show_comments = false;
                    $article->set_var('story_page', $story_page);
                $article->set_var('story_introtext', $introtext . '<br' . XHTML . '><br' . XHTML . '>' . $bodytext);
                $article->set_var('story_text_no_br', $introtext . ' ' . $bodytext);
            $article->set_var('story_introtext_only', $introtext);
            $article->set_var('story_bodytext_only', $bodytext);
            if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled']) && SEC_hasRights('story.ping')) {
                $url = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&amp;id=' . $story->getSid();
                $article->set_var('send_trackback_link', COM_createLink($LANG_TRB['send_trackback'], $url));
                $pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.' . $_IMAGE_TYPE . '" alt="' . $LANG_TRB['send_trackback'] . '" title="' . $LANG_TRB['send_trackback'] . '"' . XHTML . '>';
                $article->set_var('send_trackback_icon', COM_createLink($pingico, $url));
                $article->set_var('send_trackback_url', $url);
                $article->set_var('lang_send_trackback_text', $LANG_TRB['send_trackback']);
            $article->set_var('story_display', $index == 'p' ? 'preview' : 'article');
            $article->set_var('story_counter', 0);
        } else {
            $article->set_var('story_introtext', $introtext);
            $article->set_var('story_text_no_br', $introtext);
            $article->set_var('story_introtext_only', $introtext);
            if ($readmore) {
                $article->set_var('lang_readmore', $LANG01[2]);
                $article->set_var('lang_readmore_words', $LANG01[62]);
                $article->set_var('readmore_words', $numwords);
                $readmore_link = COM_createLink($LANG01[2], $articleUrl, array('class' => 'story-read-more-link')) . ' (' . $numwords . ' ' . $LANG01[62] . ') ';
                $article->set_var('readmore_link', $readmore_link);
                $article->set_var('start_readmore_anchortag', '<a href="' . $articleUrl . '" class="story-read-more-link">');
                $article->set_var('end_readmore_anchortag', '</a>');
                $article->set_var('read_more_class', 'class="story-read-more-link"');
            if ($story->DisplayElements('commentcode') >= 0 && $show_comments) {
                $commentsUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()) . '#comments';
                $article->set_var('comments_url', $commentsUrl);
                $article->set_var('comments_text', COM_numberFormat($story->DisplayElements('comments')) . ' ' . $LANG01[3]);
                $article->set_var('comments_count', COM_numberFormat($story->DisplayElements('comments')));
                $article->set_var('lang_comments', $LANG01[3]);
                $comments_with_count = sprintf($LANG01[121], COM_numberFormat($story->DisplayElements('comments')));
                if ($story->DisplayElements('comments') > 0) {
                    $result = DB_query("SELECT UNIX_TIMESTAMP(date) AS day,username,fullname,{$_TABLES['comments']}.uid as cuid FROM {$_TABLES['comments']},{$_TABLES['users']} WHERE {$_TABLES['users']}.uid = {$_TABLES['comments']}.uid AND sid = '" . $story->getSid() . "' ORDER BY date DESC LIMIT 1");
                    $C = DB_fetchArray($result);
                    $recent_post_anchortag = '<span class="storybyline">' . $LANG01[27] . ': ' . strftime($_CONF['daytime'], $C['day']) . ' ' . $LANG01[104] . ' ' . COM_getDisplayName($C['cuid'], $C['username'], $C['fullname']) . '</span>';
                    $comments_with_count = COM_createLink($comments_with_count, $commentsUrl);
                    $article->set_var('comments_with_count', $comments_with_count);
                    $article->set_var('start_comments_anchortag', '<a href="' . $commentsUrl . '">');
                    $article->set_var('end_comments_anchortag', '</a>');
                } else {
                    $article->set_var('comments_with_count', $comments_with_count);
                    if ($_CONF['comment_on_same_page'] == true) {
                        $recent_post_anchortag = COM_createLink($LANG01[60], $_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '#commenteditform');
                    } else {
                        $recent_post_anchortag = COM_createLink($LANG01[60], $_CONF['site_url'] . '/comment.php?sid=' . $story->getSid() . '&amp;pid=0&amp;type=article');
                        if ($_CONF['show_comments_at_replying'] == true) {
                            $recent_post_anchortag .= '#commenteditform';
                if ($story->DisplayElements('commentcode') == 0) {
                    if ($_CONF['comment_on_same_page'] == true) {
                        $postCommentUrl = $_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '#commenteditform';
                    } else {
                        $postCommentUrl = $_CONF['site_url'] . '/comment.php?sid=' . $story->getSid() . '&amp;pid=0&amp;type=article';
                        if ($_CONF['show_comments_at_replying'] == true) {
                            $postCommentUrl .= '#commenteditform';
                    $post_comment_link = COM_createLink($LANG01[60], $postCommentUrl, array('rel' => 'nofollow'));
                    $article->set_var('post_comment_link', $post_comment_link);
                        $article->set_var( 'subscribe_link',
                                COM_createLink('Nubbies', '', array('rel' => 'nofollow'))
                    $article->set_var('lang_post_comment', $LANG01[60]);
                    $article->set_var('start_post_comment_anchortag', '<a href="' . $postCommentUrl . '" rel="nofollow">');
                    $article->set_var('end_post_comment_anchortag', '</a>');
            if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled']) && $story->DisplayElements('trackbackcode') >= 0 && $show_comments) {
                $num_trackbacks = COM_numberFormat($story->DisplayElements('trackbacks'));
                $trackbacksUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()) . '#trackback';
                $article->set_var('trackbacks_url', $trackbacksUrl);
                $article->set_var('trackbacks_text', $num_trackbacks . ' ' . $LANG_TRB['trackbacks']);
                $article->set_var('trackbacks_count', $num_trackbacks);
                $article->set_var('lang_trackbacks', $LANG_TRB['trackbacks']);
                if (SEC_hasRights('story.ping')) {
                    $pingurl = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&amp;id=' . $story->getSid();
                    $pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.' . $_IMAGE_TYPE . '" alt="' . $LANG_TRB['send_trackback'] . '" title="' . $LANG_TRB['send_trackback'] . '"' . XHTML . '>';
                    $article->set_var('send_trackback_icon', COM_createLink($pingico, $pingurl));
                $trackbacks_with_count = sprintf($LANG01[122], $num_trackbacks);
                if ($story->DisplayElements('trackbacks') > 0) {
                    $trackbacks_with_count = COM_createLink($trackbacks_with_count, $trackbacksUrl);
                $article->set_var('trackbacks_with_count', $trackbacks_with_count);
            if ($_CONF['hideemailicon'] == 1 || COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
                $article->set_var('email_icon', '');
            } else {
                $emailUrl = $_CONF['site_url'] . '/profiles.php?sid=' . $story->getSid() . '&amp;what=emailstory';
                $emailicon = '<img src="' . $_CONF['layout_url'] . '/images/mail.' . $_IMAGE_TYPE . '" alt="' . $LANG01[64] . '" title="' . $LANG11[2] . '"' . XHTML . '>';
                $article->set_var('email_icon', COM_createLink($emailicon, $emailUrl));
                $article->set_var('email_story_url', $emailUrl);
                $article->set_var('lang_email_story', $LANG11[2]);
                $article->set_var('lang_email_story_alt', $LANG01[64]);
            $printUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '&amp;mode=print');
            if ($_CONF['hideprintericon'] == 1) {
                $article->set_var('print_icon', '');
            } else {
                $printicon = '<img src="' . $_CONF['layout_url'] . '/images/print.' . $_IMAGE_TYPE . '" alt="' . $LANG01[65] . '" title="' . $LANG11[3] . '"' . XHTML . '>';
                $article->set_var('print_icon', COM_createLink($printicon, $printUrl, array('rel' => 'nofollow')));
                $article->set_var('print_story_url', $printUrl);
                $article->set_var('lang_print_story', $LANG11[3]);
                $article->set_var('lang_print_story_alt', $LANG01[65]);
            $article->set_var('story_display', 'index');
            $article->set_var('story_counter', $storyCounter);
        $article->set_var('recent_post_anchortag', $recent_post_anchortag);
        if ($index != 'p' && SEC_hasRights('story.edit') && $story->checkAccess() == 3 && TOPIC_hasMultiTopicAccess('article', $story->DisplayElements('sid')) == 3) {
            $editUrl = $_CONF['site_admin_url'] . '/story.php?mode=edit&amp;sid=' . $story->getSid();
            $editiconhtml = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG01[4] . '" title="' . $LANG01[4] . '"' . XHTML . '>';
            $article->set_var('edit_link', COM_createLink($LANG01[4], $editUrl));
            $article->set_var('edit_url', $editUrl);
            $article->set_var('lang_edit_text', $LANG01[4]);
            $article->set_var('edit_icon', COM_createLink($editiconhtml, $editUrl, array('class' => 'editlink')));
            $article->set_var('edit_image', $editiconhtml);
        $navi_list = true;
        $feedback_list = true;
        if ($index == 'p') {
            $navi_list = false;
            $feedback_list = false;
        } else {
            $navi_list = $page_selector !== '' || $readmore_link !== '' || $post_comment_link !== '';
            $feedback_list = $plugin_itemdisplay !== '' || $comments_with_count !== '' || $trackbacks_with_count !== '';
        $story_footer = $navi_list || $feedback_list || $related_topics !== '';
        $article->set_var('navi_list', $navi_list);
        $article->set_var('feedback_list', $feedback_list);
        $article->set_var('story_footer', $story_footer);
        if ($story->DisplayElements('featured') == 1) {
            $article->set_var('lang_todays_featured_article', $LANG05[4]);
            $article->parse('story_bodyhtml', 'featuredbodytext', true);
            PLG_templateSetVars('featuredstorytext', $article);
        } elseif ($story->DisplayElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE && $story->DisplayElements('expire') <= time()) {
            $article->parse('story_bodyhtml', 'archivestorybodytext', true);
            PLG_templateSetVars('archivestorytext', $article);
        } else {
            $article->parse('story_bodyhtml', 'bodytext', true);
            PLG_templateSetVars('storytext', $article);
        // Add related articles
        if ($index === 'n') {
            $article->set_var('related_articles_by_keyword', Story::getRelatedArticlesByKeywords($story->getSid(), $story->DisplayElements('meta_keywords')));
        PLG_templateSetVars($article_filevar, $article);
        if ($index != 'p' && ($cache_time > 0 || $cache_time == -1)) {
            $article->create_instance($cacheInstance, $article_filevar);
            // CACHE_create_instance($cacheInstance, $article);
    } else {
        PLG_templateSetVars($article_filevar, $article);
        if (!$_CONF['cache_templates']) {
            // Hack (see Geeklog Bug Tracker issue #0001817): Cannot set the template variable directly with set_var since
            // this template variable was set with set_file which uses the templatecode array (set_var uses varvals array)
            // so have to update the templatecode array directly. This array really shouldn't be accessed this way
            // and this hack should be changed in the future: either set_var or set_file functions need to allow update of the file template variable found in templatecode
            // $article->set_var($article_filevar, $retval);
            $article->templateCode[$article_filevar] = $retval;
    $article->parse('finalstory', $article_filevar);
    return $article->finish($article->get_var('finalstory'));
Exemplo n.º 20
* Displays the static page editor form
* @param    array   $A      Data to display
* @return   string          HTML for the static page editor
function staticpageeditor_form($A)
    global $_CONF, $_TABLES, $_USER, $_GROUPS, $_SP_CONF, $mode, $sp_id, $LANG21, $LANG_STATIC, $LANG_ACCESS, $LANG_ADMIN, $LANG01, $LANG24, $LANG_postmodes, $MESSAGE, $_IMAGE_TYPE, $_SCRIPTS;
    if (!empty($sp_id) && $mode == 'edit') {
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    } else {
        if ($mode != 'clone') {
            $A['sp_inblock'] = $_SP_CONF['in_block'];
        $A['owner_id'] = $_USER['uid'];
        if (isset($_GROUPS['Static Page Admin'])) {
            $A['group_id'] = $_GROUPS['Static Page Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('staticpages.edit');
        SEC_setDefaultPermissions($A, $_SP_CONF['default_permissions']);
        $access = 3;
        if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
            $A['advanced_editor_mode'] = 1;
    $retval = '';
    $sp_template = COM_newTemplate(CTL_plugin_templatePath('staticpages', 'admin'));
    if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
        $sp_template->set_file('form', 'editor_advanced.thtml');
        // Shouldn't really have to check if anonymous user but who knows...
        if (COM_isAnonUser()) {
            $link_message = "";
        } else {
            $link_message = $LANG01[138];
        $sp_template->set_var('noscript', COM_getNoScript(false, '', $link_message));
        // Setup Advanced Editor
        COM_setupAdvancedEditor('/staticpages/adveditor.js', 'staticpages.edit');
        $sp_template->set_var('lang_expandhelp', $LANG24[67]);
        $sp_template->set_var('lang_reducehelp', $LANG24[68]);
        $sp_template->set_var('lang_toolbar', $LANG24[70]);
        $sp_template->set_var('toolbar1', $LANG24[71]);
        $sp_template->set_var('toolbar2', $LANG24[72]);
        $sp_template->set_var('toolbar3', $LANG24[73]);
        $sp_template->set_var('toolbar4', $LANG24[74]);
        $sp_template->set_var('toolbar5', $LANG24[75]);
        $sp_template->set_var('lang_nojavascript', $LANG24[77]);
        $sp_template->set_var('lang_postmode', $LANG24[4]);
        if (isset($A['postmode']) && $A['postmode'] == 'adveditor') {
            $sp_template->set_var('show_adveditor', '');
            $sp_template->set_var('show_htmleditor', 'none');
        } else {
            $sp_template->set_var('show_adveditor', 'none');
            $sp_template->set_var('show_htmleditor', '');
        $post_options = '<option value="html" selected="selected">' . $LANG_postmodes['html'] . '</option>';
        if (isset($A['postmode']) && $A['postmode'] == 'adveditor') {
            $post_options .= '<option value="adveditor" selected="selected">' . $LANG24[86] . '</option>';
        } else {
            $post_options .= '<option value="adveditor">' . $LANG24[86] . '</option>';
        $sp_template->set_var('post_options', $post_options);
        $sp_template->set_var('change_editormode', 'onchange="change_editmode(this);"');
    } else {
        $sp_template->set_file('form', 'editor.thtml');
    // Add JavaScript
    if ($_CONF['titletoid']) {
        $_SCRIPTS->setJavaScriptFile('title_2_id', '/javascript/title_2_id.js');
        $sp_template->set_var('titletoid', true);
    $sp_template->set_var('lang_mode', $LANG24[3]);
    $sp_template->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $A['commentcode']));
    $sp_template->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $sp_template->set_var('lang_owner', $LANG_ACCESS['owner']);
    $owner_name = COM_getDisplayName($A['owner_id']);
    $owner_username = DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}");
    $sp_template->set_var('owner_id', $A['owner_id']);
    $sp_template->set_var('owner', $owner_name);
    $sp_template->set_var('owner_name', $owner_name);
    $sp_template->set_var('owner_username', $owner_username);
    if ($A['owner_id'] > 1) {
        $profile_link = $_CONF['site_url'] . '/users.php?mode=profile&amp;uid=' . $A['owner_id'];
        $sp_template->set_var('start_owner_anchortag', '<a href="' . $profile_link . '">');
        $sp_template->set_var('end_owner_anchortag', '</a>');
        $sp_template->set_var('owner_link', COM_createLink($owner_name, $profile_link));
        $photo = '';
        if ($_CONF['allow_user_photo']) {
            $photo = DB_getItem($_TABLES['users'], 'photo', "uid = {$A['owner_id']}");
            if (!empty($photo)) {
                $camera_icon = '<img src="' . $_CONF['layout_url'] . '/images/smallcamera.' . $_IMAGE_TYPE . '" alt=""' . XHTML . '>';
                $sp_template->set_var('camera_icon', COM_createLink($camera_icon, $profile_link));
        if (empty($photo)) {
            $sp_template->set_var('camera_icon', '');
    } else {
        $sp_template->set_var('start_owner_anchortag', '');
        $sp_template->set_var('end_owner_anchortag', '');
        $sp_template->set_var('owner_link', $owner_name);
    $sp_template->set_var('lang_group', $LANG_ACCESS['group']);
    $sp_template->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
    $sp_template->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
    $sp_template->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $sp_template->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $sp_template->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
    $sp_template->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $token = SEC_createToken();
    $start_block = COM_startBlock($LANG_STATIC['staticpageeditor'], '', COM_getBlockTemplate('_admin_block', 'header'));
    $start_block .= SEC_getTokenExpiryNotice($token);
    $sp_template->set_var('start_block_editor', $start_block);
    $sp_template->set_var('lang_save', $LANG_ADMIN['save']);
    $sp_template->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $sp_template->set_var('lang_preview', $LANG_ADMIN['preview']);
    if (SEC_hasRights('staticpages.delete') && $mode != 'clone' && !empty($A['sp_old_id'])) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $sp_template->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $sp_template->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
    } else {
        $sp_template->set_var('delete_option', '');
    $sp_template->set_var('lang_writtenby', $LANG_STATIC['writtenby']);
    $sp_template->set_var('username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"));
    $authorname = COM_getDisplayName($A['owner_id']);
    $sp_template->set_var('name', $authorname);
    $sp_template->set_var('author', $authorname);
    $sp_template->set_var('lang_url', $LANG_STATIC['url']);
    $sp_template->set_var('lang_id', $LANG_STATIC['id']);
    $sp_template->set_var('sp_uid', $A['owner_id']);
    $sp_template->set_var('sp_id', $A['sp_id']);
    $sp_template->set_var('sp_old_id', $A['sp_old_id']);
    $sp_template->set_var('example_url', COM_buildURL($_CONF['site_url'] . '/staticpages/index.php?page=' . $A['sp_id']));
    $sp_template->set_var('lang_centerblock', $LANG_STATIC['centerblock']);
    $sp_template->set_var('lang_centerblock_help', $LANG_ADMIN['help_url']);
    $sp_template->set_var('lang_centerblock_include', $LANG21[51]);
    $sp_template->set_var('lang_centerblock_desc', $LANG21[52]);
    $sp_template->set_var('centerblock_help', $A['sp_help']);
    $sp_template->set_var('lang_centerblock_msg', $LANG_STATIC['centerblock_msg']);
    if (isset($A['sp_centerblock']) && $A['sp_centerblock'] == 1) {
        $sp_template->set_var('centerblock_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('centerblock_checked', '');
    $sp_template->set_var('lang_position', $LANG_STATIC['position']);
    $position = '<select name="sp_where">';
    $position .= '<option value="1"';
    if ($A['sp_where'] == 1) {
        $position .= ' selected="selected"';
    $position .= '>' . $LANG_STATIC['position_top'] . '</option>';
    $position .= '<option value="2"';
    if ($A['sp_where'] == 2) {
        $position .= ' selected="selected"';
    $position .= '>' . $LANG_STATIC['position_feat'] . '</option>';
    $position .= '<option value="3"';
    if ($A['sp_where'] == 3) {
        $position .= ' selected="selected"';
    $position .= '>' . $LANG_STATIC['position_bottom'] . '</option>';
    $position .= '<option value="0"';
    if ($A['sp_where'] == 0) {
        $position .= ' selected="selected"';
    $position .= '>' . $LANG_STATIC['position_entire'] . '</option>';
    $position .= '</select>';
    $sp_template->set_var('pos_selection', $position);
    if ($_SP_CONF['allow_php'] == 1 && SEC_hasRights('staticpages.PHP')) {
        if (!isset($A['sp_php'])) {
            $A['sp_php'] = 0;
        $selection = '<select name="sp_php">' . LB;
        $selection .= '<option value="0"';
        if ($A['sp_php'] <= 0 || $A['sp_php'] > 2) {
            $selection .= ' selected="selected"';
        $selection .= '>' . $LANG_STATIC['select_php_none'] . '</option>' . LB;
        $selection .= '<option value="1"';
        if ($A['sp_php'] == 1) {
            $selection .= ' selected="selected"';
        $selection .= '>' . $LANG_STATIC['select_php_return'] . '</option>' . LB;
        $selection .= '<option value="2"';
        if ($A['sp_php'] == 2) {
            $selection .= ' selected="selected"';
        $selection .= '>' . $LANG_STATIC['select_php_free'] . '</option>' . LB;
        $selection .= '</select>';
        $sp_template->set_var('php_selector', $selection);
        $sp_template->set_var('php_warn', $LANG_STATIC['php_warn']);
    } else {
        $sp_template->set_var('php_selector', '');
        $sp_template->set_var('php_warn', $LANG_STATIC['php_not_activated']);
    $sp_template->set_var('php_msg', $LANG_STATIC['php_msg']);
    // old variables (for the 1.3-type checkbox)
    $sp_template->set_var('php_checked', '');
    $sp_template->set_var('php_type', 'hidden');
    if (isset($A['sp_nf']) && $A['sp_nf'] == 1) {
        $sp_template->set_var('exit_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('exit_checked', '');
    $sp_template->set_var('exit_msg', $LANG_STATIC['exit_msg']);
    $sp_template->set_var('exit_info', $LANG_STATIC['exit_info']);
    if ($A['sp_inblock'] == 1) {
        $sp_template->set_var('inblock_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('inblock_checked', '');
    $sp_template->set_var('inblock_msg', $LANG_STATIC['inblock_msg']);
    $sp_template->set_var('inblock_info', $LANG_STATIC['inblock_info']);
    if ($A['draft_flag'] == 1) {
        $sp_template->set_var('draft_flag_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('draft_flag_checked', '');
    $sp_template->set_var('lang_draft', $LANG_STATIC['draft']);
    $sp_template->set_var('lang_cache_time', $LANG_STATIC['cache_time']);
    $sp_template->set_var('lang_cache_time_desc', $LANG_STATIC['cache_time_desc']);
    $sp_template->set_var('cache_time', $A['cache_time']);
    $curtime = COM_getUserDateTimeFormat($A['unixdate']);
    $sp_template->set_var('lang_lastupdated', $LANG_STATIC['date']);
    $sp_template->set_var('sp_formateddate', $curtime[0]);
    $sp_template->set_var('sp_date', $curtime[1]);
    $sp_template->set_var('lang_title', $LANG_STATIC['title']);
    $sp_template->set_var('lang_page_title', $LANG_STATIC['page_title']);
    $title = '';
    $page_title = '';
    if (isset($A['sp_title'])) {
        $title = htmlspecialchars(stripslashes($A['sp_title']));
    if (isset($A['sp_page_title'])) {
        $page_title = htmlspecialchars(stripslashes($A['sp_page_title']));
    $sp_template->set_var('sp_title', $title);
    $sp_template->set_var('sp_page_title', $page_title);
    $sp_template->set_var('lang_topic', $LANG_STATIC['topic']);
    if ($mode != 'clone') {
        // want to use default topic selection if new staticpage so pass in blank id
        $topic_sp_id = $A['sp_id'];
        if (empty($sp_id) && $mode == 'edit') {
            // means new
            $topic_sp_id = '';
        $sp_template->set_var('topic_selection', TOPIC_getTopicSelectionControl('staticpages', $topic_sp_id, true, false, true));
    } else {
        $sp_template->set_var('topic_selection', TOPIC_getTopicSelectionControl('staticpages', $A['clone_sp_id'], true, false, true));
    $sp_template->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
    $sp_template->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
    if (!empty($A['meta_description'])) {
        $sp_template->set_var('meta_description', $A['meta_description']);
    if (!empty($A['meta_keywords'])) {
        $sp_template->set_var('meta_keywords', $A['meta_keywords']);
    if ($_CONF['meta_tags'] > 0 && $_SP_CONF['meta_tags'] > 0) {
        $sp_template->set_var('hide_meta', '');
    } else {
        $sp_template->set_var('hide_meta', ' style="display:none;"');
    if ($A['template_flag'] == 1) {
        $sp_template->set_var('template_flag_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('template_flag_checked', '');
    $sp_template->set_var('lang_template', $LANG_STATIC['template']);
    $sp_template->set_var('lang_template_flag_msg', $LANG_STATIC['template_msg']);
    $template_list = templatelist($A['template_id']);
    $template_none = '<option value=""';
    if ($A['template_id'] == "") {
        $template_none .= ' selected="selected"';
    $template_none .= '>' . $LANG_STATIC['none'] . '</option>';
    $sp_template->set_var('use_template_selection', '<select name="template_id">' . $template_none . $template_list . '</select>');
    $sp_template->set_var('lang_use_template', $LANG_STATIC['use_template']);
    $sp_template->set_var('lang_use_template_msg', $LANG_STATIC['use_template_msg']);
    $sp_template->set_var('lang_addtomenu', $LANG_STATIC['addtomenu']);
    if (isset($A['sp_onmenu']) && $A['sp_onmenu'] == 1) {
        $sp_template->set_var('onmenu_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('onmenu_checked', '');
    $sp_template->set_var('lang_label', $LANG_STATIC['label']);
    if (isset($A['sp_label'])) {
        $sp_template->set_var('sp_label', $A['sp_label']);
    } else {
        $sp_template->set_var('sp_label', '');
    $sp_template->set_var('lang_pageformat', $LANG_STATIC['pageformat']);
    $sp_template->set_var('lang_blankpage', $LANG_STATIC['blankpage']);
    $sp_template->set_var('lang_noblocks', $LANG_STATIC['noblocks']);
    $sp_template->set_var('lang_leftblocks', $LANG_STATIC['leftblocks']);
    $sp_template->set_var('lang_leftrightblocks', $LANG_STATIC['leftrightblocks']);
    if (!isset($A['sp_format'])) {
        $A['sp_format'] = '';
    if ($A['sp_format'] == 'noblocks') {
        $sp_template->set_var('noblock_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('noblock_selected', '');
    if ($A['sp_format'] == 'leftblocks') {
        $sp_template->set_var('leftblocks_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('leftblocks_selected', '');
    if ($A['sp_format'] == 'blankpage') {
        $sp_template->set_var('blankpage_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('blankpage_selected', '');
    if ($A['sp_format'] == 'allblocks' or empty($A['sp_format'])) {
        $sp_template->set_var('allblocks_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('allblocks_selected', '');
    $sp_template->set_var('lang_content', $LANG_STATIC['content']);
    $content = '';
    if (isset($A['sp_content'])) {
        $content = htmlspecialchars(stripslashes($A['sp_content']));
        $content = str_replace(array('{', '}'), array('&#123;', '&#125;'), $content);
    $sp_template->set_var('sp_content', $content);
    $allowed = COM_allowedHTML('staticpages.edit', false, $_SP_CONF['filter_html']) . COM_allowedAutotags();
    $sp_template->set_var('lang_allowedhtml', $allowed);
    $sp_template->set_var('lang_allowed_html', $allowed);
    $sp_template->set_var('lang_hits', $LANG_STATIC['hits']);
    if (empty($A['sp_hits'])) {
        $sp_template->set_var('sp_hits', '0');
        $sp_template->set_var('sp_hits_formatted', '0');
    } else {
        $sp_template->set_var('sp_hits', $A['sp_hits']);
        $sp_template->set_var('sp_hits_formatted', COM_numberFormat($A['sp_hits']));
    $sp_template->set_var('lang_comments', $LANG_STATIC['comments']);
    if ($A['commentcode'] == -1) {
        $sp_template->set_var('sp_comments', $LANG_ADMIN['na']);
    } else {
        $num_comments = DB_count($_TABLES['comments'], array('sid', 'type'), array(DB_escapeString($A['sp_id']), 'staticpages'));
        $sp_template->set_var('sp_comments', COM_numberFormat($num_comments));
    $sp_template->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    $sp_template->set_var('gltoken_name', CSRF_TOKEN);
    $sp_template->set_var('gltoken', $token);
    $sp_template->parse('output', 'form');
    $retval .= $sp_template->finish($sp_template->get_var('output'));
    return $retval;
Exemplo n.º 21
* List all backups, i.e. all files ending in .sql
* @return   string      HTML for the list of files or an error when not writable
function DBADMIN_list()
    $retval = '';
    if (is_writable($_CONF['backup_path'])) {
        $backups = array();
        $fd = opendir($_CONF['backup_path']);
        $index = 0;
        while (false !== ($file = @readdir($fd))) {
            if ($file != '.' && $file != '..' && $file != 'CVS' && preg_match('/\\.sql(\\.gz)?$/i', $file)) {
                $backups[] = $file;
        usort($backups, 'DBADMIN_compareBackupFiles');
        $data_arr = array();
        $thisUrl = $_CONF['site_admin_url'] . '/database.php';
        $diskIconUrl = $_CONF['layout_url'] . '/images/admin/disk.' . $_IMAGE_TYPE;
        $attr['title'] = $LANG_DB_BACKUP['download'];
        $alt = $LANG_DB_BACKUP['download'];
        $num_backups = count($backups);
        for ($i = 0; $i < $num_backups; $i++) {
            $downloadUrl = $thisUrl . '?download=x&amp;file=' . urlencode($backups[$i]);
            $downloadLink = COM_createLink(COM_createImage($diskIconUrl, $alt, $attr), $downloadUrl, $attr);
            $downloadLink .= '&nbsp;&nbsp;';
            $attr['style'] = 'vertical-align:top;';
            $downloadLink .= COM_createLink($backups[$i], $downloadUrl, $attr);
            $backupfile = $_CONF['backup_path'] . $backups[$i];
            $backupfilesize = COM_numberFormat(filesize($backupfile)) . ' <b>' . $LANG_DB_BACKUP['bytes'] . '</b>';
            $data_arr[$i] = array('file' => $downloadLink, 'size' => $backupfilesize, 'filename' => $backups[$i]);
        $token = SEC_createToken();
        $menu_arr = array();
        $allInnoDB = DBADMIN_innodbStatus();
        $menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/database.php?backupdb=x', 'text' => $LANG_DB_BACKUP['create_backup']);
        $menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/database.php?optimize=x', 'text' => $LANG_DB_BACKUP['optimize_menu']);
        if (!$allInnoDB && DBADMIN_supported_engine('InnoDB')) {
            $menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/database.php?innodb=x', 'text' => $LANG_DB_BACKUP['convert_menu']);
        if ($allInnoDB && DBADMIN_supported_engine('MyISAM')) {
            $menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/database.php?myisam=x', 'text' => $LANG_DB_BACKUP['convert_myisam_menu']);
        $menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/database.php?config=x', 'text' => $LANG_DB_BACKUP['configure']);
        $menu_arr[] = array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']);
        $retval .= COM_startBlock($LANG_DB_BACKUP['database_admin'], '', COM_getBlockTemplate('_admin_block', 'header'));
        $retval .= ADMIN_createMenu($menu_arr, "<p>{$LANG_DB_BACKUP['db_explanation']}</p>" . '<p>' . sprintf($LANG_DB_BACKUP['total_number'], $index) . '</p>', $_CONF['layout_url'] . '/images/icons/database.' . $_IMAGE_TYPE);
        $header_arr = array(array('text' => $LANG_DB_BACKUP['backup_file'], 'field' => 'file'), array('text' => $LANG_DB_BACKUP['size'], 'field' => 'size'));
        $text_arr = array('form_url' => $thisUrl);
        $form_arr = array('bottom' => '', 'top' => '');
        if ($num_backups > 0) {
            $form_arr['bottom'] = '<input type="hidden" name="delete" value="x">' . '<input type="hidden" name="' . CSRF_TOKEN . '" value="' . $token . '">' . LB;
        $options = array('chkdelete' => true, 'chkminimum' => 0, 'chkfield' => 'filename');
        $retval .= ADMIN_simpleList('', $header_arr, $text_arr, $data_arr, $options, $form_arr);
        $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    } else {
        $retval .= COM_startBlock($LANG08[06], '', COM_getBlockTemplate('_msg_block', 'header'));
        $retval .= $LANG_DB_BACKUP['no_access'];
        COM_errorLog($_CONF['backup_path'] . ' is not writable.', 1);
        $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
    return $retval;
Exemplo n.º 22
* Shows who is online in slick little block
* @return   string  HTML string of online users seperated by line breaks.
function phpblock_whosonline()
    global $_CONF, $_TABLES, $LANG01, $_IMAGE_TYPE;
    $retval = '';
    $expire_time = time() - $_CONF['whosonline_threshold'];
    $byname = 'username';
    if ($_CONF['show_fullname'] == 1) {
        $byname .= ',fullname';
    if ($_CONF['user_login_method']['openid'] || $_CONF['user_login_method']['3rdparty']) {
        $byname .= ',remoteusername,remoteservice';
    $result = DB_query("SELECT DISTINCT {$_TABLES['sessions']}.uid,{$byname},photo,showonline FROM {$_TABLES['sessions']},{$_TABLES['users']},{$_TABLES['userprefs']} WHERE {$_TABLES['users']}.uid = {$_TABLES['sessions']}.uid AND {$_TABLES['users']}.uid = {$_TABLES['userprefs']}.uid AND start_time >= {$expire_time} AND {$_TABLES['sessions']}.uid <> 1 ORDER BY {$byname}");
    $nrows = DB_numRows($result);
    $num_anon = 0;
    $num_reg = 0;
    for ($i = 0; $i < $nrows; $i++) {
        $A = DB_fetchArray($result);
        if ($A['showonline'] == 1) {
            $fullname = '';
            if ($_CONF['show_fullname'] == 1) {
                $fullname = $A['fullname'];
            if ($_CONF['user_login_method']['openid'] || $_CONF['user_login_method']['3rdparty']) {
                $username = COM_getDisplayName($A['uid'], $A['username'], $fullname, $A['remoteusername'], $A['remoteservice']);
            } else {
                $username = COM_getDisplayName($A['uid'], $A['username'], $fullname);
            $url = $_CONF['site_url'] . '/users.php?mode=profile&amp;uid=' . $A['uid'];
            $retval .= COM_createLink($username, $url);
            if (!empty($A['photo']) and $_CONF['allow_user_photo'] == 1) {
                if ($_CONF['whosonline_photo'] == true) {
                    $usrimg = '<img src="' . $_CONF['site_url'] . '/images/userphotos/' . $A['photo'] . '" alt="" height="30" width="30"' . XHTML . '>';
                } else {
                    $usrimg = '<img src="' . $_CONF['layout_url'] . '/images/smallcamera.' . $_IMAGE_TYPE . '" alt=""' . XHTML . '>';
                $retval .= '&nbsp;' . COM_createLink($usrimg, $url);
            $retval .= '<br' . XHTML . '>';
        } else {
            // this user does not want to show up in Who's Online
            // count as anonymous
    $num_anon += DB_count($_TABLES['sessions'], 'uid', 1);
    if ($_CONF['whosonline_anonymous'] == 1 && COM_isAnonUser()) {
        // note that we're overwriting the contents of $retval here
        if ($num_reg > 0) {
            $retval = $LANG01[112] . ': ' . COM_numberFormat($num_reg) . '<br' . XHTML . '>';
        } else {
            $retval = '';
    if ($num_anon > 0) {
        $retval .= $LANG01[41] . ': ' . COM_numberFormat($num_anon) . '<br' . XHTML . '>';
    return $retval;
Exemplo n.º 23
  *   View the cart.
  *   This function shows the shopping cart, either with the quantity fields
  *   and option to update, or with the checkout buttons depending on the
  *   value of $checkout.
  *   @uses   getCheckoutButtons()
  *   @param  boolean $checkout   True to indicate this is the final checkout
  *   @return string      HTML for the "view cart" form
 public function View($checkout = false)
     global $_CONF, $_PP_CONF, $_USER, $LANG_PP, $_TABLES, $_SYSTEM;
     $currency = new ppCurrency();
     $T = new Template(PAYPAL_PI_PATH . '/templates');
     $tpltype = $_SYSTEM['framework'] == 'uikit' ? '.uikit' : '';
     $T->set_file('cart', $checkout ? "order{$tpltype}.thtml" : "viewcart{$tpltype}.thtml");
     if (!isset($this->m_cart) || empty($this->m_cart)) {
         return $LANG_PP['cart_empty'];
     if ($checkout) {
         foreach ($_PP_CONF['workflows'] as $key => $value) {
             $T->set_var('have_' . $value, 'true');
             foreach ($this->_addr_fields as $fldname) {
                 $T->set_var($value . '_' . $fldname, $this->m_info[$value][$fldname]);
         $T->set_var('not_final', 'true');
     $T->set_block('order', 'ItemRow', 'iRow');
     // Get the workflows so we show the relevant info.
     if (!isset($_PP_CONF['workflows']) || !is_array($_PP_CONF['workflows'])) {
     $T->set_block('cart', 'ItemRow', 'iRow');
     $counter = 0;
     $subtotal = 0;
     $shipping = 0;
     foreach ($this->m_cart as $id => $item) {
         $attr_desc = '';
         list($item_id, $attr_keys) = PAYPAL_explode_opts($item['item_id']);
         if (is_numeric($item_id)) {
             // a catalog item, get the "right" price
             $P = new Product($item_id);
             $item_price = $P->getPrice($attr_keys, $item['quantity']);
             if (!empty($attr_keys)) {
                 foreach ($attr_keys as $attr_key) {
                     if (!isset($P->options[$attr_key])) {
                     // invalid?
                     //$attr_price = (float)$P->options[$attr_key]['attr_price'];
                     $attr_name = $P->options[$attr_key]['attr_name'];
                     $attr_value = $P->options[$attr_key]['attr_value'];
                     $attr_desc .= "<br />&nbsp;&nbsp;-- {$attr_name}: {$attr_value}";
                     /*if ($attr_price != 0) {
                           $item_price += $attr_price;
             $text_names = explode('|', $P->custom);
             if (!empty($text_names) && is_array($item['extras']['custom'])) {
                 foreach ($item['extras']['custom'] as $tid => $val) {
                     $attr_desc .= '<br />&nbsp;&nbsp;-- ' . htmlspecialchars($text_names[$tid]) . ': ' . htmlspecialchars($val);
             $item['descrip'] .= $attr_desc;
             // Get shipping amount and weight
             if ($P->shipping_type == 2 && $P->shipping_amt > 0) {
                 // fixed shipping amount per item. Update actual cart
                 $this->m_cart[$id]['shipping'] = $P->shipping_amt * $item['quantity'];
                 $shipping += $this->m_cart[$id]['shipping'];
                 // for display
             } elseif ($P->shipping_type == 1 && $P->weight > 0) {
                 // using gateway profile, save the item's weight in the cart
                 $this->m_cart[$id]['weight'] = $P->weight * $item['quantity'];
             $this->m_cart[$id]['taxable'] = $P->taxable ? 'Y' : 'N';
             $this->m_cart[$id]['type'] = $P->prod_type;
         } else {
             // A plugin item, it's not something we can look up
             $item_price = (double) $item['price'];
             if (isset($item['extras']['shipping'])) {
                 $shipping += (double) $item['extras']['shipping'];
                 $this->m_cart[$id]['shipping'] = $item['extras']['shipping'];
         $item_total = $item_price * $item['quantity'];
         $T->set_var(array('cart_item_id' => $id, 'pi_url' => PAYPAL_URL, 'cart_id' => $item['item_id'], 'pp_id' => $counter, 'item_id' => $item_id, 'item_descrip' => $item['descrip'], 'item_price' => COM_numberFormat($item_price, 2), 'item_quantity' => $item['quantity'], 'item_total' => COM_numberFormat($item_total, 2), 'item_link' => is_numeric($item_id) ? 'true' : ''));
         $T->parse('iRow', 'ItemRow', true);
         $subtotal += $item_total;
     $custom_info = array('uid' => $_USER['uid'], 'transtype' => 'cart_upload', 'cart_id' => $this->cartID());
     $total = $subtotal + $shipping;
     // A little hack to show only the total if there are no other
     // charges
     //if ($total == $subtotal) $subtotal = 0;
     // Format the TOC link, if any
     if (!empty($_PP_CONF['tc_link'])) {
         $tc_link = str_replace('{site_url}', $_CONF['site_url'], $_PP_CONF['tc_link']);
     } else {
         $tc_link = '';
     $T->set_var(array('paypal_url' => $_PP_CONF['paypal_url'], 'receiver_email' => $_PP_CONF['receiver_email'][0], 'custom' => serialize($custom_info), 'shipping' => $shipping > 0 ? $currency->Format($shipping) : '', 'subtotal' => $subtotal > 0 ? $currency->Format($subtotal) : '', 'total' => $currency->Format($total), 'order_instr' => htmlspecialchars($this->getInstructions()), 'tc_link' => $tc_link));
     // If this is the final checkout, then show the payment buttons
     if ($checkout) {
         $T->set_var(array('gateway_vars' => $this->getCheckoutButtons(), 'checkout' => 'true'));
     $T->parse('output', 'cart');
     $form = $T->finish($T->get_var('output'));
     return $form;
Exemplo n.º 24
 * used for the list of topics in admin/topic.php
 * @param  string $fieldName
 * @param  string $fieldValue
 * @param  array  $A
 * @param  array  $icon_arr
 * @param  string $token
 * @return string
function ADMIN_getListField_topics($fieldName, $fieldValue, $A, $icon_arr, $token)
    global $_CONF, $LANG_ACCESS, $_TABLES, $LANG27, $LANG32;
    $retval = false;
    $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    switch ($fieldName) {
        case 'edit':
            if ($access == 3) {
                $editUrl = $_CONF['site_admin_url'] . '/topic.php?mode=edit&amp;tid=' . $A['tid'];
                $retval = COM_createLink($icon_arr['edit'], $editUrl);
        case 'sortnum':
            if ($_CONF['sortmethod'] === 'sortnum') {
                $style = 'style="vertical-align: middle;"';
                $upImage = $_CONF['layout_url'] . '/images/admin/up.png';
                $downImage = $_CONF['layout_url'] . '/images/admin/down.png';
                $url = $_CONF['site_admin_url'] . '/topic.php?mode=change_sortnum' . '&amp;tid=' . $A['tid'] . '&amp;' . CSRF_TOKEN . '=' . $token . '&amp;where=';
                $retval .= COM_createLink("<img {$style} alt=\"+\" src=\"{$upImage}\"" . XHTML . ">", $url . 'up', array('title' => $LANG32[44]));
                $retval .= '&nbsp;' . $fieldValue . '&nbsp;';
                $retval .= COM_createLink("<img {$style} alt=\"-\" src=\"{$downImage}\"" . XHTML . ">", $url . 'dn', array('title' => $LANG32[45]));
            } else {
                $retval = $fieldValue;
        case 'image':
            $retval = '';
            if (!empty($A['imageurl'])) {
                $imageUrl = COM_getTopicImageUrl($A['imageurl']);
                $image_tag = '<img src="' . $imageUrl . '" width="24" height="24" id="topic-' . $A['tid'] . '" class="admin-topic-image" alt=""' . XHTML . '>';
                $url = COM_buildURL($_CONF['site_url'] . '/index.php?topic=' . $A['tid']);
                $retval = COM_createLink($image_tag, $url);
        case 'topic':
            $default = $A['is_default'] == 1 ? $LANG27[24] : '';
            $level = -1;
            $tid = $A['tid'];
            while ($tid !== TOPIC_ROOT) {
                $tid = DB_getItem($_TABLES['topics'], 'parent_id', "tid = '{$tid}'");
            $level *= 15;
            $content = '<span style="margin-left:' . $level . 'px">' . $fieldValue . '</span>';
            $url = COM_buildURL($_CONF['site_url'] . '/index.php?topic=' . $A['tid']);
            $retval = COM_createLink($content, $url) . $default;
        case 'access':
            $retval = $LANG_ACCESS['readonly'];
            if ($access == 3) {
                $retval = $LANG_ACCESS['edit'];
        case 'inherit':
        case 'hidden':
            $yes = empty($LANG27[50]) ? 'Yes' : $LANG27[50];
            $no = empty($LANG27[50]) ? 'No' : $LANG27[51];
            $retval = $fieldValue == 1 ? $yes : $no;
        case 'story':
            // Retrieve list of inherited topics
            $tid_list = TOPIC_getChildList($A['tid']);
            // Calculate number of stories in topic, includes any inherited ones
            $sql = "SELECT sid FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta " . "WHERE (draft_flag = 0) AND (date <= NOW()) " . COM_getPermSQL('AND') . "AND ta.type = 'article' AND ta.id = sid " . "AND (ta.tid IN({$tid_list}) " . "AND (ta.inherit = 1 OR (ta.inherit = 0 AND ta.tid = '{$A['tid']}'))) " . "GROUP BY sid";
            $result = DB_query($sql);
            $numRows = DB_numRows($result);
            $retval = COM_numberFormat($numRows);
            $retval = $fieldValue;
    return $retval;
Exemplo n.º 25
* Shows a profile for a user
* This grabs the user profile for a given user and displays it
* @return   string          HTML for user profile page
function userprofile()
    global $_CONF, $_TABLES, $_USER, $LANG01, $LANG04, $LANG09, $LANG28, $LANG_LOGIN;
    // @param    int     $user   User ID of profile to get
    // @param    int     $msg    Message to display (if != 0)
    // @param    string  $plugin optional plugin name for message
    $retval = '';
    if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['profileloginrequired'] == 1)) {
        $retval .= SEC_loginRequiredForm();
        return $retval;
    if (isset($_GET['uid'])) {
        $user = COM_applyFilter($_GET['uid'], true);
        if (!is_numeric($user) || $user < 2) {
            echo COM_refresh($_CONF['site_url'] . '/index.php');
    } else {
        if (isset($_GET['username'])) {
            $username = $_GET['username'];
            if (!USER_validateUsername($username, 1)) {
                echo COM_refresh($_CONF['site_url'] . '/index.php');
            if (empty($username) || $username == '') {
                echo COM_refresh($_CONF['site_url'] . '/index.php');
            $username = DB_escapeString($username);
            $user = DB_getItem($_TABLES['users'], 'uid', "username = '******'");
            if ($user < 2) {
                echo COM_refresh($_CONF['site_url'] . '/index.php');
        } else {
            echo COM_refresh($_CONF['site_url'] . '/index.php');
    $msg = 0;
    if (isset($_GET['msg'])) {
        $msg = COM_applyFilter($_GET['msg'], true);
    $plugin = '';
    if ($msg > 0 && isset($_GET['plugin'])) {
        $plugin = COM_applyFilter($_GET['plugin']);
    $result = DB_query("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,lastlogin,homepage,about,location,pgpkey,photo,email,status,emailfromadmin,emailfromuser,showonline FROM {$_TABLES['userinfo']},{$_TABLES['userprefs']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['userinfo']}.uid = {$_TABLES['userprefs']}.uid AND {$_TABLES['users']}.uid = " . (int) $user);
    $nrows = DB_numRows($result);
    if ($nrows == 0) {
        // no such user
        echo COM_refresh($_CONF['site_url'] . '/index.php');
    $A = DB_fetchArray($result);
    if ($A['status'] == USER_ACCOUNT_DISABLED && !SEC_hasRights('user.edit')) {
        COM_displayMessageAndAbort(30, '', 403, 'Forbidden');
    $display_name = @htmlspecialchars(COM_getDisplayName($user, $A['username'], $A['fullname']), ENT_COMPAT, COM_getEncodingt());
    if ($msg > 0) {
        $retval .= COM_showMessage($msg, $plugin, '', 0, 'info');
    // format date/time to user preference
    $curtime = COM_getUserDateTimeFormat($A['regdate']);
    $A['regdate'] = $curtime[0];
    $user_templates = new Template($_CONF['path_layout'] . 'users');
    $user_templates->set_file(array('profile' => 'profile.thtml', 'email' => 'email.thtml', 'row' => 'commentrow.thtml', 'strow' => 'storyrow.thtml'));
    $user_templates->set_var('layout_url', $_CONF['layout_url']);
    $user_templates->set_var('start_block_userprofile', COM_startBlock($LANG04[1] . ' ' . $display_name));
    $user_templates->set_var('end_block', COM_endBlock());
    $user_templates->set_var('lang_username', $LANG04[2]);
    $user_templates->set_var('tooltip', COM_getTooltipStyle());
    if ($_CONF['show_fullname'] == 1) {
        if (empty($A['fullname'])) {
            $username = $A['username'];
            $fullname = '';
        } else {
            $username = $A['fullname'];
            $fullname = $A['username'];
    } else {
        $username = $A['username'];
        $fullname = '';
    $username = @htmlspecialchars($username, ENT_COMPAT, COM_getEncodingt());
    $fullname = @htmlspecialchars($fullname, ENT_COMPAT, COM_getEncodingt());
    if ($A['status'] == USER_ACCOUNT_DISABLED) {
        $username = sprintf('%s - %s', $username, $LANG28[42]);
        if (!empty($fullname)) {
            $fullname = sprintf('% - %s', $fullname, $LANG28[42]);
    $user_templates->set_var('username', $username);
    $user_templates->set_var('user_fullname', $fullname);
    if (SEC_hasRights('user.edit') || isset($_USER['uid']) && $_USER['uid'] == $A['uid']) {
        global $_IMAGE_TYPE, $LANG_ADMIN;
        $edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG_ADMIN['edit'] . '" title="' . $LANG_ADMIN['edit'] . '" />';
        if ($_USER['uid'] == $A['uid']) {
            $edit_url = "{$_CONF['site_url']}/usersettings.php";
        } else {
            $edit_url = "{$_CONF['site_admin_url']}/user.php?edit=x&amp;uid={$A['uid']}";
        $edit_link_url = COM_createLink($edit_icon, $edit_url);
        $user_templates->set_var('edit_icon', $edit_icon);
        $user_templates->set_var('edit_link', $edit_link_url);
        $user_templates->set_var('user_edit', $edit_url);
    } else {
        $user_templates->set_var('user_edit', '');
    if (isset($A['photo']) && empty($A['photo'])) {
        $A['photo'] = '(none)';
        // user does not have a photo
    $lastlogin = $A['lastlogin'];
    $lasttime = COM_getUserDateTimeFormat($lastlogin);
    $photo = USER_getPhoto($user, $A['photo'], $A['email'], -1, 0);
    $user_templates->set_var('user_photo', $photo);
    $user_templates->set_var('lang_membersince', $LANG04[67]);
    $user_templates->set_var('user_regdate', $A['regdate']);
    if ($_CONF['lastlogin'] && $A['showonline']) {
        $user_templates->set_var('lang_lastlogin', $LANG28[35]);
        if (!empty($lastlogin)) {
            $user_templates->set_var('user_lastlogin', $lasttime[0]);
        } else {
            $user_templates->set_var('user_lastlogin', $LANG28[36]);
    if ($A['showonline']) {
        if (DB_count($_TABLES['sessions'], 'uid', (int) $user)) {
            $user_templates->set_var('online', 'online');
    $user_templates->set_var('lang_email', $LANG04[5]);
    $user_templates->set_var('user_id', $user);
    if ($A['email'] == '' || $A['emailfromuser'] == 0) {
        $user_templates->set_var('email_option', '');
    } else {
        $user_templates->set_var('lang_sendemail', $LANG04[81]);
        $user_templates->parse('email_option', 'email', true);
    $user_templates->set_var('lang_homepage', $LANG04[6]);
    $user_templates->set_var('user_homepage', COM_killJS($A['homepage']));
    $user_templates->set_var('lang_location', $LANG04[106]);
    $user_templates->set_var('user_location', strip_tags($A['location']));
    $user_templates->set_var('lang_online', $LANG04[160]);
    $user_templates->set_var('lang_bio', $LANG04[7]);
    $user_templates->set_var('user_bio', nl2br($A['about']));
    $user_templates->set_var('follow_me', SOC_getFollowMeIcons($user, 'follow_user_profile.thtml'));
    $user_templates->set_var('lang_pgpkey', $LANG04[8]);
    $user_templates->set_var('user_pgp', nl2br($A['pgpkey']));
    $user_templates->set_var('start_block_last10stories', COM_startBlock($LANG04[82] . ' ' . $display_name));
    if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
        $user_templates->set_var('start_block_last10comments', COM_startBlock($LANG04[10] . ' ' . $display_name));
    $user_templates->set_var('start_block_postingstats', COM_startBlock($LANG04[83] . ' ' . $display_name));
    $user_templates->set_var('lang_title', $LANG09[16]);
    $user_templates->set_var('lang_date', $LANG09[17]);
    // for alternative layouts: use these as headlines instead of block titles
    $user_templates->set_var('headline_last10stories', $LANG04[82] . ' ' . $display_name);
    if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
        $user_templates->set_var('headline_last10comments', $LANG04[10] . ' ' . $display_name);
    $user_templates->set_var('headline_postingstats', $LANG04[83] . ' ' . $display_name);
    $result = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL());
    $nrows = DB_numRows($result);
    $tids = array();
    for ($i = 0; $i < $nrows; $i++) {
        $T = DB_fetchArray($result);
        $tids[] = $T['tid'];
    $topics = "'" . implode("','", $tids) . "'";
    // list of last 10 stories by this user
    if (sizeof($tids) > 0) {
        $sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = '" . (int) $user . "') AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
        $sql .= " ORDER BY unixdate DESC LIMIT 10";
        $result = DB_query($sql);
        $nrows = DB_numRows($result);
    } else {
        $nrows = 0;
    if ($nrows > 0) {
        for ($i = 0; $i < $nrows; $i++) {
            $C = DB_fetchArray($result);
            $user_templates->set_var('cssid', $i % 2 + 1);
            $user_templates->set_var('row_number', $i + 1 . '.');
            $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $C['sid']);
            $user_templates->set_var('article_url', $articleUrl);
            $C['title'] = str_replace('$', '&#36;', $C['title']);
            $user_templates->set_var('story_title', COM_createLink($C['title'], $articleUrl, array('class' => '')));
            $storytime = COM_getUserDateTimeFormat($C['unixdate']);
            $user_templates->set_var('story_date', $storytime[0]);
            $user_templates->parse('story_row', 'strow', true);
    } else {
        $user_templates->set_var('story_row', '<tr><td>' . $LANG01[37] . '</td></tr>');
    if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
        // list of last 10 comments by this user
        $sidArray = array();
        if (sizeof($tids) > 0) {
            // first, get a list of all stories the current visitor has access to
            $sql = "SELECT sid FROM {$_TABLES['stories']} WHERE (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
            $result = DB_query($sql);
            $numsids = DB_numRows($result);
            for ($i = 1; $i <= $numsids; $i++) {
                $S = DB_fetchArray($result);
                $sidArray[] = $S['sid'];
        $sidList = implode("', '", $sidArray);
        $sidList = "'{$sidList}'";
        // then, find all comments by the user in those stories
        $sql = "SELECT sid,title,cid,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['comments']} WHERE (uid = '" . (int) $user . "') GROUP BY sid,title,cid,UNIX_TIMESTAMP(date)";
        // SQL NOTE:  Using a HAVING clause is usually faster than a where if the
        // field is part of the select
        // if (!empty ($sidList)) {
        //     $sql .= " AND (sid in ($sidList))";
        // }
        if (!empty($sidList)) {
            $sql .= " HAVING sid in ({$sidList})";
        $sql .= " ORDER BY unixdate DESC LIMIT 10";
        $result = DB_query($sql);
        $nrows = DB_numRows($result);
        if ($nrows > 0) {
            for ($i = 0; $i < $nrows; $i++) {
                $C = DB_fetchArray($result);
                $user_templates->set_var('cssid', $i % 2 + 1);
                $user_templates->set_var('row_number', $i + 1 . '.');
                $C['title'] = str_replace('$', '&#36;', $C['title']);
                $comment_url = $_CONF['site_url'] . '/comment.php?mode=view&amp;cid=' . $C['cid'];
                $user_templates->set_var('comment_title', COM_createLink($C['title'], $comment_url, array('class' => '')));
                $commenttime = COM_getUserDateTimeFormat($C['unixdate']);
                $user_templates->set_var('comment_date', $commenttime[0]);
                $user_templates->parse('comment_row', 'row', true);
        } else {
            $user_templates->set_var('comment_row', '<tr><td>' . $LANG01[29] . '</td></tr>');
    // posting stats for this user
    $user_templates->set_var('lang_number_stories', $LANG04[84]);
    $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (uid = " . (int) $user . ") AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL('AND');
    $result = DB_query($sql);
    $N = DB_fetchArray($result);
    $user_templates->set_var('number_stories', COM_numberFormat($N['count']));
    if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
        $user_templates->set_var('lang_number_comments', $LANG04[85]);
        $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['comments']} WHERE (uid = " . (int) $user . ")";
        if (!empty($sidList)) {
            $sql .= " AND (sid in ({$sidList}))";
        $result = DB_query($sql);
        $N = DB_fetchArray($result);
        $user_templates->set_var('number_comments', COM_numberFormat($N['count']));
        $user_templates->set_var('lang_all_postings_by', $LANG04[86] . ' ' . $display_name);
    // hook to the profile icon display
    $profileIcons = PLG_profileIconDisplay($user);
    if (is_array($profileIcons) && count($profileIcons) > 0) {
        $user_templates->set_block('profile', 'profileicon', 'pi');
        for ($x = 0; $x < count($profileIcons); $x++) {
            if (isset($profileIcons[$x]['url']) && $profileIcons[$x]['url'] != '' && isset($profileIcons[$x]['icon']) && $profileIcons[$x]['icon'] != '') {
                $user_templates->set_var('profile_icon_url', $profileIcons[$x]['url']);
                $user_templates->set_var('profile_icon_icon', $profileIcons[$x]['icon']);
                $user_templates->set_var('profile_icon_text', $profileIcons[$x]['text']);
                $user_templates->parse('pi', 'profileicon', true);
    // Call custom registration function if enabled and exists
    if ($_CONF['custom_registration'] && function_exists('CUSTOM_userDisplay')) {
        $user_templates->set_var('customfields', CUSTOM_userDisplay($user));
    PLG_profileVariablesDisplay($user, $user_templates);
    $user_templates->parse('output', 'profile');
    $retval .= $user_templates->finish($user_templates->get_var('output'));
    $retval .= PLG_profileBlocksDisplay($user);
    return $retval;
Exemplo n.º 26
  *   View the current order summary
  *   @param  boolean $final      Indicates that this order is final.
  *   @param  string  $tpl        "print" for a printable template
  *   @return string      HTML for order view
 public function View($final = false, $tpl = '')
     // canView should be handled by the caller
     if (!$this->canView()) {
         return '';
     $T = new Template(PAYPAL_PI_PATH . '/templates');
     if ($tpl == 'print') {
         $tpltype = '.print';
     } else {
         $tpltype = $_SYSTEM['framework'] == 'uikit' ? '.uikit' : '';
     $T->set_file('order', "order{$tpltype}.thtml");
     $isAdmin = SEC_hasRights('paypal.admin') ? true : false;
     foreach ($this->_addr_fields as $fldname) {
         $T->set_var($fldname, $this->{$fldname});
     $T->set_block('order', 'ItemRow', 'iRow');
     // Get the workflows so we sho the relevant info.
     if (!isset($_PP_CONF['workflows']) || !is_array($_PP_CONF['workflows'])) {
     foreach ($_PP_CONF['workflows'] as $key => $value) {
         $T->set_var('have_' . $value, 'true');
     $this->no_shipping = 1;
     // no shipping unless physical item ordered
     $subtotal = 0;
     foreach ($this->items as $key => $item) {
         $P = new Product($item['product_id']);
         $item_options = '';
         $opt = json_decode($item['options_text'], true);
         if ($opt) {
             foreach ($opt as $opt_str) {
                 $item_options .= "&nbsp;&nbsp;--&nbsp;{$opt_str}<br />\n";
         $item_total = $item['price'] * $item['quantity'];
         $subtotal += $item_total;
         $T->set_var(array('item_id' => htmlspecialchars($item['product_id']), 'item_descrip' => htmlspecialchars($item['description']), 'item_price' => COM_numberFormat($item['price'], 2), 'item_quantity' => (int) $item['quantity'], 'item_total' => COM_numberFormat($item_total, 2), 'item_options' => $item_options, 'is_admin' => $isAdmin ? 'true' : '', 'is_file' => $P->file != '' ? 'true' : ''));
         $T->parse('iRow', 'ItemRow', true);
         if ($item['data']['prod_type'] == PP_PROD_PHYSICAL) {
             $this->no_shipping = 0;
     $dt = new Date($this->order_date, $_CONF['timezone']);
     $total = $subtotal + $this->shipping + $this->handling + $this->tax;
     $T->set_var(array('pi_url' => PAYPAL_URL, 'is_admin' => $isAdmin ? 'true' : '', 'pi_admin_url' => PAYPAL_ADMIN_URL, 'total' => sprintf('%6.2f', $total), 'not_final' => $final ? '' : 'true', 'order_date' => $dt->format($_PP_CONF['datetime_fmt'], true), 'order_date_tip' => $dt->format($_PP_CONF['datetime_fmt'], false), 'order_number' => $this->order_id, 'shipping' => COM_numberFormat($this->shipping, 2), 'handling' => COM_numberFormat($this->handling, 2), 'tax' => COM_numberFormat($this->tax, 2), 'subtotal' => COM_numberFormat($subtotal, 2), 'have_billto' => 'true', 'have_shipto' => 'true', 'order_instr' => htmlspecialchars($this->instructions), 'shop_name' => $_PP_CONF['shop_name'], 'shop_addr' => $_PP_CONF['shop_addr']));
     if ($isAdmin) {
         $T->set_var(array('purch_name' => COM_getDisplayName($this->uid), 'purch_uid' => $this->uid, 'stat_update' => ppOrderStatus::Selection($this->order_id, 1, $this->status), 'status' => $this->status));
         $sql = "SELECT * FROM {$_TABLES['paypal.order_log']} WHERE order_id = '" . DB_escapeString($this->order_id) . "'";
         $res = DB_query($sql);
         $T->set_block('order', 'LogMessages', 'Log');
         while ($L = DB_fetchArray($res, false)) {
             $T->set_var(array('log_username' => $L['username'], 'log_msg' => $L['message'], 'log_ts' => $dt->format($_PP_CONF['datetime_fmt'], true), 'log_ts_tip' => $dt->format($_PP_CONF['datetime_fmt'], false)));
             $T->parse('Log', 'LogMessages', true);
     $status = $this->status;
     if ($this->pmt_method != '') {
         //if ($status & PP_STATUS_PAID) {
         if (USES_paypal_gateway($this->pmt_method)) {
             $gw = new $this->pmt_method();
             $pmt_method = $gw->Description();
         } else {
             $pmt_method = $this->pmt_method;
         $T->set_var(array('pmt_method' => $pmt_method, 'pmt_txn_id' => $this->pmt_txn_id));
     $T->parse('output', 'order');
     $form = $T->finish($T->get_var('output'));
     return $form;
Exemplo n.º 27
* Prepare a banner item for rendering
* @param    array   $A          banner details
* @param    ref     $template   reference of the banner template
function prepare_banner_item($A, &$template)
    $url = COM_buildUrl($_CONF['site_url'] . '/banner/portal.php?what=banner&amp;item=' . $A['bid']);
    $template->set_var('banner_url', $url);
    $template->set_var('banner_actual_url', $A['url']);
    $template->set_var('banner_actual_url_encoded', urlencode($A['url']));
    $template->set_var('banner_name', stripslashes($A['title']));
    $template->set_var('banner_name_encoded', urlencode($A['title']));
    $template->set_var('banner_hits', COM_numberFormat($A['hits']));
    $content = stripslashes($A['title']);
    $template->set_var('banner_html', $content);
    if (!COM_isAnonUser() && !SEC_hasRights('banner.edit')) {
        $reporturl = $_CONF['site_url'] . '/banner/index.php?mode=report&amp;bid=' . $A['bid'];
        $template->set_var('banner_broken', COM_createLink($LANG_BANNER[117], $reporturl, array('class' => 'pluginSmallText', 'rel' => 'nofollow')));
    } else {
        $template->set_var('banner_broken', '');
    $bannerimg = nl2br(stripslashes($A['description']));
    $flg_link = empty($A['url']) ? false : true;
    $banner = banner_buildBanner($A['bid'], $content, $bannerimg, $flg_link);
    $template->set_var('banner_description', $banner);
    if (SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3 && SEC_hasRights('banner.edit')) {
        $editurl = $_CONF['site_admin_url'] . '/plugins/banner/index.php?mode=edit&amp;bid=' . $A['bid'];
        $template->set_var('banner_edit', COM_createLink($LANG_ADMIN['edit'], $editurl));
        $edit_icon = "<img src=\"{$_CONF['layout_url']}/images/edit.{$_IMAGE_TYPE}\" " . "alt=\"{$LANG_ADMIN['edit']}\" title=\"{$LANG_ADMIN['edit']}\"" . XHTML . ">";
        $attr = array('class' => 'editlink');
        $template->set_var('edit_icon', COM_createLink($edit_icon, $editurl, $attr));
    } else {
        $template->set_var('banner_edit', '');
        $template->set_var('edit_icon', '');
Exemplo n.º 28
 function showSelectTree($depth)
     global $_CONF, $MG_albums, $level, $counter;
     $z = 1;
     $retval = '';
     $block = '';
     $px = ($level - 1) * 15;
     if ($this->id != 0 && $this->access > 0) {
         if ($level == 1 && $depth != 1) {
             // our first one...
             $retval .= '<p>';
         if (!empty($this->children)) {
             $retval .= "<script><!--\n                function enableBlock" . $this->id . "() {\n                   if ( document.galselect.elements['album[" . $this->id . "]'].checked ) {" . LB;
             if (!empty($this->children)) {
                 $children = $this->getChildren();
                 foreach ($children as $child) {
                     $retval .= "document.galselect.elements['album[" . $MG_albums[$child]->id . "]'].disabled = true;" . LB;
                     $retval .= "document.galselect.elements['album[" . $MG_albums[$child]->id . "]'].checked = true;" . LB;
             $retval .= LB . "} else {" . LB;
             if (!empty($this->children)) {
                 $children = $this->getChildren();
                 foreach ($children as $child) {
                     $retval .= "document.galselect.elements['album[" . $MG_albums[$child]->id . "]'].disabled = false;" . LB;
                     $retval .= "document.galselect.elements['album[" . $MG_albums[$child]->id . "]'].checked = false;" . LB;
             $retval .= "}" . LB;
             if (!empty($this->children)) {
                 $children = $this->getChildren();
                 foreach ($children as $child) {
                     if (!empty($MG_albums[$child]->children)) {
                         $retval .= 'enableBlock' . $MG_albums[$child]->id . '();' . LB;
             $retval .= LB . " }" . LB . "// -->" . LB . "</script>";
             $block = $this->id;
             $block = 'onclick="enableBlock' . $this->id . '()" onchange="enableBlock' . $this->id . '()"';
             if ($this->parent != 0) {
                 $block .= '';
             // $block .= ' disabled="enabled" ';
         } else {
             if ($this->parent != 0) {
                 $block = '';
             // $block = 'disabled="enabled"';
         if ($depth == 0) {
             $retval .= "<div style=\"margin-left:" . $px . "px;\">" . '<input type="checkbox" name="album[' . $this->id . ']" id="album[' . $this->id . ']" value="1" ' . $block . '>&nbsp;&nbsp;' . strip_tags($this->title) . ' (' . COM_numberFormat($this->album_disk_usage / 1024) . ' Kb)</div>' . LB;
         } else {
             if ($level <= $depth) {
                 $retval .= "<div style=\"margin-left:" . $px . "px;\">" . '<a href="' . $_CONF['site_url'] . '/mediagallery/album.php?aid=' . $this->id . '&amp;page=1">' . strip_tags($this->title) . '</a> (' . COM_numberFormat($this->album_disk_usage / 1024) . ' Kb)</div>';
     } else {
         if ($this->id == 0) {
             $retval .= '<br>';
     if (!empty($this->children)) {
         $children = $this->getChildren();
         foreach ($children as $child) {
             $retval .= $MG_albums[$child]->showSelectTree($depth);
     return $retval;
Exemplo n.º 29
 * Show topic administration form
 * @param    string  tid     ID of topic to edit
 * @return   string          HTML for the topic editor
function edittopic($tid = '')
    $retval = '';
    if (empty($tid)) {
        // new topic - set defaults
        $A = array('tid' => '', 'topic' => '', 'sortnum' => 0, 'parent_id' => TOPIC_ROOT, 'inherit' => 1, 'hidden' => 0, 'limitnews' => '', 'is_default' => 0, 'archive_flag' => 0);
    } else {
        $result = DB_query("SELECT * FROM {$_TABLES['topics']} WHERE tid ='{$tid}'");
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
        if ($access == 0 || $access == 2) {
            $retval .= COM_showMessageText($LANG27[13], $LANG27[12]);
            COM_accessLog("User {$_USER['username']} tried to illegally create or edit topic {$tid}.");
            return $retval;
    $token = SEC_createToken();
    $retval .= COM_startBlock($LANG27[1], '', COM_getBlockTemplate('_admin_block', 'header'));
    $retval .= SEC_getTokenExpiryNotice($token);
    if (!is_array($A) || empty($A['owner_id'])) {
        $A['owner_id'] = $_USER['uid'];
        // this is the one instance where we default the group
        // most topics should belong to the Topic Admin group
        if (isset($_GROUPS['Topic Admin'])) {
            $A['group_id'] = $_GROUPS['Topic Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('topic.edit');
        SEC_setDefaultPermissions($A, $_CONF['default_permissions_topic']);
        $access = 3;
    $topic_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/topic');
    $topic_templates->set_file('editor', 'topiceditor.thtml');
    if (!empty($tid) && SEC_hasRights('topic.edit')) {
        $delButton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsConfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $topic_templates->set_var('delete_option', sprintf($delButton, $jsConfirm));
        $topic_templates->set_var('delete_option_no_confirmation', sprintf($delButton, ''));
        $topic_templates->set_var('allow_delete', true);
        $topic_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
        $topic_templates->set_var('confirm_message', $MESSAGE[76]);
        $topic_templates->set_var('warning_msg', $LANG27[6]);
    if ($_CONF['titletoid'] && empty($tid)) {
        $_SCRIPTS->setJavaScriptFile('title_2_id', '/javascript/title_2_id.js');
        $topic_templates->set_var('titletoid', true);
    $topic_templates->set_var('lang_topicid', $LANG27[2]);
    $topic_templates->set_var('topic_id', $A['tid']);
    $topic_templates->set_var('lang_parent_id', $LANG27[32]);
    $topic_templates->set_var('parent_id_options', TOPIC_getTopicListSelect($A['parent_id'], 1, false, $A['tid'], true));
    $topic_templates->set_var('lang_inherit', $LANG27[33]);
    $topic_templates->set_var('lang_inherit_info', $LANG27[34]);
    if ($A['inherit'] == 1) {
        $topic_templates->set_var('inherit_checked', 'checked="checked"');
    } else {
        $topic_templates->set_var('inherit_checked', '');
    $topic_templates->set_var('lang_hidden', $LANG27[35]);
    $topic_templates->set_var('lang_hidden_info', $LANG27[36]);
    if ($A['hidden'] == 1) {
        $topic_templates->set_var('hidden_checked', 'checked="checked"');
    } else {
        $topic_templates->set_var('hidden_checked', '');
    $topic_templates->set_var('lang_donotusespaces', $LANG27[5]);
    $topic_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $topic_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($A['owner_id']);
    $topic_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"));
    $topic_templates->set_var('owner_name', $ownername);
    $topic_templates->set_var('owner', $ownername);
    $topic_templates->set_var('owner_id', $A['owner_id']);
    $topic_templates->set_var('lang_group', $LANG_ACCESS['group']);
    $topic_templates->set_var('lang_save', $LANG_ADMIN['save']);
    $topic_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $topic_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
    $topic_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $topic_templates->set_var('lang_permissions_key', $LANG_ACCESS['permissionskey']);
    $topic_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $topic_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
    $topic_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $topic_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
    // show sort order only if they specified sortnum as the sort method
    if ($_CONF['sortmethod'] !== 'alpha') {
        $topic_templates->set_var('lang_sortorder', $LANG27[10]);
        if ($A['sortnum'] == 0) {
            $A['sortnum'] = '';
        $topic_templates->set_var('sort_order', '<input type="text" size="5" maxlength="5" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>');
    } else {
        $topic_templates->set_var('lang_sortorder', $LANG27[14]);
        $topic_templates->set_var('sort_order', $LANG27[15] . '<input type="hidden" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>');
    $topic_templates->set_var('lang_storiesperpage', $LANG27[11]);
    if ($A['limitnews'] == 0) {
        $topic_templates->set_var('story_limit', '');
    } else {
        $topic_templates->set_var('story_limit', $A['limitnews']);
    $topic_templates->set_var('default_limit', $_CONF['limitnews']);
    $topic_templates->set_var('lang_defaultis', $LANG27[16]);
    $topic_templates->set_var('lang_topicname', $LANG27[3]);
    $topic_templates->set_var('topic_name', htmlspecialchars(stripslashes($A['topic']), ENT_QUOTES, COM_getEncodingt()));
    if (empty($A['tid'])) {
        $A['imageurl'] = '/images/topics/';
    $topic_templates->set_var('lang_topicimage', $LANG27[4]);
    $topic_templates->set_var('lang_uploadimage', $LANG27[27]);
    $topic_templates->set_var('lang_maxsize', $LANG27[28]);
    $topic_templates->set_var('icon_dimensions', $_CONF['max_topicicon_width'] . ' x ' . $_CONF['max_topicicon_height']);
    $topic_templates->set_var('max_url_length', 255);
    $topic_templates->set_var('image_url', $A['imageurl']);
    if (empty($_CONF['image_lib'])) {
        $scaling = $LANG04[162];
    } else {
        $scaling = $LANG04[161];
    $topic_templates->set_var('icon_max_dimensions', sprintf($LANG04[160], $_CONF['max_topicicon_width'], $_CONF['max_topicicon_height'], $_CONF['max_topicicon_size'], $scaling));
    $topic_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
    $topic_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
    if (!empty($A['meta_description'])) {
        $topic_templates->set_var('meta_description', $A['meta_description']);
    if (!empty($A['meta_keywords'])) {
        $topic_templates->set_var('meta_keywords', $A['meta_keywords']);
    if ($_CONF['meta_tags'] > 0) {
        $topic_templates->set_var('hide_meta', '');
    } else {
        $topic_templates->set_var('hide_meta', ' style="display:none;"');
    $topic_templates->set_var('lang_defaulttopic', $LANG27[22]);
    $topic_templates->set_var('lang_defaulttext', $LANG27[23]);
    if ($A['is_default'] == 1) {
        $topic_templates->set_var('default_checked', 'checked="checked"');
    } else {
        $topic_templates->set_var('default_checked', '');
    $topic_templates->set_var('lang_archivetopic', $LANG27[25]);
    $topic_templates->set_var('lang_archivetext', $LANG27[26]);
    $topic_templates->set_var('archive_disabled', '');
    if ($A['archive_flag'] == 1) {
        $topic_templates->set_var('archive_checked', 'checked="checked"');
    } else {
        $topic_templates->set_var('archive_checked', '');
        // Only 1 topic can be the archive topic - so check if there already is one
        if (DB_count($_TABLES['topics'], 'archive_flag', '1') > 0) {
            $topic_templates->set_var('archive_disabled', 'disabled');
    if (empty($tid)) {
        $num_stories = $LANG_ADMIN['na'];
    } else {
        $nResult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta WHERE ta.type = 'article' AND ta.id = sid AND ta.tid = '" . DB_escapeString($tid) . "'" . COM_getPermSql('AND'));
        $N = DB_fetchArray($nResult);
        $num_stories = COM_numberFormat($N['count']);
    $topic_templates->set_var('lang_num_stories', $LANG27[30]);
    $topic_templates->set_var('num_stories', $num_stories);
    $topic_templates->set_var('gltoken_name', CSRF_TOKEN);
    $topic_templates->set_var('gltoken', $token);
    $topic_templates->parse('output', 'editor');
    $retval .= $topic_templates->finish($topic_templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
Exemplo n.º 30
* Displays the static page form
* @param    array   $A      Data to display
* @param    string  $error  Error message to display
function PAGE_form($A, $error = false)
    global $_CONF, $_TABLES, $_USER, $_GROUPS, $_SP_CONF, $action, $sp_id, $LANG21, $LANG_STATIC, $LANG_ACCESS, $LANG_ADMIN, $LANG24, $LANG_postmodes, $MESSAGE;
    $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/staticpages/index.php', 'text' => $LANG_STATIC['page_list']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
    $template_path = staticpages_templatePath('admin');
    if (!empty($sp_id) && ($action == 'edit' || $action == 'clone')) {
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    } else {
        $A['owner_id'] = $_USER['uid'];
        if (isset($_GROUPS['staticpages Admin'])) {
            $A['group_id'] = $_GROUPS['staticpages Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('staticpages.edit');
        SEC_setDefaultPermissions($A, $_SP_CONF['default_permissions']);
        $access = 3;
    $retval = '';
    if (empty($A['owner_id'])) {
        $error = COM_startBlock($LANG_ACCESS['accessdenied'], '', COM_getBlockTemplate('_msg_block', 'header'));
        $error .= $LANG_STATIC['deny_msg'];
        $error .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
    if ($error) {
        $retval .= $error . '<br/><br/>';
    } else {
        $sp_template = new Template($template_path);
        $sp_template->set_file('form', 'editor.thtml');
        $sp_template->set_var('lang_mode', $LANG24[3]);
        $sp_template->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $A['commentcode']));
        $ownername = COM_getDisplayName($A['owner_id']);
        $sp_template->set_var(array('sp_search_checked' => $A['sp_search'] == 1 ? ' checked="checked"' : '', 'sp_status_checked' => $A['sp_status'] == 1 ? ' checked="checked"' : '', 'lang_accessrights' => $LANG_ACCESS['accessrights'], 'lang_owner' => $LANG_ACCESS['owner'], 'owner_username' => DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"), 'owner_name' => $ownername, 'owner' => $ownername, 'owner_id' => $A['owner_id'], 'lang_group' => $LANG_ACCESS['group'], 'group_dropdown' => SEC_getGroupDropdown($A['group_id'], $access), 'permissions_editor' => SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']), 'lang_permissions' => $LANG_ACCESS['permissions'], 'lang_perm_key' => $LANG_ACCESS['permissionskey'], 'permissions_msg' => $LANG_ACCESS['permmsg'], 'start_block_editor' => COM_startBlock($LANG_STATIC['staticpages'] . ' :: ' . $LANG_STATIC['staticpageeditor'], '', COM_getBlockTemplate('_admin_block', 'header')), 'lang_save' => $LANG_ADMIN['save'], 'lang_cancel' => $LANG_ADMIN['cancel'], 'lang_preview' => $LANG_ADMIN['preview'], 'lang_editor' => $LANG_STATIC['staticpageeditor'], 'lang_attributes' => $LANG_STATIC['attributes']));
        if (SEC_hasRights('staticpages.delete') && $action != 'clone' && !empty($A['sp_old_id'])) {
            $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="delete"%s/>';
            $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
            $sp_template->set_var('delete_option', sprintf($delbutton, $jsconfirm));
            $sp_template->set_var('delete_button', true);
            $sp_template->set_var('lang_delete_confirm', $MESSAGE[76]);
            $sp_template->set_var('lang_delete', $LANG_ADMIN['delete']);
            $sp_template->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
        } else {
            $sp_template->set_var('delete_option', '');
        $sp_template->set_var('lang_writtenby', $LANG_STATIC['writtenby']);
        $sp_template->set_var('username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['sp_uid']}"));
        $authorname = COM_getDisplayName($A['sp_uid']);
        $sp_template->set_var('name', $authorname);
        $sp_template->set_var('author', $authorname);
        $sp_template->set_var('lang_url', $LANG_STATIC['url']);
        $sp_template->set_var('lang_id', $LANG_STATIC['id']);
        $sp_template->set_var('sp_uid', $A['sp_uid']);
        $sp_template->set_var('sp_id', $A['sp_id']);
        $sp_template->set_var('sp_old_id', $A['sp_old_id']);
        $sp_template->set_var('example_url', COM_buildURL($_CONF['site_url'] . '/page.php?page=' . $A['sp_id']));
        $sp_template->set_var('lang_centerblock', $LANG_STATIC['centerblock']);
        $sp_template->set_var('lang_centerblock_help', $LANG_ADMIN['help_url']);
        $sp_template->set_var('lang_centerblock_include', $LANG21[51]);
        $sp_template->set_var('lang_centerblock_desc', $LANG21[52]);
        $sp_template->set_var('centerblock_help', $A['sp_help']);
        $sp_template->set_var('lang_centerblock_msg', $LANG_STATIC['centerblock_msg']);
        if (isset($A['sp_centerblock']) && $A['sp_centerblock'] == 1) {
            $sp_template->set_var('centerblock_checked', 'checked="checked"');
        } else {
            $sp_template->set_var('centerblock_checked', '');
        $sp_template->set_var('lang_topic', $LANG_STATIC['topic']);
        $sp_template->set_var('lang_position', $LANG_STATIC['position']);
        $current_topic = '';
        if (isset($A['sp_tid'])) {
            $current_topic = $A['sp_tid'];
        if (empty($current_topic)) {
            $current_topic = 'none';
        $topics = COM_topicList('tid,topic', $current_topic, 1, true);
        $alltopics = '<option value="all"';
        if ($current_topic == 'all') {
            $alltopics .= ' selected="selected"';
        $alltopics .= '>' . $LANG_STATIC['all_topics'] . '</option>' . LB;
        $allnhp = '<option value="allnhp"';
        if ($current_topic == 'allnhp') {
            $allnhp .= ' selected="selected"';
        $allnhp .= '>' . $LANG_STATIC['allnhp_topics'] . '</option>' . LB;
        $notopic = '<option value="none"';
        if ($current_topic == 'none') {
            $notopic .= ' selected="selected"';
        $notopic .= '>' . $LANG_STATIC['no_topic'] . '</option>' . LB;
        $sp_template->set_var('topic_selection', '<select name="sp_tid">' . $alltopics . $allnhp . $notopic . $topics . '</select>');
        $position = '<select name="sp_where">';
        $position .= '<option value="1"';
        if ($A['sp_where'] == 1) {
            $position .= ' selected="selected"';
        $position .= '>' . $LANG_STATIC['position_top'] . '</option>';
        $position .= '<option value="2"';
        if ($A['sp_where'] == 2) {
            $position .= ' selected="selected"';
        $position .= '>' . $LANG_STATIC['position_feat'] . '</option>';
        $position .= '<option value="3"';
        if ($A['sp_where'] == 3) {
            $position .= ' selected="selected"';
        $position .= '>' . $LANG_STATIC['position_bottom'] . '</option>';
        $position .= '<option value="0"';
        if ($A['sp_where'] == 0) {
            $position .= ' selected="selected"';
        $position .= '>' . $LANG_STATIC['position_entire'] . '</option>';
        $position .= '<option value="4"';
        if ($A['sp_where'] == 4) {
            $position .= ' selected="selected"';
        $position .= '>' . $LANG_STATIC['position_nonews'] . '</option>';
        $position .= '</select>';
        $sp_template->set_var('pos_selection', $position);
        if ($_SP_CONF['allow_php'] == 1 && SEC_hasRights('staticpages.PHP')) {
            if (!isset($A['sp_php'])) {
                $A['sp_php'] = 0;
            $selection = '<select name="sp_php">' . LB;
            $selection .= '<option value="0"';
            if ($A['sp_php'] <= 0 || $A['sp_php'] > 2) {
                $selection .= ' selected="selected"';
            $selection .= '>' . $LANG_STATIC['select_php_none'] . '</option>' . LB;
            $selection .= '<option value="1"';
            if ($A['sp_php'] == 1) {
                $selection .= ' selected="selected"';
            $selection .= '>' . $LANG_STATIC['select_php_return'] . '</option>' . LB;
            $selection .= '<option value="2"';
            if ($A['sp_php'] == 2) {
                $selection .= ' selected="selected"';
            $selection .= '>' . $LANG_STATIC['select_php_free'] . '</option>' . LB;
            $selection .= '</select>';
            $sp_template->set_var('php_selector', $selection);
            $sp_template->set_var('php_warn', $LANG_STATIC['php_warn']);
        } else {
            $sp_template->set_var('php_selector', '');
            $sp_template->set_var('php_warn', $LANG_STATIC['php_not_activated']);
        $sp_template->set_var('php_msg', $LANG_STATIC['php_msg']);
        // old variables (for the 1.3-type checkbox)
        $sp_template->set_var('php_checked', '');
        $sp_template->set_var('php_type', 'hidden');
        if (isset($A['sp_nf']) && $A['sp_nf'] == 1) {
            $sp_template->set_var('exit_checked', 'checked="checked"');
        } else {
            $sp_template->set_var('exit_checked', '');
        $sp_template->set_var('exit_msg', $LANG_STATIC['exit_msg']);
        $sp_template->set_var('exit_info', $LANG_STATIC['exit_info']);
        if (isset($A['sp_inblock']) && $A['sp_inblock'] == 1) {
            $sp_template->set_var('inblock_checked', 'checked="checked"');
        } else {
            $sp_template->set_var('inblock_checked', '');
        $sp_template->set_var('inblock_msg', $LANG_STATIC['inblock_msg']);
        $sp_template->set_var('inblock_info', $LANG_STATIC['inblock_info']);
        $curtime = COM_getUserDateTimeFormat($A['unixdate']);
        $sp_template->set_var('lang_lastupdated', $LANG_STATIC['date']);
        $sp_template->set_var('sp_formateddate', $curtime[0]);
        $sp_template->set_var('sp_date', $curtime[1]);
        $sp_template->set_var('lang_title', $LANG_STATIC['title']);
        $title = '';
        if (isset($A['sp_title'])) {
            $title = htmlspecialchars($A['sp_title']);
        $sp_template->set_var('sp_title', $title);
        $sp_template->set_var('lang_addtomenu', $LANG_STATIC['addtomenu']);
        if (isset($A['sp_onmenu']) && $A['sp_onmenu'] == 1) {
            $sp_template->set_var('onmenu_checked', 'checked="checked"');
        } else {
            $sp_template->set_var('onmenu_checked', '');
        $sp_template->set_var('lang_label', $LANG_STATIC['label']);
        if (isset($A['sp_label'])) {
            $sp_template->set_var('sp_label', $A['sp_label']);
        } else {
            $sp_template->set_var('sp_label', '');
        $sp_template->set_var('lang_pageformat', $LANG_STATIC['pageformat']);
        $sp_template->set_var('lang_blankpage', $LANG_STATIC['blankpage']);
        $sp_template->set_var('lang_noblocks', $LANG_STATIC['noblocks']);
        $sp_template->set_var('lang_leftblocks', $LANG_STATIC['leftblocks']);
        $sp_template->set_var('lang_rightblocks', $LANG_STATIC['rightblocks']);
        $sp_template->set_var('lang_leftrightblocks', $LANG_STATIC['leftrightblocks']);
        if (!isset($A['sp_format'])) {
            $A['sp_format'] = '';
        if ($A['sp_format'] == 'noblocks') {
            $sp_template->set_var('noblock_selected', 'selected="selected"');
        } else {
            $sp_template->set_var('noblock_selected', '');
        if ($A['sp_format'] == 'leftblocks') {
            $sp_template->set_var('leftblocks_selected', 'selected="selected"');
        } else {
            $sp_template->set_var('leftblocks_selected', '');
        if ($A['sp_format'] == 'rightblocks') {
            $sp_template->set_var('rightblocks_selected', 'selected="selected"');
        } else {
            $sp_template->set_var('rightblocks_selected', '');
        if ($A['sp_format'] == 'blankpage') {
            $sp_template->set_var('blankpage_selected', 'selected="selected"');
        } else {
            $sp_template->set_var('blankpage_selected', '');
        if ($A['sp_format'] == 'allblocks' or empty($A['sp_format'])) {
            $sp_template->set_var('allblocks_selected', 'selected="selected"');
        } else {
            $sp_template->set_var('allblocks_selected', '');
        $sp_template->set_var('lang_content', $LANG_STATIC['content']);
        $content = '';
        if (isset($A['sp_content'])) {
            $content = htmlspecialchars($A['sp_content']);
        $sp_template->set_var('sp_content', $content);
        if ($_SP_CONF['filter_html'] == 1) {
            $sp_template->set_var('lang_allowedhtml', COM_allowedHTML(SEC_getUserPermissions(), false, 'staticpages', 'page'));
        } else {
            $sp_template->set_var('lang_allowedhtml', $LANG_STATIC['all_html_allowed']);
        $sp_template->set_var('lang_hits', $LANG_STATIC['hits']);
        if (empty($A['sp_hits'])) {
            $sp_template->set_var('sp_hits', '0');
            $sp_template->set_var('sp_hits_formatted', '0');
        } else {
            $sp_template->set_var('sp_hits', $A['sp_hits']);
            $sp_template->set_var('sp_hits_formatted', COM_numberFormat($A['sp_hits']));
        $sp_template->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
        $sp_template->set_var('owner_dropdown', COM_buildOwnerList('owner_id', $A['owner_id']));
        $sp_template->set_var('writtenby_dropdown', COM_buildOwnerList('sp_uid', $A['sp_uid']));
        $sp_template->set_var('gltoken_name', CSRF_TOKEN);
        $sp_template->set_var('gltoken', SEC_createToken());
        $sp_template->set_var('admin_menu', ADMIN_createMenu($menu_arr, $LANG_STATIC['instructions_edit'], plugin_geticon_staticpages()));
        PLG_templateSetVars('sp_editor', $sp_template);
        $retval .= $sp_template->parse('output', 'form');
    return $retval;