/** * @param string $sql SQL with ordering As value and 'name field' AS text * @param int $chop The length of the truncated headline * @param boolean $translate translate to CB language * @return array of makeOption * @access private */ function _cbGetOrderingList( $sql, $chop = 30, $translate = true ) { global $_CB_database; $order = array(); $_CB_database->setQuery( $sql ); $orders = $_CB_database->loadObjectList(); if ( $_CB_database->getErrorNum() ) { echo $_CB_database->stderr(); return false; } if ( count( $orders ) == 0 ) { $order[] = moscomprofilerHTML::makeOption( 1, CBTxt::T('first') ); return $order; } $order[] = moscomprofilerHTML::makeOption( 0, '0 ' . CBTxt::T('first') ); for ( $i=0, $n = count( $orders ); $i < $n; $i++ ) { if ( $translate ) { $text = getLangDefinition( $orders[$i]->text ); } else { $text = $orders[$i]->text; } if ( cbIsoUtf_strlen( $text ) > $chop ) { $text = cbIsoUtf_substr( $text, 0, $chop ) . '...'; } $order[] = moscomprofilerHTML::makeOption( $orders[$i]->value, $orders[$i]->value . ' (' . $text . ')' ); } if ( isset( $orders[$i - 1] ) ) { $order[] = moscomprofilerHTML::makeOption( $orders[$i - 1]->value + 1, ( $orders[$i - 1]->value + 1 ) . ' ' . CBTxt::T('last') ); } return $order; }
/** * Validator: * Validates $value for $field->required and other rules * Override * * @param FieldTable $field * @param UserTable $user RETURNED populated: touch only variables related to saving this field (also when not validating for showing re-edit) * @param string $columnName Column to validate * @param string $value (RETURNED:) Value to validate, Returned Modified if needed ! * @param array $postdata Typically $_POST (but not necessarily), filtering required. * @param string $reason 'edit' for save user edit, 'register' for save registration * @return boolean True if validate, $this->_setErrorMSG if False */ public function validate(&$field, &$user, $columnName, &$value, &$postdata, $reason) { global $_CB_framework, $ueConfig; if ($_CB_framework->getUi() == 1 || $_CB_framework->getUi() == 2 && $ueConfig['adminrequiredfields'] == 1) { // Required field: if ($field->required == 1 && $value == '') { $this->_setValidationError($field, $user, $reason, CBTxt::T('UE_REQUIRED_ERROR', 'This field is required!')); return false; } $len = cbIsoUtf_strlen($value); // Minimum field length: $fieldMinLength = $this->getMinLength($field); if ($len > 0 && $len < $fieldMinLength) { $this->_setValidationError($field, $user, $reason, CBTxt::T('UE_VALIDATE_ERROR_MIN_CHARS_PLEASE', 'Please enter a valid [FIELDNAME]: at least ||%%NUMBERCHARSREQUIRED%% character|%%NUMBERCHARSREQUIRED%% characters||: you entered ||%%NUMBERCHARSENTERED%% character.|%%NUMBERCHARSENTERED%% characters.', array('[FIELDNAME]' => $this->getFieldTitle($field, $user, 'text', $reason), '%%NUMBERCHARSREQUIRED%%' => $fieldMinLength, '%%NUMBERCHARSENTERED%%' => $len))); return false; } // Maximum field length: $fieldMaxLength = $this->getMaxLength($field); if ($fieldMaxLength && $len > $fieldMaxLength) { $this->_setValidationError($field, $user, $reason, CBTxt::T('UE_VALIDATE_ERROR_MAX_CHARS_PLEASE', 'Please enter a valid [FIELDNAME]: maximum ||%%NUMBERCHARSREQUIRED%% character|%%NUMBERCHARSREQUIRED%% characters||: you entered ||%%NUMBERCHARSENTERED%% character.|%%NUMBERCHARSENTERED%% characters.', array('[FIELDNAME]' => $this->getFieldTitle($field, $user, 'text', $reason), '%%NUMBERCHARSREQUIRED%%' => $fieldMaxLength, '%%NUMBERCHARSENTERED%%' => $len))); return false; } // Bad words: if ($reason == 'register' && in_array($field->type, array('emailaddress', 'primaryemailaddress', 'textarea', 'text', 'webaddress', 'predefined'))) { $defaultForbidden = 'http:,https:,mailto:,//.[url],<a,</a>,&#'; } else { $defaultForbidden = ''; } $forbiddenContent = $field->params->get('fieldValidateForbiddenList_' . $reason, $defaultForbidden); if ($forbiddenContent != '') { $forbiddenContent = explode(',', $forbiddenContent); if (in_array('', $forbiddenContent, true)) { // treats case of ',,' or ',,,' to also forbid ',' if in string. $forbiddenContent[] = ','; } for ($i = 0, $n = count($forbiddenContent); $i < $n; $i++) { $forbiddenContent[$i] = preg_quote($forbiddenContent[$i], '/'); } $replaced = preg_replace('/' . implode('|', $forbiddenContent) . '/i', '', $value); if ($replaced != $value) { $this->_setValidationError($field, $user, $reason, CBTxt::T('UE_INPUT_VALUE_NOT_ALLOWED', 'This input value is not authorized.')); return false; } } } return true; }
/** * returns plugins xml version * * @param null|PluginTable|int $plugin The plugin id or object to check version for * @param bool $raw 1/True: version only (no farm), 0/False: Formatted version (green/red/shortened), 2: array of version information ( $version, $latestVersion, $isLatest, $latestURL ) * @param int $duration The duration to cache the plugin version xml file (null/0 for no limit) * @param int $length The maximum version length to display (null/0 for no limit) * @return null|string */ public function getPluginVersion($plugin, $raw = false, $duration = 24, $length = 0) { global $_CB_framework, $ueConfig; cbimport('cb.snoopy'); static $plgVersions = null; if ($plgVersions === null) { $cacheFile = $_CB_framework->getCfg('absolute_path') . '/cache/cbpluginsversions.xml'; $plgVersionsXML = null; if (file_exists($cacheFile)) { if (!$duration || intval(($_CB_framework->now() - filemtime($cacheFile)) / 3600) > $duration) { $request = true; } else { $plgVersionsXML = new SimpleXMLElement(trim(file_get_contents($cacheFile))); $request = false; } } else { $request = true; } if ($request) { $s = new CBSnoopy(); $s->read_timeout = 30; $s->referer = $_CB_framework->getCfg('live_site'); @$s->fetch('http://update.joomlapolis.net/cbpluginsversions20.xml'); if ((int) $s->status == 200) { try { $plgVersionsXML = new SimpleXMLElement($s->results); $plgVersionsXML->saveXML($cacheFile); } catch (Exception $e) { } } } if ($plgVersionsXML) { $plgVersions = $plgVersionsXML->getElementByPath('cb_plugins/' . (checkJversion() >= 2 ? 'j30' : 'j15')); } else { $plgVersions = false; } } $plugin = $this->getCachedPluginObject($plugin); if (!$plugin) { return $raw === 2 ? array(null, null, null, null) : null; } static $cache = array(); $pluginId = (int) $plugin->id; if (!isset($cache[$pluginId][$raw])) { $xmlFile = $this->getPluginXmlPath($plugin); $version = null; $latestVersion = null; $isLatest = null; $latestURL = null; if (file_exists($xmlFile)) { try { $xml = new SimpleXMLElement(trim(file_get_contents($xmlFile))); } catch (\Exception $e) { $xml = null; echo "{$xmlFile} not an XML file!!!"; } if ($xml !== null) { $ver = null; if (isset($xml->release)) { // New release XML variable used by incubator projects: $ver = $xml->release; } elseif (isset($xml->cbsubsversion)) { // CBSubs plugin versions are same as the CBSubs version; lets grab them: $cbsubsVer = $xml->cbsubsversion->attributes(); if (isset($cbsubsVer['version'])) { $ver = $cbsubsVer['version']; } } elseif (isset($xml->description)) { // Attempt to parse plugin description for a version using logical naming: if (preg_match('/(?:plugin|field|fieldtype|ver|version|' . preg_quote($plugin->name) . ') ((?:[0-9]+(?:\\.)?(?:(?: )?RC)?(?:(?: )?B)?(?:(?: )?BETA)?)+)/i', $xml->description, $matches)) { $ver = $matches[1]; } } // Check if version was found; if it was lets clean it up: if ($ver) { if (preg_match('/^\\d+(\\.\\d+)+(-[a-z]+\\.\\d+)?(\\+\\w)?$/', $ver)) { $version = $ver; } else { $version = preg_replace('/\\.*([a-zA-Z]+)\\.*/i', '.$1.', preg_replace('/^[a-zA-Z]+/i', '', str_replace(array('-', '_', '+'), '.', str_replace(' ', '', strtoupper($ver))))); } if (is_integer($version)) { $version = implode('.', str_split($version)); } elseif (preg_match('/^(\\d{2,})(\\.[a-zA-Z].+)/i', $version, $matches)) { $version = implode('.', str_split($matches[1])) . $matches[2]; } $version = trim(str_replace('..', '.', $version), '.'); // Encase the version is too long lets cut it short for readability and display full version as mouseover title: if ($version && $length && cbIsoUtf_strlen($version) > $length) { $versionName = rtrim(trim(cbIsoUtf_substr($version, 0, $length)), '.') . '…'; $versionShort = true; } else { $versionName = $version; $versionShort = false; } // Lets try and parse out latest version and latest url from versions xml data: if ($plgVersions) { foreach ($plgVersions as $plgVersion) { $plgName = (string) $plgVersion->name; $plgFile = (string) $plgVersion->file; if ($plgName == $plugin->name || strpos($plgName, $plugin->name) !== false || strpos($plgFile, $plugin->folder) !== false) { $latestVersion = (string) $plgVersion->version; $latestURL = (string) $plgVersion->url; } } } if ($latestVersion) { if (version_compare($version, $latestVersion) >= 0) { $isLatest = true; } else { $isLatest = false; } } // Format version display: if (!$raw) { if ($latestVersion) { if ($isLatest) { $version = '<span class="text-success"' . ($versionShort ? ' title="' . htmlspecialchars($version) . '"' : null) . '><strong>' . $versionName . '</strong></span>'; } else { $version = '<span class="text-danger" title="' . htmlspecialchars($latestVersion) . '"><strong>' . $versionName . '</strong></span>'; if ($latestURL) { $version = '<a href="' . htmlspecialchars($latestURL) . '" target="_blank">' . $version . '</a>'; } } } else { if ($versionShort) { $version = '<span title="' . htmlspecialchars($version) . '">' . $versionName . '</span>'; } else { $version = $versionName; } } } } } } if (!$version && !$raw) { if ($plugin->iscore) { // core plugins are same version as CB it self: if ($length && cbIsoUtf_strlen($ueConfig['version']) > $length) { $version = '<span title="' . htmlspecialchars($ueConfig['version']) . '">' . rtrim(trim(cbIsoUtf_substr($ueConfig['version'], 0, $length)), '.') . '…</span>'; } else { $version = $ueConfig['version']; } } else { $version = '-'; } } if ($raw === 2) { $version = array($version, $latestVersion, $isLatest, $latestURL); } $cache[$pluginId][$raw] = $version; } return $cache[$pluginId][$raw]; }
/** * Prepares field data for saving to database (safe transfer from $postdata to $user) * Override * * @param FieldTable $field * @param UserTable $user RETURNED populated: touch only variables related to saving this field (also when not validating for showing re-edit) * @param array $postdata Typically $_POST (but not necessarily), filtering required. * @param string $reason 'edit' for save profile edit, 'register' for registration, 'search' for searches */ public function prepareFieldDataSave(&$field, &$user, &$postdata, $reason) { global $_CB_framework, $ueConfig; $this->_prepareFieldMetaSave($field, $user, $postdata, $reason); // For CB main password don't save if it's on registration and passwords are auto-generated. if ($reason == 'register' && $field->name == 'password') { if (isset($ueConfig['emailpass']) && $ueConfig['emailpass'] == "1") { return; } } foreach ($field->getTableColumns() as $col) { $value = stripslashes(cbGetParam($postdata, $col, '', _CB_ALLOWRAW)); $valueVerify = stripslashes(cbGetParam($postdata, $col . '__verify', '', _CB_ALLOWRAW)); $fieldRequired = $field->required; if ($reason == 'edit' && $user->id != 0 && ($user->{$col} || $field->name == 'password') || $_CB_framework->getUi() == 2) { $field->required = 0; } $this->validate($field, $user, $col, $value, $postdata, $reason); if ($reason == 'edit' && $user->id != 0 && ($user->{$col} || $field->name == 'password') || $_CB_framework->getUi() == 2) { $field->required = $fieldRequired; } $fieldMinLength = $this->getMinLength($field); $user->{$col} = null; // don't update unchanged (hashed) passwords unless typed-in and all validates: if ($value) { if (cbIsoUtf_strlen($value) < $fieldMinLength) { $this->_setValidationError($field, $user, $reason, sprintf(CBTxt::T('UE_VALID_PASS_CHARS', 'Please enter a valid %s. No spaces, at least %s characters and contain lower and upper-case letters, numbers and special signs'), CBTxt::T('UE_PASS', 'Password'), $fieldMinLength)); } elseif ($field->params->get('fieldVerifyInput', 1) && $value != $valueVerify) { $this->_setValidationError($field, $user, $reason, CBTxt::T('UE_REGWARN_VPASS2', 'Password and verification do not match, please try again.')); } else { // There is no event for password changes on purpose here ! $user->{$col} = $value; // store only if validated } } } }
/** * Validator: * Validates $value for $field->required and other rules * Override * * @param moscomprofilerFields $field * @param moscomprofilerUser $user RETURNED populated: touch only variables related to saving this field (also when not validating for showing re-edit) * @param string $columnName Column to validate * @param string $value (RETURNED:) Value to validate, Returned Modified if needed ! * @param array $postdata Typically $_POST (but not necessarily), filtering required. * @param string $reason 'edit' for save user edit, 'register' for save registration * @return boolean True if validate, $this->_setErrorMSG if False */ function validate(&$field, &$user, $columnName, &$value, &$postdata, $reason) { global $_CB_framework, $ueConfig; if ($_CB_framework->getUi() == 1 || $_CB_framework->getUi() == 2 && $ueConfig['adminrequiredfields'] == 1) { // Required field: if ($field->required == 1 && $value == '') { $this->_setValidationError($field, $user, $reason, cbUnHtmlspecialchars(_UE_REQUIRED_ERROR)); return false; } $len = cbIsoUtf_strlen($value); // Minimum field length: $fieldMinLength = $this->getMinLength($field); if ($len > 0 && $len < $fieldMinLength) { $this->_setValidationError($field, $user, $reason, sprintf(_UE_VALID_MIN_LENGTH, $this->getFieldTitle($field, $user, 'text', $reason), $fieldMinLength, $len)); return false; } // Maximum field length: $fieldMaxLength = $this->getMaxLength($field); if ($fieldMaxLength && $len > $fieldMaxLength) { $this->_setValidationError($field, $user, $reason, sprintf(_UE_VALID_MAX_LENGTH, $this->getFieldTitle($field, $user, 'text', $reason), $fieldMaxLength, $len)); return false; } // Bad words: if ($reason == 'register' && in_array($field->type, array('emailaddress', 'primaryemailaddress', 'textarea', 'text', 'webaddress', 'predefined'))) { $defaultForbidden = 'http:,https:,mailto:,//.[url],<a,</a>,&#'; } else { $defaultForbidden = ''; } $forbiddenContent = $field->params->get('fieldValidateForbiddenList_' . $reason, $defaultForbidden); if ($forbiddenContent != '') { $forbiddenContent = explode(',', $forbiddenContent); if (in_array('', $forbiddenContent, true)) { // treats case of ',,' or ',,,' to also forbid ',' if in string. $forbiddenContent[] = ','; } for ($i = 0, $n = count($forbiddenContent); $i < $n; $i++) { $forbiddenContent[$i] = preg_quote($forbiddenContent[$i], '/'); } $replaced = preg_replace('/' . implode('|', $forbiddenContent) . '/i', '', $value); if ($replaced != $value) { $this->_setValidationError($field, $user, $reason, _UE_INPUT_VALUE_NOT_ALLOWED); return false; } } } return true; }
/** * Generic function to get an array of option values for lists, radios, checkboxes params and filter fields: * * @param SimpleXMLElement $o * @param string $basetype RETURNED: base type * @param string $valueType RETURNED: valuetype type * @return array|null */ protected function _getFieldValues(&$o, &$basetype, &$valueType) { $valueType = $o->attributes('valuetype'); $fieldValuesInDb = null; $this->registryEditVew->resolveXmlParamType($o); if ($o->attributes('base')) { $basetype = $o->attributes('base'); } else { $basetype = $o->attributes('type'); } switch ($o->attributes('type')) { case 'data': $data = $o->getElementByPath('data'); if ($data) { $dataTable = $data->attributes('table'); if (!$dataTable) { $dataTable = $this->table; } $xmlsql = new XmlQuery($this->_db, $dataTable, $this->_pluginParams); $xmlsql->process_orderby($data->getElementByPath('orderby')); // <data><orderby><field> fields $xmlsql->process_fields($data->getElementByPath('rows')); // <data><rows><field> fields $xmlsql->process_where($data->getElementByPath('where')); // <data><where><column> fields $groupby = $data->getElementByPath('groupby'); $xmlsql->process_groupby($groupby ? $groupby : 'value'); // <data><groupby><field> fields $fieldValuesInDb = $xmlsql->queryLoadObjectsList($data); // get the records // check for type="firstwords": $rows = $data->getElementByPath('rows'); /** @var $rows SimpleXMLElement|null */ if ($rows) { $textField = $rows->getChildByNameAttr('field', 'as', 'text'); /** @var $textField SimpleXMLElement|null */ if ($textField) { if ($textField->attributes('type') == 'firstwords') { $size = $textField->attributes('size'); if (!$size) { $size = 45; } foreach (array_keys($fieldValuesInDb) as $k) { $strippedContent = trim($fieldValuesInDb[$k]->text); if (cbIsoUtf_strlen($strippedContent) > $size) { $strippedContent = cbIsoUtf_substr($strippedContent, 0, $size) . '...'; } $fieldValuesInDb[$k]->text = $strippedContent; } } } } $data->addAttribute('dataprocessed', 'true'); } else { // echo 'filter type is data but no child data present !'; $fieldName = $o->attributes('name'); if ($o->attributes('value')) { $valueFieldName = $o->attributes('value'); } else { $valueFieldName = $fieldName; } $dataTable = $o->attributes('table'); if (!$dataTable) { $dataTable = $this->table; } $data = new SimpleXMLElement(<<<EOT <?xml version="1.0" encoding="UTF-8"?> <table table="{$dataTable}"> \t<rows> \t\t<field name="{$valueFieldName}" as="value" type="sql:field" /> \t\t<field name="{$fieldName}" as="text" type="sql:field" /> \t</rows> \t<orderby> \t\t<field name="{$fieldName}" ordering="ASC" /> \t</orderby> \t<groupby> \t\t<field name="{$fieldName}" /> \t</groupby> </table> EOT ); $xmlsql = new XmlQuery($this->_db, $dataTable, $this->_pluginParams); $xmlsql->process_orderby($data->getElementByPath('orderby')); // <data><orderby><field> fields $xmlsql->process_fields($data->getElementByPath('rows')); // <data><rows><field> fields $xmlsql->process_where($data->getElementByPath('where')); // <data><where><column> fields $groupby = $data->getElementByPath('groupby'); $xmlsql->process_groupby($groupby ? $groupby : 'value'); // <data><groupby><field> fields $fieldValuesInDb = $xmlsql->queryLoadObjectsList($data); // get the records } break; case 'field_show_only_if_selected': break; case 'list': case 'radio': case 'checkbox': case 'checkmark': case 'published': case 'usergroup': case 'viewaccesslevel': case 'tag': foreach ($o->children() as $option) { /** @var $option SimpleXMLElement */ if ($option->getName() == 'option') { $hasIndex = $option->attributes('index') !== '' && $option->attributes('index') !== null; $selObj = new \stdClass(); $selObj->value = $hasIndex ? $option->attributes('index') : $option->attributes('value'); if ($hasIndex) { $selObj->internalvalue = $option->attributes('value'); } $selObj->operator = $option->attributes('operator'); $selObj->text = $option->data(); $fieldValuesInDb[] = $selObj; } } break; case 'field': global $_CB_database; $where = array(); $where[] = "f." . $_CB_database->NameQuote('published') . " = 1"; $where[] = "f." . $_CB_database->NameQuote('name') . " != " . $_CB_database->Quote('NA'); $query = "SELECT f." . $_CB_database->NameQuote('fieldid') . " AS value" . ", f." . $_CB_database->NameQuote('name') . ' AS ' . $_CB_database->NameQuote('index') . ", f." . $_CB_database->NameQuote('title') . ' AS ' . $_CB_database->NameQuote('text') . ", f." . $_CB_database->NameQuote('table') . ' AS ' . $_CB_database->NameQuote('table') . ", " . $_CB_database->Quote('id') . ' AS ' . $_CB_database->NameQuote('table_key') . ", " . $_CB_database->Quote('=') . " AS operator" . "\n FROM " . $_CB_database->NameQuote('#__comprofiler_fields') . " AS f" . "\n LEFT JOIN " . $_CB_database->NameQuote('#__comprofiler_tabs') . " AS t" . " ON t." . $_CB_database->NameQuote('tabid') . " = f." . $_CB_database->NameQuote('tabid') . "\n WHERE " . implode("\n AND ", $where) . "\n ORDER BY t." . $_CB_database->NameQuote('position') . ", t." . $_CB_database->NameQuote('ordering') . ", f." . $_CB_database->NameQuote('ordering'); $_CB_database->setQuery($query); $fieldValuesInDb = $_CB_database->loadObjectList(); break; default: if (substr($o->attributes('type'), 0, 4) == 'sql:') { // get list for dropdown filter $fieldName = $o->attributes('name'); if ($o->attributes('value')) { $valueFieldName = $o->attributes('value'); } else { $valueFieldName = $fieldName; } $dataTable = $o->attributes('table'); if (!$dataTable) { $dataTable = $this->table; } $data = new SimpleXMLElement(<<<EOT <?xml version="1.0" encoding="UTF-8"?> <table table="{$dataTable}"> \t<rows> \t\t<field name="{$valueFieldName}" as="value" type="sql:field" /> \t\t<field name="{$fieldName}" as="text" type="sql:field" /> \t</rows> \t<orderby> \t\t<field name="{$fieldName}" ordering="ASC" /> \t</orderby> \t<groupby> \t\t<field name="{$fieldName}" /> \t</groupby> </table> EOT ); $xmlsql = new XmlQuery($this->_db, $dataTable, $this->_pluginParams); $xmlsql->process_orderby($data->getElementByPath('orderby')); // <data><orderby><field> fields $xmlsql->process_fields($data->getElementByPath('rows')); // <data><rows><field> fields $xmlsql->process_where($data->getElementByPath('where')); // <data><where><column> fields $groupby = $data->getElementByPath('groupby'); $xmlsql->process_groupby($groupby ? $groupby : 'value'); // <data><groupby><field> fields $fieldValuesInDb = $xmlsql->queryLoadObjectsList($data); // get the records $o->addAttribute('type', 'list'); /* $fieldName = $this->_db->getEscaped( $o->attributes( 'name' ) ); if ( $o->attributes( 'value' ) ) { $valueFieldName = $this->_db->getEscaped( $o->attributes( 'value' ) ); } else { $valueFieldName = $fieldName; } $tableName = $this->_db->getEscaped( $this->table ); $query = "SELECT `" . $valueFieldName . "` AS value, `" . $fieldName . "` AS text" . "\n FROM `" . $tableName . "`" . "\n GROUP BY " . $fieldName . "\n ORDER BY " . $fieldName ; $this->_db->setQuery( $query ); $fieldValuesInDb = $this->_db->loadObjectList(); */ } break; } return $fieldValuesInDb; }
/** * Implements a form firstwords field * * @param string $name The name of the form element * @param string $value The value of the element * @param SimpleXMLElement $node The xml element for the parameter * @param string $control_name The control name * @return string The html for the element */ function _form_firstwords( $name, $value, &$node, $control_name ) { if ( $this->_view ) { $size = $node->attributes( 'size' ); if ( ! $size ) { $size = 45; } $strippedContent = trim( strip_tags( cbUnHtmlspecialchars( $value ) ) ); if ( cbIsoUtf_strlen( $strippedContent ) > $size ) { $content = '<span title="' . htmlspecialchars($strippedContent ) . '">' . htmlspecialchars( cbIsoUtf_substr( $strippedContent, 0, $size ) . '...' ) . '</span>'; } else { $content = htmlspecialchars( $strippedContent ); } return $content; } else { return $this->_form_textarea($name, $value, $node, $control_name ); } }
/** * Prepares field data for saving to database (safe transfer from $postdata to $user) * Override * * @param moscomprofilerFields $field * @param moscomprofilerUser $user RETURNED populated: touch only variables related to saving this field (also when not validating for showing re-edit) * @param array $postdata Typically $_POST (but not necessarily), filtering required. * @param string $reason 'edit' for save profile edit, 'register' for registration, 'search' for searches */ function prepareFieldDataSave(&$field, &$user, &$postdata, $reason) { global $_CB_framework, $ueConfig; $this->_prepareFieldMetaSave($field, $user, $postdata, $reason); // For CB main password don't save if it's on registration and passwords are auto-generated. if ($reason == 'register' && $field->name == 'password') { if (isset($ueConfig['emailpass']) && $ueConfig['emailpass'] == "1") { return; } } foreach ($field->getTableColumns() as $col) { $value = stripslashes(cbGetParam($postdata, $col, '', _CB_ALLOWRAW)); $valueVerify = stripslashes(cbGetParam($postdata, $col . '__verify', '', _CB_ALLOWRAW)); if ($reason == 'edit' && $user->id != 0 && ($user->{$col} || $field->name == 'password') || $_CB_framework->getUi() == 2) { $fieldRequired = $field->required; $field->required = 0; } $this->validate($field, $user, $col, $value, $postdata, $reason); if ($reason == 'edit' && $user->id != 0 && ($user->{$col} || $field->name == 'password') || $_CB_framework->getUi() == 2) { $field->required = $fieldRequired; } $fieldMinLength = $this->getMinLength($field); $user->{$col} = null; // don't update unchanged (hashed) passwords unless typed-in and all validates: if ($value) { if (cbIsoUtf_strlen($value) < $fieldMinLength) { $this->_setValidationError($field, $user, $reason, sprintf(_UE_VALID_PASS_CHARS, _UE_PASS, $fieldMinLength)); } elseif ($value != $valueVerify) { $this->_setValidationError($field, $user, $reason, _UE_REGWARN_VPASS2); } else { // There is no event for password changes on purpose here ! $user->{$col} = $value; // store only if validated } } } }
/** * Generates the HTML to display the user profile tab * @param object tab reflecting the tab database entry * @param object mosUser reflecting the user being displayed * @param int 1 for front-end, 2 for back-end * @returns mixed : either string HTML for tab content, or false if Error generated */ function getDisplayTab($tab,$user,$ui) { global $_CB_database,$ueConfig,$_CB_framework; // Setup image storage paths $PGImagesPath = '/components/com_comprofiler/plugin/user/plug_cbprofilegallery/images/'; $PGImagesAbsolutePath = $_CB_framework->getCfg( 'absolute_path' ) . $PGImagesPath; $PGImagesLivePath = $_CB_framework->getCfg( 'absolute_path' ) . $PGImagesPath; $PGItemAbsolutePath = $_CB_framework->GetCfg( 'absolute_path' ) . '/images/comprofiler/plug_profilegallery/'; $PGItemPath = 'images/comprofiler/plug_profilegallery/'; $tabparams = $this->_pgGetTabParameters($user); //print_r($tabparams); // Return if the user doesn't have the ProfileGallery enabled no need to go any further // Does not even display the tab if(!$tabparams["cbpgenable"]) return ""; $htmltext0 = ""; $htmltext1 = ""; // first part of html code to display in the tab $htmltext2 = ""; // second part of html code to display in the tab $pgWHERE = ""; $pgORDERBY = ""; //Check to see if there are actions that need to be executed $action = $this->_getReqParam("PGformaction", null); $id = $this->_getReqParam("id",0); //$showform = $this->_getReqParam("showform", 0); switch ($tabparams["pgsortoption"]) { case 'DATEDESC': $pgORDERBY = ",pgitemdate desc"; break; case 'DATEASC': $pgORDERBY = ",pgitemdate asc"; break; default: $pgORDERBY = ",pgitemdate desc"; break; } // Is profile owner viewing or not? // If not then set additional WHERE clause to only gather published images $isModerator=isModerator($_CB_framework->myId()); if(($_CB_framework->myId() != $user->id) && !$isModerator) { $isME=false; $pgWHERE = "\n AND pgitempublished=1"; $pgWHERE .= "\n AND pgitemapproved=1"; } else { if ($_CB_framework->myId() == $user->id) { $isME=true; } else { $isME=false; } //LOGIC FOR ACTIONS HERE //Take necessary profile owner action if there is //Check to see if there are actions that need to be executed $action = $this->_getReqParam("PGformaction", null); $id = $this->_getReqParam("id",0); switch ($action) { CASE 'delete': $this->pgDelete($id,$user); break; CASE 'update': $updatetitle = $this->_getReqParam("pguitemtitle",null); $updatedescription = $this->_getReqParam("pguitemdescription",null); $this->pgUpdate($id,$updatetitle,$updatedescription); //print "Updating gallery item id:".$id; break; CASE 'publish': $this->pgPublish($id); //print "Publishing gallery item id:".$id; break; CASE 'unpublish': $this->pgUnPublish($id); //print "Unpublishing gallery item id:".$id; break; CASE 'approve': if ($isModerator) { $this->pgApprove($id,$user); } //print "Approving gallery item id:".$id; break; CASE 'revoke': if ($isModerator) { $this->pgRevoke($id,$user); } //print "Revoking gallery item id:".$id; break; DEFAULT: //print "I'm doing nothing:".$id." action:".$action; break; } } // if moderator viewing display extra info for front-end moderation activities if ($isModerator && !$isME) { $moderatorviewmessage = sprintf( CBTxt::Th('<font color="red">Moderator data:<br />' .'Items - %1$d<br />' .'Item Quota - %2$d<br />' .'Storage - %3$d<br />' .'Storage Quota - %4$d<br />' .'Access Mode - %5$s<br />' .'Display Mode - %6$s<br /></font>' ),(int) $user->cb_pgtotalitems, $tabparams["cbpgtotalquotaitems"], $user->cb_pgtotalsize/1024, $tabparams["cbpgtotalquotasize"], $tabparams[$tabparams["cbpgaccessmode"]], $tabparams[$tabparams["cbpgdisplayformat"]], $tabparams["cbpguploadsize"] ); $htmltext1 .= $moderatorviewmessage . "<br />"; } // First thing to do is to display the correct tab description if not empty if($tab->description != null) { $htmltext1 .= "\t\t<div class=\"tab_Description\">"; $htmltext1 .= cbUnHtmlspecialchars(getLangDefinition($tab->description)); $htmltext1 .= "</div>\n"; } // if connections restriction enable // and connections enabled on the system // and its not me viewing then // check if current viewer is connected with // profile owner if($_CB_framework->myId()==0) { $isAnonymous = true; } else { $isAnonymous = false; } $check4connection = 0; switch ($tabparams["cbpgaccessmode"]) { case 'PUB': break; case 'REG': if ($isAnonymous) { $htmltext1 .= "<p>" . sprintf(CBTxt::Th("Only Registered Members Allowed to view the %1\$d items in this Gallery!"), (int) $user->cb_pgtotalitems) . "</p>"; return $htmltext1; } break; case 'REG-S': if ($isAnonymous) return ""; break; case 'CON': if ($isAnonymous) { $htmltext1 .= "<p>" . sprintf(CBTxt::Th("Sorry - connections only viewing enabled for this gallery that currently has %1\$d items in it."), (int) $user->cb_pgtotalitems) . "</p>"; return $htmltext1; } $check4connection = 1; break; case 'CON-S': if ($isAnonymous) { return $htmltext1; } $check4connection = 1; break; default: break; } if ($check4connection && !$isAnonymous && !$isModerator && !$isME) { if ($ueConfig['allowConnections']) { $query="SELECT COUNT(*)" . "\n FROM #__comprofiler_members" . "\n WHERE memberid=" . (int) $user->id . "\n AND referenceid=" . (int) $_CB_framework->myId() . "\n AND accepted=1 AND pending=0"; $_CB_database->setQuery($query); $isconnected = $_CB_database->loadResult(); if (!$isconnected) { if ($tabparams["cbpgaccessmode"] == 'CON-S') return ""; $htmltext1 .= "<p>" . sprintf(CBTxt::Th("Sorry - connections only viewing enabled for this gallery that currently has %1\$d items in it."), (int) $user->cb_pgtotalitems) . "</p>"; return $htmltext1; } } else { if ($tabparams["cbpgaccessmode"] == 'CON-S') return ""; $htmltext1 .= "<p>" . sprintf(CBTxt::Th("Sorry - connections only viewing enabled for this gallery that currently has %1\$d items in it."), (int) $user->cb_pgtotalitems) . "</p>"; return $htmltext1; } } //Check to see if a user has submitted a new gallery item entry to be processed if (($isME || ($tabparams["pgallowaccessmodeoverride"] && $isModerator)) AND isset($_POST[$this->_getPagingParamName("pgitemtitle")])) { $htmltext0 .= $this->_pgProcessNewItem($id,$user); } // Find and show posts $pagingParams = $this->_getPaging(array(),array("pgposts_")); //check to see if the Admin enabled pagination if ($tabparams["pgpagingenabled"]) { //select a count of all applicable entries for pagination $query="SELECT count(*)" . "\n FROM #__comprofiler_plug_profilegallery" . "\n WHERE userid=" . (int) $user->id . "\n " . $pgWHERE; $_CB_database->setQuery($query); $pgtotal = $_CB_database->loadResult(); if (!is_numeric($pgtotal)) $pgtotal = 0; if ($pagingParams["pgposts_limitstart"] === null) $pagingParams["pgposts_limitstart"] = "0"; if ($tabparams["pgentriesperpage"] > $pgtotal) $pagingParams["pgposts_limitstart"] = "0"; } else { $pagingParams["pgposts_limitstart"] = "0"; } $PGItemAbsoluteUserPath = $PGItemAbsolutePath . $user->id . "/"; $PGItemUserPath = $PGItemPath . $user->id . "/"; $lastitemid = $this->_pgLastItemId($user->id); // Select all entries to be displayed $query="SELECT *" . "\n FROM #__comprofiler_plug_profilegallery" . "\n WHERE userid=" . (int) $user->id . "\n " . $pgWHERE . "\n ORDER BY pgitemorder" . "\n " . $pgORDERBY ; $_CB_database->setQuery($query, (int) ( $pagingParams["pgposts_limitstart"] ? $pagingParams["pgposts_limitstart"] : 0 ), (int) $tabparams["pgentriesperpage"] ); //print $database->getQuery(); $pgitems=$_CB_database->loadObjectList(); $pgdisplaycount=count($pgitems); // Display welcome message $htmltext2 .= '<div class="cbpgGreetings">'; $htmltext2 .= $tabparams["cbpgshortgreeting"]; $htmltext2 .= '</div>'; // Display submit new item logic $base_url = $this->_getAbsURLwithParam(array()); if (($isME || ($tabparams["pgallowmoderatorfrontenduploads"] && $isModerator)) && ($user->cb_pgtotalitems < $tabparams["cbpgtotalquotaitems"])) { $_CB_framework->addJQueryPlugin( 'cbprofilegallery', '/components/com_comprofiler/plugin/user/plug_cbprofilegallery/js/profilegallery.js' ); $_CB_framework->outputCbJQuery( '', 'cbprofilegallery' ); $css = '.cbpgToggleEditor { padding-right: 14px; margin-bottom: 10px; }' . "\n" . '.cbpgEditorHidden { background: url(' . $_CB_framework->getCfg( 'live_site' ) . '/components/com_comprofiler/plugin/user/plug_cbprofilegallery/images/none-arrow.gif' . ') no-repeat right; }' . "\n" . '.cbpgEditorVisible { background: url(' . $_CB_framework->getCfg( 'live_site' ) . '/components/com_comprofiler/plugin/user/plug_cbprofilegallery/images/block-arrow.gif' . ') no-repeat right; }' . "\n" . '.cbpgQuotas { padding: 10px 0px; }' . "\n" . '.cbpgAdd { padding: 10px 0px 30px; }' . "\n" . '.cbpgAdd label { }' . "\n" . 'label.cbpgInvalid { color: red; font-weight: bold; font-size:110%; margin-left: 8px; }' . "\n" . 'input.cbpgInvalid { border-color: red; }' ; $_CB_framework->document->addHeadStyleInline( $css ); $quota_marks = sprintf(CBTxt::T(' [Your current quota marks: %1$d/%2$d items %3$d/%4$d Kbytes (%5$d%% consumed - %6$d%% free)]'),(int) $user->cb_pgtotalitems, $tabparams["cbpgtotalquotaitems"], $user->cb_pgtotalsize/1024, $tabparams["cbpgtotalquotasize"], floor($user->cb_pgtotalsize/1024/$tabparams["cbpgtotalquotasize"]*100), 100-floor($user->cb_pgtotalsize/1024/$tabparams["cbpgtotalquotasize"]*100), (int) $tabparams["cbpguploadsize"]); // $htmltext2 .= '<div class="cbpgQuotas">' . $quota_marks . '</div>'; $showform = false; $warnText = ( ( ! $isME ) ? CBTxt::T( "You are about to add an entry to somebody else's gallery as a site Moderator. Proceed ?" ) : '' ); $htmltext2 .= '<div class="cbpgSubmitForm"><a href="javascript:void(0);" class="cbpgToggleEditor' . ( $showform ? ' cbpbEditorShow' : '' ) . '" title="' . htmlspecialchars( $warnText ) . '">' . CBTxt::Th("Submit New Gallery Entry") . '</a>'; $htmltext2 .= "<div class=\"cbpgAdd\" id=\"pg_divForm\" style=\"display:none;width:100%;\">"; $htmltext2 .= '<div class="cbpgQuotas">' . $quota_marks . '</div>'; $htmltext2 .= "<form name=\"pgadminForm\" id=\"pgadminForm\" method=\"post\" action=\"".$base_url."\" enctype=\"multipart/form-data\">\n"; $htmltext2 .= "<input type=\"hidden\" name=\"".$this->_getPagingParamName("pglastitemid")."\" value=\"".(int)$lastitemid."\" />"; $htmltext2 .= '<b><label for="cbpg_pgitemtitle" title="' . htmlspecialchars( CBTxt::T("A gallery item title must be entered") ) . '">' . CBTxt::Th("Title:") . "</label></b><br />"; $htmltext2 .= "<input class=\"inputbox required\" type=\"text\" name=\"".$this->_getPagingParamName("pgitemtitle")."\" id=\"cbpg_pgitemtitle\" size=\"30\" maxlength=\"255\" /><br />"; $htmltext2 .= '<b><label for="cbpg_pgitemdescription">' . CBTxt::Th("Description:") . "</label></b><br />"; $htmltext2 .= "<textarea class=\"inputbox\" cols=\"35\" rows=\"4\" name=\"".$this->_getPagingParamName("pgitemdescription")."\" id=\"cbpg_pgitemdescription\"></textarea><br />"; $htmltext2 .= '<b><label for="cbpg_pgitemfilename" title="' . htmlspecialchars( CBTxt::T("A file must be selected via the Browse button") ) . '">' . CBTxt::Th("Image File:") . "</label></b><br />"; $htmltext2 .= "<input class=\"inputbox required\" type=\"file\" name=\"".$this->_getPagingParamName("pgitemfilename")."\" id=\"cbpg_pgitemfilename\" size=\"30\" /><br />"; $htmltext2 .= "<input class=\"button\" name=\"pgsubmitentry\" id=\"pgsubmitentry\" type=\"submit\" value=\"" . htmlspecialchars( CBTxt::T("Submit Gallery Entry") ) ."\" title=\"\" />"; $htmltext2 .= '<img alt="" src="' . $_CB_framework->getCfg( 'live_site' ) . '/components/com_comprofiler/images/wait.gif' . '" style="display:none; margin:9px;" />'; $htmltext2 .= "</form>"; $htmltext2 .= "</div></div>"; } if (($isME || ($tabparams["pgallowmoderatorfrontenduploads"] && $isModerator)) && ($user->cb_pgtotalitems >= $tabparams["cbpgtotalquotaitems"])) { $htmltext2 .= '<font color="red">' . CBTxt::Th("Your Gallery item quota has been reached. You must delete an item in order to upload a new one or you may contact the admin to increase your quota.") . "</font><br />"; } if ($pgdisplaycount > 0){ // headings go here if needed switch ($tabparams["cbpgdisplayformat"]){ case 'DF1': // thumbnail layout headings and inits $icon = explode(",",$tabparams["cbpgbuttonslist"]); $dparm = explode(",",$tabparams["cbpgdisplayformatparameters"]); // get extra container box size bazed on icon height if ($isME || $isModerator) { list(, $icon_height, , ) = getimagesize($PGImagesAbsolutePath . $icon[1]); $pg_extrasize = $icon_height; } else { $pg_extrasize = 0; } $_CB_framework->document->addHeadScriptDeclaration( "function pgpopup(pgimagefile,pgimagetitle,pgimagedescription) {\n" . "var newWindow = window.open(\"\",\"newWindow\",\"height=" . ($tabparams["pgmaxheight"]+$dparm[2]) . ",width=" . ($tabparams["pgmaxwidth"]+$dparm[3]) . ",resizable=yes, scrollbars=yes, toolbar=no " . "\" );\n" . "var imageurl = \"<img sr\" + \"c=\" + pgimagefile + \" />\";\n" . "newWindow.document.open();" . "newWindow.document.writeln(\"<html>\");\n" . "newWindow.document.writeln(\"<head>\");\n" . "newWindow.document.writeln(\"<title>Profile Gallery Image: \"+ pgimagetitle + \"</title>\");\n" . "newWindow.document.writeln(\"<div align='center' >\");\n" . "newWindow.document.writeln(imageurl);\n" . "newWindow.document.writeln(\"<br />\");" . "newWindow.document.writeln(pgimagedescription);\n" . "newWindow.document.writeln(\"</div>\");\n" . "newWindow.document.close();\n" . "}\n" ); // $htmltext2 .= '<div class="cbpgItems">'; break; case 'DF2': // file list layout headings $dparm = explode(",",$tabparams["cbpgdisplayformatparameters"]); $htmltext2 .= "<table cellpadding=\"2\" cellspacing=\"4\" border=\"0\" width=\"95%\">"; $htmltext2 .= "<tr class=\"sectiontableheader\">"; $htmltext2 .= "<td width=25%>" . CBTxt::Th("Updated") . "</td>"; $htmltext2 .= "<td>" . CBTxt::Th("Title") . "</td>"; $htmltext2 .= "<td width=50%>". CBTxt::Th("Description") . "</td>"; if ($isME || $isModerator) $htmltext2 .= "<td>" . CBTxt::Th("Actions") . "</td>"; $htmltext2 .= "</tr>"; break; case 'DF3': // thumbnail layout with lightbox headings and inits $icon = explode(",",$tabparams["cbpgbuttonslist"]); $dparm = explode(",",$tabparams["cbpgdisplayformatparameters"]); //print_r($dparm); // get extra container box size bazed on icon height if ($isME || $isModerator) { list(, $icon_height, , ) = getimagesize($PGImagesAbsolutePath . $icon[1]); $pg_extrasize = $icon_height; } else { $pg_extrasize = 0; } global $_CB_framework; // a better language string would be: 'Image {x} of {y}' but using existing stuff: // $txtImageXofY = CBTxt::T("Image ") . '{x}' . CBTxt::T(" of ") . '{y}'; $txtImageXofY = CBTxt::T('Image {x} of {y}'); $_CB_framework->outputCbJQuery( "$('.pglightbox').slimbox( { counterText: '" . addslashes( $txtImageXofY ). "' } );", 'slimbox2' ); // $htmltext2 .= '<div class="cbpgItems">'; break; default: $htmltext2 .= "<b>column_heading_1 | column_heading2 | column_heading3</b><br />"; } $i=2; $k=0; foreach ($pgitems as $pgitem) { $k++; $i= ($i==1) ? 2 : 1; $pgitemfilename = $pgitem->pgitemfilename; $pgitemtype = $pgitem->pgitemtype; $pgitemtitle = $pgitem->pgitemtitle; //$js_pgitemtitle = str_replace(array('"','<','>',"\n","\\","'","'"), array(""","<",">","\\n","\\\\","\\'","\\'"), $pgitemtitle); $js_pgitemtitle = addslashes(htmlspecialchars($pgitemtitle)); $html_pgitemtitle = htmlspecialchars($pgitemtitle); $html_pgitemtitle_formatted = htmlspecialchars(($dparm[0]&&cbIsoUtf_strlen($pgitemtitle)>$dparm[0]) ? cbIsoUtf_substr($pgitemtitle,0,$dparm[0]) . $dparm[1]:$pgitemtitle); $js_pgitemtitle_formatted = addslashes($html_pgitemtitle_formatted); $pgitemdescription = $pgitem->pgitemdescription; //$js_pgitemdescription = str_replace(array('"','<','>',"\n","\\","'","'"), array(""","<",">","<br />","\\\\","\\'","\\'"), $pgitemdescription); $js_pgitemdescription = addslashes(htmlspecialchars($pgitemdescription)); $html_pgitemdescription = htmlspecialchars($pgitemdescription); $lb_html_pgitemdescription = htmlspecialchars( str_replace( "\n", '<br />', $pgitemdescription) ); $html_pgitemlightbox = CBTxt::Th("Title") . ": " . $html_pgitemtitle . "<br />" . CBTxt::Th("Description") . ": " . $lb_html_pgitemdescription; $pgitemdate = cbFormatDate($pgitem->pgitemdate); $pgitempublished = $pgitem->pgitempublished; $pgitemapproved = $pgitem->pgitemapproved; switch($pgitemtype) { case 'jpg': case 'gif': case 'png': case 'bmp': $popupname = "pgpopup"; break; default: $popupname = "pgpopup"; } $pgitemfilenameuserpath = $PGItemUserPath . $pgitemfilename; $pgitemthumbuserpath = $PGItemUserPath . "tn" . $pgitemfilename; $pgitemthumbuserabsolutepath = $PGItemAbsoluteUserPath . "tn" . $pgitemfilename; if (!file_exists($pgitemthumbuserabsolutepath)) { $pgitemthumbuserabsolutepath = $PGImagesAbsolutePath . "pgtn_" . $pgitemtype . "item.gif"; $pgitemthumbuserpath = $PGImagesPath . "pgtn_" . $pgitemtype . "item.gif"; if (!file_exists($pgitemthumbuserabsolutepath)) { $pgitemthumbuserabsolutepath = $PGImagesAbsolutePath . "pgtn_nonimageitem.gif"; $pgitemthumbuserpath = $PGImagesPath . "pgtn_nonimageitem.gif"; } } $pglivelink = $_CB_framework->getCfg( 'live_site' ) . "/" . $pgitemfilenameuserpath; $pgitemurl = "<a href=\"" . $pglivelink . "\">" . $pgitemfilename . "</a>"; $pgitemtitle_url = "<a href=\"".cbSef($pglivelink)."\" target=\"_blank\"><b>".$html_pgitemtitle_formatted."</b><br />"; list($pgitemtn_width, $pgitemtn_height, , ) = getimagesize($pgitemthumbuserabsolutepath); if ($pgitemtn_width <= $tabparams["pgtnmaxwidth"]) { $resize_width_factor = 1; } else { $resize_width_factor = $tabparams["pgtnmaxwidth"] / $pgitemtn_width; } if ($pgitemtn_height <= $tabparams["pgtnmaxheight"]) { $resize_height_factor = 1; } else { $resize_height_factor = $tabparams["pgtnmaxheight"] / $pgitemtn_height; } $resize_factor = min($resize_width_factor,$resize_height_factor); $newtn_height = floor($pgitemtn_height * $resize_factor); $newtn_width = floor($pgitemtn_width * $resize_factor); switch ($tabparams["cbpgdisplayformat"]){ case 'DF1': // image layout headings (none) if (!$pgitemapproved || !$pgitempublished) { $htmltext2.= "<div class=\"connectionBox cbpgIbox\" style=\"text-align:center;border:1px dotted;position:relative;height:".($tabparams["pgtnmaxheight"]+$dparm[4]+$pg_extrasize)."px;width:".($tabparams["pgtnmaxwidth"]+$dparm[5])."px;\">"; } else { $htmltext2.= "<div class=\"connectionBox cbpgIbox\" style=\"text-align:center;position:relative;height:".($tabparams["pgtnmaxheight"]+$dparm[4]+$pg_extrasize)."px;width:".($tabparams["pgtnmaxwidth"]+$dparm[5])."px;\">"; } // Check file extension type $inimagelist = in_array($pgitemtype,explode(",",$tabparams["pgimagefiletypelist"])); if ($tabparams["pgopmode"]!="FILEMODE" && $inimagelist){ $htmltext2.= "<a href=\"".cbSef($pglivelink) . "\" target=\"_blank\"><b>" . $html_pgitemtitle_formatted . "</b></a><br />" . "<div style=\"height:".$tabparams["pgtnmaxheight"]."px;\">" . "<a href=\"javascript:$popupname('$pglivelink','$js_pgitemtitle','$js_pgitemdescription')\">" // . $popupcode . "<img src=\"" . $_CB_framework->getCfg( 'live_site' ) . "/" . $pgitemthumbuserpath . "\" border=\"0\" height=\"$newtn_height\" width=\"$newtn_width\" alt=\"\" title=\"" . $html_pgitemdescription . "\" />" . "</a>" . "</div>" . "<br /><br />"; } else { $htmltext2.= "<a href=\"".cbSef($pglivelink)."\"><b>" . $html_pgitemtitle_formatted . "</b></a><br />" . "<div style=\"height:".$tabparams["pgtnmaxheight"]."px;\">" . "<a href=\"$pgitemfilenameuserpath\" target=\"_blank\">" . "<img src=\"" . $_CB_framework->getCfg( 'live_site' ) . "/" . $pgitemthumbuserpath . "\" border=\"0\" height=\"$newtn_height\" width=\"$newtn_width\" alt=\"\" title=\"" . $html_pgitemdescription . "\" />" . "</a>" . "</div>" . "<br /><br />"; } $htmltext2 .= "<form name=\"PGactionForm".$k."\" id=\"PGactionForm".$k."\" method=\"post\" action=\"".$base_url."\">"; $htmltext2 .= "<input type=\"hidden\" name=\"".$this->_getPagingParamName("id")."\" value=\"".$pgitem->id."\" />"; $htmltext2 .= "<input type=\"submit\" name=\"PGsubmitform\" style=\"display:none;\" />"; $htmltext2 .= "<input type=\"hidden\" name=\"".$this->_getPagingParamName("PGformaction")."\" value=\"default\" /></form>"; if ($isME || $isModerator) { $htmltext2 .= "<a href=\"javascript:if (confirm('" . addslashes(CBTxt::T("Are you sure you want to delete selected item ? The selected item will be deleted and cannot be undone!")) . "')) { document.PGactionForm".$k.".".$this->_getPagingParamName("PGformaction").".value='delete';document.PGactionForm".$k.".submit(); }\"><img style=\"cursor:pointer;border:0px;\" class=\"pg_c1\" src=\"" . $_CB_framework->getCfg( 'live_site' ) . "/components/com_comprofiler/plugin/user/plug_cbprofilegallery/images/" . $icon[0] . "\" alt=\"" . htmlspecialchars(CBTxt::T("Delete")) ."\" title=\"" . htmlspecialchars(CBTxt::T("Delete")) . "\" /></a>"; if (!$pgitempublished) { $htmltext2 .= "<a href=\"javascript:document.PGactionForm".$k.".".$this->_getPagingParamName("PGformaction").".value='publish';document.PGactionForm".$k.".submit();\"><img style=\"cursor:pointer;border:0px;\" class=\"pg_c2\" src=\"" . $_CB_framework->getCfg( 'live_site' ) . "/components/com_comprofiler/plugin/user/plug_cbprofilegallery/images/" . $icon[2] . "\" alt=\"" . htmlspecialchars(CBTxt::T("Publish")) ."\" title=\"" . htmlspecialchars(CBTxt::T("Publish")) . "\" /></a>"; } else { $htmltext2 .= "<a href=\"javascript:document.PGactionForm".$k.".".$this->_getPagingParamName("PGformaction").".value='unpublish';document.PGactionForm".$k.".submit();\"><img style=\"cursor:pointer;border:0px;\" class=\"pg_c3\" src=\"" . $_CB_framework->getCfg( 'live_site' ) . "/components/com_comprofiler/plugin/user/plug_cbprofilegallery/images/" . $icon[1] . "\" alt=\"" . htmlspecialchars(CBTxt::T("Unpublish")) ."\" title=\"" . htmlspecialchars(CBTxt::T("Unpublish")) . "\" /></a>"; } } if ($isModerator) { if (!$pgitemapproved) { $htmltext2 .= "<a href=\"javascript:document.PGactionForm".$k.".".$this->_getPagingParamName("PGformaction").".value='approve';document.PGactionForm".$k.".submit();\"><img style=\"cursor:pointer;border:0px;\" class=\"pg_c4\" src=\"" . $_CB_framework->getCfg( 'live_site' ) . "/components/com_comprofiler/plugin/user/plug_cbprofilegallery/images/" . $icon[3] . "\" alt=\"" . htmlspecialchars(CBTxt::T("Approve")) ."\" title=\"" . htmlspecialchars(CBTxt::T("Approve")) . "\" /></a>"; } else { $htmltext2 .= "<a href=\"javascript:document.PGactionForm".$k.".".$this->_getPagingParamName("PGformaction").".value='revoke';document.PGactionForm".$k.".submit();\"><img style=\"cursor:pointer;border:0px;\" class=\"pg_c5\" src=\"" . $_CB_framework->getCfg( 'live_site' ) . "/components/com_comprofiler/plugin/user/plug_cbprofilegallery/images/" . $icon[4] . "\" alt=\"" . htmlspecialchars(CBTxt::T("Revoke")) ."\" title=\"" . htmlspecialchars(CBTxt::T("Revoke")) . "\" /></a>"; } } if ($isME || $isModerator) { $popform=null; $popform .= "<form name=\"PGformaction".$k."\" method=\"post\" action=\"".$base_url."\">"; $popform .= "<input type=\"hidden\" name=\"".$this->_getPagingParamName("id")."\" value=\"".$pgitem->id."\" />"; $popform .= "<input type=\"hidden\" name=\"".$this->_getPagingParamName("PGformaction")."\" value=\"update\" />"; $popform .= "<br /><b>" . CBTxt::Th("Title:") . ":</b><br /><input class=\"inputbox\" type=\"text\" name=\"".$this->_getPagingParamName("pguitemtitle")."\" size=\"30\" maxlength=\"255\" value=\"".$html_pgitemtitle."\" />"; $popform .= "<br /><b>". CBTxt::Th("Description") . ":</b><br /><textarea class=\"inputbox\" cols=\"35\" rows=\"4\" name=\"".$this->_getPagingParamName("pguitemdescription")."\" style=\"height:75px;width:285px;overflow:auto;\" >".$html_pgitemdescription."</textarea>"; $popform .= "<br /><input type=\"submit\" value=\"" . htmlspecialchars( CBTxt::T("Update") ) . "\" title=\"\" /></form>"; $htmltext2 .= "<a href=\"javascript:void(0);\" name=\"PGeditForm".$k."\" id=\"PGeditForm".$k."\" onclick=\"" ."return overlib('".addslashes(htmlspecialchars($popform))."', STICKY, CAPTION,'" . CBTxt::T("Edit Gallery Item")."', CENTER,CLOSECLICK,CLOSETEXT,'"._UE_CLOSE_OVERLIB."',WIDTH,300, ANCHOR,'PGeditForm".$k."',ANCHORALIGN,'LR','UR');\">"."<img style=\"cursor:pointer;border:0px;\" class=\"pg_c5\" src=\"" . $_CB_framework->getCfg( 'live_site' ) . "/components/com_comprofiler/plugin/user/plug_cbprofilegallery/images/" . $icon[5] . "\" alt=\"" . htmlspecialchars(CBTxt::T("Edit")) ."\" title=\"" . htmlspecialchars(CBTxt::T("Edit")) . "\""." /></a> "; } $htmltext2 .= "<br /></div>"; break; case 'DF2': // file list layout $htmltext2 .= "<form name=\"PGactionForm".$k."\" id=\"PGactionForm".$k."\" method=\"post\" action=\"".$base_url."\">"; $htmltext2 .= "<input type=\"hidden\" name=\"".$this->_getPagingParamName("id")."\" value=\"".$pgitem->id."\" />"; $htmltext2 .= "<input type=\"submit\" name=\"PGsubmitform\" style=\"display:none;\" />"; $htmltext2 .= "<input type=\"hidden\" name=\"".$this->_getPagingParamName("PGformaction")."\" value=\"default\" /></form>"; $htmltext2 .= "<tr>"; $htmltext2 .= "<td>".$pgitemdate."</td>"; $htmltext2 .= "<td>".$pgitemtitle_url."</td>"; $htmltext2 .= "<td>".cbUnHtmlspecialchars($pgitemdescription)."</td>"; if ($isME || $isModerator) $htmltext2 .= "<td>"; if ($isME || $isModerator) { $htmltext2 .= "<a href=\"javascript:if (confirm('" . addslashes(CBTxt::T("Are you sure you want to delete selected item ? The selected item will be deleted and cannot be undone!")) . "')) { document.PGactionForm".$k.".".$this->_getPagingParamName("PGformaction").".value='delete';document.PGactionForm".$k.".submit(); }\">" . CBTxt::T("Delete")."<br /></a>"; if (!$pgitempublished) { $htmltext2 .= "<a href=\"javascript:document.PGactionForm".$k.".".$this->_getPagingParamName("PGformaction").".value='publish';document.PGactionForm".$k.".submit();\">". CBTxt::Th("Publish") . "<br /></a>"; } else { $htmltext2 .= "<a href=\"javascript:document.PGactionForm".$k.".".$this->_getPagingParamName("PGformaction").".value='unpublish';document.PGactionForm".$k.".submit();\">" . CBTxt::Th("Unpublish") . "<br /></a>"; } } if ($isModerator) { if (!$pgitemapproved) { $htmltext2 .= "<a href=\"javascript:document.PGactionForm".$k.".".$this->_getPagingParamName("PGformaction").".value='approve';document.PGactionForm".$k.".submit();\">" . CBTxt::Th("Approve") . "<br /></a>"; } else { $htmltext2 .= "<a href=\"javascript:document.PGactionForm".$k.".".$this->_getPagingParamName("PGformaction").".value='revoke';document.PGactionForm".$k.".submit();\">" . CBTxt::Th("Revoke") . "<br /></a>"; } } if ($isME || $isModerator) { $popform=null; $popform .= "<form name=\"PGformaction".$k."\" method=\"post\" action=\"".$base_url."\">"; $popform .= "<input type=\"hidden\" name=\"".$this->_getPagingParamName("id")."\" value=\"".$pgitem->id."\" />"; $popform .= "<input type=\"hidden\" name=\"".$this->_getPagingParamName("PGformaction")."\" value=\"update\" />"; $popform .= "<br /><b>" . CBTxt::T("Title") . ":</b><br /><input class=\"inputbox\" type=\"text\" name=\"".$this->_getPagingParamName("pguitemtitle")."\" size=\"30\" maxlength=\"255\" value=\"".$html_pgitemtitle."\" />"; $popform .= "<br /><b>" . CBTxt::T("Description") . ":</b><br /><textarea class=\"inputbox\" cols=\"35\" rows=\"4\" name=\"".$this->_getPagingParamName("pguitemdescription")."\" style=\"height:75px;width:285px;overflow:auto;\" >".$html_pgitemdescription."</textarea>"; $popform .= "<br /><input type=\"submit\" value=\"" . htmlspecialchars( CBTxt::T("Update") ) . "\" title=\"\" /></form>"; $htmltext2 .= "<a href=\"javascript:void(0);\" name=\"PGeditForm".$k."\" id=\"PGeditForm".$k."\" onclick=\"" ."return overlib('".addslashes(htmlspecialchars($popform))."', STICKY, CAPTION,'" . addslashes(CBTxt::T("Edit Gallery Item")) . "', CENTER,CLOSECLICK,CLOSETEXT,'" . _UE_CLOSE_OVERLIB . "',WIDTH,300, ANCHOR,'PGeditForm".$k."',ANCHORALIGN,'LR','UR');\">". CBTxt::Th("Edit") ."</a> "; } if ($isME || $isModerator) $htmltext2 .= "</td>"; $htmltext2 .= "</tr>"; break; case 'DF3': // image layout headings (none) if (!$pgitemapproved || !$pgitempublished) { $htmltext2.= "<div class=\"connectionBox cbpgIbox\" style=\"text-align:center;border:1px dotted;position:relative;height:".($tabparams["pgtnmaxheight"]+$dparm[4]+$pg_extrasize)."px;width:".($tabparams["pgtnmaxwidth"]+$dparm[5])."px;\">"; } else { $htmltext2.= "<div class=\"connectionBox cbpgIbox\" style=\"text-align:center;position:relative;height:".($tabparams["pgtnmaxheight"]+$dparm[4]+$pg_extrasize)."px;width:".($tabparams["pgtnmaxwidth"]+$dparm[5])."px;\">"; } // Check file extension type $inimagelist = in_array($pgitemtype,explode(",",$tabparams["pgimagefiletypelist"])); if ($tabparams["pgopmode"]!="FILEMODE" && $inimagelist){ $htmltext2.= "<a href=\"".cbSef($pgitemfilenameuserpath) . "\" target=\"_blank\"><b>" . $html_pgitemtitle_formatted . "</b></a><br />" . "<div style=\"height:".$tabparams["pgtnmaxheight"]."px;\">" . '<a class="pglightbox" title="' . htmlspecialchars( $html_pgitemlightbox ) . '" rel="lightbox-group" href="' . $pglivelink . '">' . "<img src=\"" . $_CB_framework->getCfg( 'live_site' ) . "/" . $pgitemthumbuserpath . "\" border=\"0\" height=\"$newtn_height\" width=\"$newtn_width\" alt=\"\" title=\"" . $html_pgitemdescription . "\" />" . "</a>" . "</div>" ; } else { $htmltext2.= "<a href=\"".cbSef($pglivelink)."\"><b>" . $html_pgitemtitle_formatted . "</b></a><br />" . "<div style=\"height:".$tabparams["pgtnmaxheight"]."px;\">" . "<a href=\"$pgitemfilenameuserpath\" target=\"_blank\">" . "<img src=\"" . $_CB_framework->getCfg( 'live_site' ) . "/" . $pgitemthumbuserpath . "\" border=\"0\" height=\"$newtn_height\" width=\"$newtn_width\" alt=\"\" title=\"" . $html_pgitemdescription . "\" />" . "</a>" . "</div>" ; } if ($isME || $isModerator) { $htmltext2 .= '<div class="cbpgControlArea" style="text-align:center;">'; } $htmltext2 .= "<form name=\"PGactionForm".$k."\" id=\"PGactionForm".$k."\" method=\"post\" action=\"".$base_url."\">"; $htmltext2 .= "<input type=\"hidden\" name=\"".$this->_getPagingParamName("id")."\" value=\"".$pgitem->id."\" />"; $htmltext2 .= "<input type=\"submit\" name=\"PGsubmitform\" style=\"display:none;\" title=\"\" />"; $htmltext2 .= "<input type=\"hidden\" name=\"".$this->_getPagingParamName("PGformaction")."\" value=\"default\" /></form>"; if ($isME || $isModerator) { $htmltext2 .= "<a href=\"javascript:if (confirm('" . addslashes(CBTxt::T("Are you sure you want to delete selected item ? The selected item will be deleted and cannot be undone!")) . "')) { document.PGactionForm".$k.".".$this->_getPagingParamName("PGformaction").".value='delete';document.PGactionForm".$k.".submit(); }\"><img style=\"cursor:pointer;border:0px;\" class=\"pg_c1\" src=\"" . $_CB_framework->getCfg( 'live_site' ) . "/components/com_comprofiler/plugin/user/plug_cbprofilegallery/images/" . $icon[0] . "\" alt=\"" . htmlspecialchars(CBTxt::T("Delete")) . "\" title=\"". htmlspecialchars(CBTxt::T("Delete"))."\" /></a>"; if (!$pgitempublished) { $htmltext2 .= "<a href=\"javascript:document.PGactionForm".$k.".".$this->_getPagingParamName("PGformaction").".value='publish';document.PGactionForm".$k.".submit();\"><img style=\"cursor:pointer;border:0px;\" class=\"pg_c2\" src=\"" . $_CB_framework->getCfg( 'live_site' ) . "/components/com_comprofiler/plugin/user/plug_cbprofilegallery/images/" . $icon[2] . "\" alt=\"" . htmlspecialchars(CBTxt::T("Publish")) ."\" title=\"" . htmlspecialchars(CBTxt::T("Publish")) . "\" /></a>"; } else { $htmltext2 .= "<a href=\"javascript:document.PGactionForm".$k.".".$this->_getPagingParamName("PGformaction").".value='unpublish';document.PGactionForm".$k.".submit();\"><img style=\"cursor:pointer;border:0px;\" class=\"pg_c3\" src=\"" . $_CB_framework->getCfg( 'live_site' ) . "/components/com_comprofiler/plugin/user/plug_cbprofilegallery/images/" . $icon[1] . "\" alt=\"" . htmlspecialchars(CBTxt::T("Unpublish")) ."\" title=\"" . htmlspecialchars(CBTxt::T("Unpublish")) . "\" /></a>"; } } if ($isModerator) { if (!$pgitemapproved) { $htmltext2 .= "<a href=\"javascript:document.PGactionForm".$k.".".$this->_getPagingParamName("PGformaction").".value='approve';document.PGactionForm".$k.".submit();\"><img style=\"cursor:pointer;border:0px;\" class=\"pg_c4\" src=\"" . $_CB_framework->getCfg( 'live_site' ) . "/components/com_comprofiler/plugin/user/plug_cbprofilegallery/images/" . $icon[3] . "\" alt=\"" . htmlspecialchars(CBTxt::T("Approve")) ."\" title=\"" . htmlspecialchars(CBTxt::T("Approve")) . "\" /></a>"; } else { $htmltext2 .= "<a href=\"javascript:document.PGactionForm".$k.".".$this->_getPagingParamName("PGformaction").".value='revoke';document.PGactionForm".$k.".submit();\"><img style=\"cursor:pointer;border:0px;\" class=\"pg_c5\" src=\"" . $_CB_framework->getCfg( 'live_site' ) . "/components/com_comprofiler/plugin/user/plug_cbprofilegallery/images/" . $icon[4] . "\" alt=\"" . htmlspecialchars(CBTxt::T("Revoke")) . "\" title=\"" . htmlspecialchars(CBTxt::T("Revoke")) . "\" /></a>"; } } if ($isME || $isModerator) { $popform=null; $popform .= "<form name=\"PGformaction".$k."\" method=\"post\" action=\"".$base_url."\">"; $popform .= "<input type=\"hidden\" name=\"".$this->_getPagingParamName("id")."\" value=\"".$pgitem->id."\" />"; $popform .= "<input type=\"hidden\" name=\"".$this->_getPagingParamName("PGformaction")."\" value=\"update\" />"; $popform .= "<br /><b>" . CBTxt::T("Title") . ":</b><br /><input class=\"inputbox\" type=\"text\" name=\"".$this->_getPagingParamName("pguitemtitle")."\" size=\"30\" maxlength=\"255\" value=\"".$html_pgitemtitle."\" />"; $popform .= "<br /><b>" . CBTxt::T("Description") . ":</b><br /><textarea class=\"inputbox\" cols=\"35\" rows=\"4\" name=\"".$this->_getPagingParamName("pguitemdescription")."\" style=\"height:75px;width:285px;overflow:auto;\" >".$html_pgitemdescription."</textarea>"; $popform .= "<br /><input type=\"submit\" value=\"" . htmlspecialchars( CBTxt::T("Update") ) . "\" title=\"\" /></form>"; $htmltext2 .= "<a href=\"javascript:void(0);\" name=\"PGeditForm".$k."\" id=\"PGeditForm".$k."\" onclick=\"" ."return overlib('".addslashes(htmlspecialchars($popform))."', STICKY, CAPTION,'" . CBTxt::T("Edit Gallery Item") . "', CENTER,CLOSECLICK,CLOSETEXT,'" . _UE_CLOSE_OVERLIB . "',WIDTH,300, ANCHOR,'PGeditForm".$k."',ANCHORALIGN,'LR','UR');\">"."<img style=\"cursor:pointer;border:0px;\" class=\"pg_c5\" src=\"" . $_CB_framework->getCfg( 'live_site' ) . "/components/com_comprofiler/plugin/user/plug_cbprofilegallery/images/" . $icon[5] . "\" alt=\"" . htmlspecialchars(CBTxt::T("Edit")) ."\" title=\"" . htmlspecialchars(CBTxt::T("Edit")) . "\""." /></a> "; $htmltext2 .= '</div>'; } $htmltext2 .= "</div>"; break; default: $htmltext2 .= $pgitemurl . "|" . $pgitemtype . "|" . $pgitemtitle ."|" . $pgitemdescription ."<br />"; break; } } switch ($tabparams["cbpgdisplayformat"]){ case 'DF1': // $htmltext2 .= '</div>'; // close cbpgItems div break; case 'DF2': $htmltext2 .= "</table>"; break; case 'DF3': // $htmltext2 .= '</div>'; // close cbpgItems div break; } // Add paging control at end of list if paging enabled if ($tabparams["pgpagingenabled"] && ($tabparams["pgentriesperpage"] < $pgtotal)) { $htmltext2 .= "<div style=\"clear:both;\"> </div>"; $htmltext2 .= "<div style='width:95%;text-align:center;'>" .$this->_writePaging($pagingParams,"pgposts_",$tabparams["pgentriesperpage"],$pgtotal) ."</div>"; } } else { $htmltext2 .= "<br/>"; $htmltext2 .= CBTxt::Th("No Items published in this profile gallery"); $htmltext2 .= "<br/>"; } $htmltext2 .= "<div style=\"clear:both;\"> </div>"; // $htmltext2 .= "</div>"; return $htmltext0 . $htmltext1 . $htmltext2; }
/** * prepare group description * * @param int $length * @return string */ public function getDescription( $length = 0 ) { static $cache = array(); $id = $this->get( 'id' ); if ( ! isset( $cache[$id] ) ) { $plugin = cbgjClass::getPlugin(); $description = $this->get( 'description' ); if ( $plugin->params->get( 'group_desc_content', 0 ) ) { $description = cbgjClass::prepareContentPlugins( $description ); } $cache[$id] = ( $plugin->params->get( 'group_editor', 1 ) >= 2 ? $description : htmlspecialchars( $description ) ); } $description = $cache[$id]; if ( $description ) { $length = (int) $length; if ( $length && ( cbIsoUtf_strlen( strip_tags( $description ) ) > $length ) ) { $description = rtrim( trim( cbIsoUtf_substr( strip_tags( $description ), 0, $length ) ), '.' ) . '...'; } } return $description; }
/** * Generates new captcha code and stores to session * * @param int $length * @param string $characters * @return string */ public function generateCode( $length = null, $characters = null ) { $code = null; switch( $this->mode ) { case 'recaptcha': $code = null; break; case 'question': $captchaQuestions = "What is 2 plus 2?=4\n" . "What is 1 times 6?=6\n" . "What is 9 divide 3?=3\n" . "Are you a Human?=Yes\n" . "Are you a Bot?=No\n" . "How many words is this?=5\n" . "How many fingers on a hand?=5\n" . "How many toes on a foot?=5\n" . "What is 10 add 10?=20\n" . "What is 0 multiply 100?=0\n" . "What is 5 minus 1?=4\n" . "What is 2 add 2?=4\n" . "4th letter of Test is?=t\n" . "20, 81, 3; which is smallest?=3\n" . "12, 31, 9; which is greatest?=31\n" . "Purple, car, dog; which is a color?=Purple\n" . "Cat, plane, rock; which is an animal?=Cat\n" . "If tomorrow is Monday; what day is today?=Sunday\n" . "Tim, cat, dog; which is human?=Tim"; $questions = $this->params->get( 'captcha_internal_questions', $captchaQuestions ); if ( ! $questions ) { $questions = $captchaQuestions; } $questions = explode( "\n", $questions ); $codes = array(); foreach ( $questions as $question ) { $question = explode( '=', $question ); $key = ( isset( $question[0] ) ? trim( CBTxt::T( $question[0] ) ) : null ); $value = ( isset( $question[1] ) ? trim( CBTxt::T( $question[1] ) ) : null ); if ( $key && $value ) { $codes[$key] = $value; } } if ( $codes ) { $code = array_rand( $codes, 1 ); } break; case 'internal': default: if ( ! $length ) { $length = (int) $this->params->get( 'captcha_internal_length', 6 ); if ( ! $length ) { $length = 6; } } $length = (int) $length; if ( ! $characters ) { $characters = $this->params->get( 'captcha_internal_characters', 'abcdefhijklmnopqrstuvwxyz' ); if ( ! $characters ) { $characters = 'abcdefhijklmnopqrstuvwxyz'; } } for ( $i = 0, $n = (int) $length; $i < $n; $i++ ) { $code .= cbIsoUtf_substr( $characters, mt_rand( 0, cbIsoUtf_strlen( $characters ) -1 ), 1 ); } break; } $this->code = $code; $this->setSession( array( 'code' => $this->code ) ); return $this->code; }
/** * Generates a captcha audio file * * @param string $id */ public function captchaAudio( $id ) { global $_PLUGINS; if ( $id ) { $absPath = $_PLUGINS->getPluginPath( $this->getPluginId() ); $captcha = cbantispamCaptcha::getInstance( $id ); $code = $captcha->getCaptchaCode(); $sounds = array(); for( $i = 0; $i < cbIsoUtf_strlen( $code ); $i++ ) { $file = $absPath . '/audio/' . $code{$i} . '.mp3'; if ( ! file_exists( $file ) ) { exit( CBTxt::T( 'CAPTCHA_AUDIO_FILE_FAILED', 'failed to locate "[file]" audio file', array( '[file]' => $file ) ) ); } $sounds[] = $file; } header( 'Expires: Mon, 26 Jul 1997 05:00:00 GMT' ); header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); header( 'Cache-Control: no-store, no-cache, must-revalidate' ); header( 'Cache-Control: post-check=0, pre-check=0', false ); header( 'Pragma: no-cache' ); header( 'Content-Type: audio/mpeg' ); header( 'Content-Disposition: inline; filename=cbcaptcha.mp3;' ); header( 'Content-Transfer-Encoding: binary' ); $out = ''; $count = count( $sounds ); $i = 0; foreach ( $sounds as $sound ) { $i++; if ( $i != $count ) { $offset = 128; } else { $offset = 0; } $fh = fopen( $sound, 'rb' ); $size = filesize( $sound ); $out .= fread( $fh, ( $size - $offset ) ); fclose( $fh ); } header( 'Content-Length: ' . cbIsoUtf_strlen( $out ) ); echo $out; exit(); } }