function sp_akismet($newpost) { global $spThisUser; if (sp_get_auth('bypass_akismet', $newpost['forumid'])) { return $newpost; } if (function_exists('akismet_http_post') == false) { return $newpost; } $akismet = sp_get_option('spAkismet'); if (empty($akismet) || $akismet == 1) { return $newpost; } $spam = sp_check_akismet($newpost); if (true == $spam) { if ($akismet == 2) { $newpost['poststatus'] = 2; } if ($akismet == 3) { sp_notify(1, __('This post has been identified as spam and has been rejected', 'spab')); wp_redirect(sp_url()); die; } } return $newpost; }
function sp_check_spammath($forumid) { # Spam Check $spamtest = array(); $spamtest[0] = false; $usemath = true; if (sp_get_auth('bypass_math_question', $forumid) == false) { $spamtest = sp_spamcheck(); } return $spamtest; }
function sp_kses_array() { global $allowedforumtags, $allowedforumprotocols, $spVars, $spThisUser; $allowedforumprotocols = apply_filters('sph_allowed_protocols', array('http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'clsid', 'data')); $allowedforumtags = array('address' => array('class' => true), 'a' => array('class' => true, 'href' => true, 'id' => true, 'title' => true, 'rel' => true, 'rev' => true, 'name' => true, 'target' => true, 'style' => true), 'abbr' => array('class' => true, 'title' => true), 'acronym' => array('title' => true, 'class' => true), 'article' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'aside' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'audio' => array('autoplay' => true, 'class' => true, 'controls' => true, 'id' => true, 'loop' => true, 'muted' => true, 'poster' => true, 'preload' => true, 'src' => true, 'style' => true), 'b' => array('class' => true), 'big' => array('class' => true), 'blockquote' => array('id' => true, 'cite' => true, 'class' => true, 'lang' => true, 'xml:lang' => true, 'style' => true), 'br' => array('class' => true), 'caption' => array('align' => true, 'class' => true), 'cite' => array('class' => true, 'dir' => true, 'lang' => true, 'title' => true), 'code' => array('class' => true, 'style' => true), 'dd' => array('class' => true), 'del' => array('datetime' => true), 'details' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'open' => true, 'style' => true, 'xml:lang' => true), 'div' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'dl' => array('class' => true), 'dt' => array('class' => true), 'em' => array('class' => true), 'embed' => array('height' => true, 'name' => true, 'pallette' => true, 'src' => true, 'type' => true, 'width' => true), 'figure' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'figcaption' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'font' => array('color' => true, 'face' => true, 'size' => true), 'footer' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'header' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'hgroup' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'h1' => array('align' => true, 'class' => true, 'id' => true, 'style' => true), 'h2' => array('align' => true, 'class' => true, 'id' => true, 'style' => true), 'h3' => array('align' => true, 'class' => true, 'id' => true, 'style' => true), 'h4' => array('align' => true, 'class' => true, 'id' => true, 'style' => true), 'h5' => array('align' => true, 'class' => true, 'id' => true, 'style' => true), 'h6' => array('align' => true, 'class' => true, 'id' => true, 'style' => true), 'hr' => array('align' => true, 'class' => true, 'noshade' => true, 'size' => true, 'width' => true), 'i' => array('class' => true), 'img' => array('alt' => true, 'title' => true, 'align' => true, 'border' => true, 'class' => true, 'height' => true, 'hspace' => true, 'longdesc' => true, 'vspace' => true, 'src' => true, 'style' => true, 'width' => true), 'ins' => array('datetime' => true, 'cite' => true), 'kbd' => array('class' => true), 'label' => array('for' => true), 'legend' => array('align' => true), 'li' => array('align' => true, 'class' => true, 'id' => true, 'style' => true), 'menu' => array('class' => true, 'style' => true, 'type' => true), 'nav' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'object' => array('classid' => true, 'codebase' => true, 'codetype' => true, 'data' => true, 'declare' => true, 'height' => true, 'name' => true, 'param' => true, 'standby' => true, 'type' => true, 'usemap' => true, 'width' => true), 'param' => array('id' => true, 'name' => true, 'type' => true, 'value' => true, 'valuetype' => true), 'p' => array('class' => true, 'align' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'pre' => array('class' => true, 'style' => true, 'width' => true), 'q' => array('cite' => true), 's' => array('class' => true), 'section' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'small' => array('class' => true), 'source' => array('class' => true, 'id' => true, 'media' => true, 'src' => true, 'style' => true, 'type' => true), 'span' => array('class' => true, 'dir' => true, 'align' => true, 'lang' => true, 'style' => true, 'title' => true, 'xml:lang' => true, 'id' => true), 'strike' => array('class' => true), 'strong' => array('class' => true), 'sub' => array('class' => true), 'summary' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'sup' => array('class' => true), 'table' => array('align' => true, 'bgcolor' => true, 'border' => true, 'cellpadding' => true, 'cellspacing' => true, 'class' => true, 'dir' => true, 'id' => true, 'rules' => true, 'style' => true, 'summary' => true, 'width' => true), 'tbody' => array('align' => true, 'char' => true, 'charoff' => true, 'valign' => true), 'td' => array('abbr' => true, 'align' => true, 'axis' => true, 'bgcolor' => true, 'char' => true, 'charoff' => true, 'class' => true, 'colspan' => true, 'dir' => true, 'headers' => true, 'height' => true, 'nowrap' => true, 'rowspan' => true, 'scope' => true, 'style' => true, 'valign' => true, 'width' => true), 'tfoot' => array('align' => true, 'char' => true, 'class' => true, 'charoff' => true, 'valign' => true), 'th' => array('abbr' => true, 'align' => true, 'axis' => true, 'bgcolor' => true, 'char' => true, 'charoff' => true, 'class' => true, 'colspan' => true, 'headers' => true, 'height' => true, 'nowrap' => true, 'rowspan' => true, 'scope' => true, 'valign' => true, 'width' => true), 'thead' => array('align' => true, 'char' => true, 'charoff' => true, 'class' => true, 'valign' => true), 'title' => array('class' => true), 'tr' => array('align' => true, 'bgcolor' => true, 'char' => true, 'charoff' => true, 'class' => true, 'style' => true, 'valign' => true), 'tt' => array('class' => true), 'u' => array('class' => true), 'ul' => array('class' => true, 'style' => true, 'type' => true), 'ol' => array('class' => true, 'start' => true, 'style' => true, 'type' => true), 'var' => array('class' => true), 'video' => array('autoplay' => true, 'class' => true, 'controls' => true, 'height' => true, 'id' => true, 'loop' => true, 'muted' => true, 'poster' => true, 'preload' => true, 'src' => true, 'style' => true, 'width' => true)); $target = isset($spVars['forumid']) ? $spVars['forumid'] : 'global'; if (isset($spThisUser) && sp_get_auth('can_use_iframes', $target, $spThisUser->ID)) { $allowedforumtags['iframe'] = array('width' => true, 'height' => true, 'frameborder' => true, 'src' => true, 'frameborder' => true, 'marginwidth' => true, 'marginheight' => true); } $allowedforumtags = apply_filters('sph_kses_allowed_tags', $allowedforumtags); }
function sp_update_users_newposts() { global $spThisUser; # Check the users checktime against the last post timestamp to see if we need to do this $checkTime = spdb_zone_mysql_checkdate($spThisUser->checktime); $postTime = sp_get_option('poststamp'); if (strtotime($checkTime) > strtotime($postTime) && !isset($_GET['mark-read'])) { return; } # so there must have been a new post since the last page load for this user $newPostList = $spThisUser->newposts; if (empty($newPostList['topics'])) { # clean it up to be on the safe side unset($newPostList); $newPostList = array(); $newPostList['topics'] = array(); $newPostList['forums'] = array(); } # create new holding array and new checktime (now) $addPostList = array(); $addPostList['topics'] = array(); $addPostList['forums'] = array(); sp_set_server_timezone(); $newCheckTime = sp_apply_timezone(time(), 'mysql'); # Use the current checktime for any new posts since users session began $records = spdb_select('set', "SELECT DISTINCT topic_id, forum_id FROM " . SFPOSTS . "\n\t\t\t\t\t\t\t\t WHERE post_status = 0 AND post_date > '" . $checkTime . "' AND user_id != " . $spThisUser->ID . "\n\t\t\t\t\t\t\t\t ORDER BY post_id DESC LIMIT " . $spThisUser->unreadposts . ";", ARRAY_A); if ($records) { foreach ($records as $r) { if (sp_get_auth('view_forum', $r['forum_id']) && !in_array($r['topic_id'], $newPostList['topics'])) { $addPostList['topics'][] = $r['topic_id']; $addPostList['forums'][] = $r['forum_id']; } } } $addPostList = apply_filters('sph_new_post_list', $addPostList, $newPostList); # now merge the arrays and truncate if necessary $newPostList['topics'] = array_merge($addPostList['topics'], $newPostList['topics']); $newPostList['forums'] = array_merge($addPostList['forums'], $newPostList['forums']); if (count($newPostList['topics']) > $spThisUser->unreadposts) { array_splice($newPostList['topics'], $spThisUser->unreadposts); array_splice($newPostList['forums'], $spThisUser->unreadposts); } # update sfmembers - do it here to ensure both are updated together spdb_query("UPDATE " . SFMEMBERS . " SET newposts='" . serialize($newPostList) . "', checktime='" . $newCheckTime . "' WHERE user_id=" . $spThisUser->ID); $spThisUser->newpostlist = true; $spThisUser->checktime = $newCheckTime; $spThisUser->newposts = $newPostList; }
function sp_do_sp_AddNewTopicLinkTag($args = '') { #check if forum displayed if (sp_abort_display_forum()) { return; } $defs = array('tagId' => 'spAddNewTopicLinkTag', 'tagClass' => 'spLinkTag', 'forumId' => '', 'linkText' => '%FORUMNAME%', 'beforeLink' => __('Add new topic in the ', 'sp-ttags'), 'afterLink' => __(' forum', 'sp-ttags'), 'echo' => 1); $a = wp_parse_args($args, $defs); $a = apply_filters('sph_AddNewTopicLinkTag_args', $a); extract($a, EXTR_SKIP); # sanitize before use $tagId = esc_attr($tagId); $tagClass = esc_attr($tagClass); $forumId = (int) $forumId; $linkText = esc_attr($linkText); $beforeLink = sp_filter_title_display($beforeLink); $afterLink = sp_filter_title_display($afterLink); $echo = (int) $echo; if (!$forumId) { return; } if (!empty($beforeLink)) { $beforeLink = trim($beforeLink) . ' '; } if (!empty($afterLink)) { $afterLink = ' ' . trim($afterLink); } sp_forum_api_support(); if (sp_get_auth('start_topics', $forumId)) { $forum = spdb_table(SFFORUMS, "forum_id={$forumId}", 'row'); $linkText = str_replace("%FORUMNAME%", sp_filter_title_display($forum->forum_name), $linkText); $url = sp_build_url($forum->forum_slug, '', 0, 0); $url = sp_get_sfqurl($url) . 'new=topic'; $out = "<span id='{$tagId}' class='{$tagClass}'>"; $out .= $beforeLink . '<a href="' . $url . '">' . $linkText . '</a>' . $afterLink; $out .= '</span>'; $out = apply_filters('sph_AddNewTopicLinkTag', $out); if ($echo) { echo $out; } else { return $out; } } }
function sp_ForumIndexAddIcon($args = '', $toolTip = '') { global $spThisForum, $spGlobals, $spThisUser; $defs = array('tagId' => 'spForumIndexAddIcon%ID%', 'tagClass' => 'spIcon', 'icon' => 'sp_ForumStatusAdd.png', 'echo' => 1, 'get' => 0); $a = wp_parse_args($args, $defs); $a = apply_filters('sph_ForumIndexAddIcon_args', $a); extract($a, EXTR_SKIP); # sanitize before use $tagId = esc_attr($tagId); $tagClass = esc_attr($tagClass); $icon = sanitize_file_name($icon); $echo = (int) $echo; $tagId = str_ireplace('%ID%', $spThisForum->forum_id, $tagId); $out = ''; # add new topic icon if (sp_get_auth('start_topics', $spThisForum->forum_id) && (!$spThisForum->forum_status && !$spGlobals['lockdown'] || $spThisUser->admin)) { $url = sp_build_url($spThisForum->forum_slug, '', 1, 0) . sp_add_get() . 'new=topic'; $out .= "<a id='{$tagId}' class='{$tagClass} vtip' title='{$toolTip}' href='{$url}'>\n"; if (!empty($icon)) { $out .= "<img src='" . sp_find_icon(SPTHEMEICONSURL, "{$icon}") . "' alt='' />\n"; } $out .= "</a>\n"; $out = apply_filters('sph_ForumIndexAddIcon', $out, $a); } if ($echo) { echo $out; } else { return $out; } }
function sp_post_editor_smileys_options($out, $spThisTopic, $a, $toolbar) { global $spGlobals, $spVars, $spThisUser; extract($a, EXTR_SKIP); # sanitize $controlInput = esc_attr($controlInput); $labelSmileys = sp_filter_title_display($labelSmileys); $labelOptions = sp_filter_title_display($labelOptions); $labelOptionTime = sp_filter_title_display($labelOptionTime); $smileysBox = ''; $optionsBox = ''; # work out what we need to display $display = array(); $display['smileys'] = false; $display['options'] = false; if (sp_get_auth('can_use_smileys', $spThisTopic->forum_id)) { $display['smileys'] = true; } if ((sp_get_auth('lock_topics', $spThisTopic->forum_id) || sp_get_auth('pin_posts', $spThisTopic->forum_id)) && $spVars['displaymode'] != 'edit' || $spThisUser->admin || $spThisUser->moderator) { $display['options'] = true; } $display = apply_filters('sph_post_editor_display_options', $display); # Now start the displays $class = $toolbar == 'toolbar' ? ' spInlineSection' : ''; if ($display['smileys'] || $display['options']) { $out .= sp_InsertBreak('echo=0') . "<div>\n"; } # Smileys if ($display['smileys']) { $smileysBox = apply_filters('sph_post_smileys_display', $smileysBox, $spThisTopic, $a); if ($display['options'] && $toolbar == 'inline') { $smileysBox .= "<div id='spSmileysBox' class='spEditorSection spEditorSectionLeft{$class}'>\n"; } else { $smileysBox .= "<div id='spSmileysBox' class='spEditorSection{$class}'>\n"; } $smileysBox .= "<div class='spEditorHeading'>{$labelSmileys}\n"; $smileysBox = apply_filters('sph_post_smileys_header_add', $smileysBox, $spThisTopic, $a); $smileysBox .= '</div>'; $smileysBox .= '<div class="spEditorSmileys">' . "\n"; $smileysBox .= sp_render_smileys(); $smileysBox .= '</div>'; $smileysBox = apply_filters('sph_post_smileys_add', $smileysBox, $spThisTopic, $a); if ($toolbar == 'toolbar') { $smileysBox .= sp_InsertBreak('direction=both&spacer=6px&echo=0'); } $smileysBox .= '</div>' . "\n"; } # Options if ($display['options']) { $optionsBox = apply_filters('sph_post_options_display', $optionsBox, $spThisTopic, $a); if ($display['smileys'] && $toolbar == 'inline') { $optionsBox .= "<div id='spOptionsBox' class='spEditorSection spEditorSectionRight{$class}'>\n"; } else { $optionsBox .= "<div id='spOptionsBox' class='spEditorSection{$class}'>\n"; } $optionsBox .= "<div class='spEditorHeading'>{$labelOptions}\n"; $optionsBox = apply_filters('sph_post_options_header_add', $optionsBox, $spThisTopic, $a); $optionsBox .= '</div>'; if ($spVars['displaymode'] != 'edit') { $labelOptionLock = sp_filter_title_display($labelOptionLock); $labelOptionPin = sp_filter_title_display($labelOptionPin); if (sp_get_auth('lock_topics', $spThisTopic->forum_id)) { $optionsBox .= "<input type='checkbox' class='{$controlInput}' name='topiclock' id='sftopiclock' tabindex='110' />\n"; $optionsBox .= "<label class='spLabel spCheckbox' for='sftopiclock'>{$labelOptionLock}</label>\n"; $optionsBox .= "<br />\n"; } if (sp_get_auth('pin_topics', $spThisTopic->forum_id)) { $optionsBox .= "<input type='checkbox' class='{$controlInput}' name='postpin' id='sfpostpin' tabindex='111' />\n"; $optionsBox .= "<label class='spLabel spCheckbox' for='sfpostpin'>{$labelOptionPin}</label>\n"; $optionsBox .= "<br />\n"; } } if ($spThisUser->admin) { $optionsBox .= "<input type='checkbox' class='{$controlInput}' tabindex='112' id='sfeditTimestamp' name='editTimestamp' onchange='spjToggleLayer(\"spHiddenTimestamp\");'/>\n"; $optionsBox .= "<label class='spLabel spCheckbox' for='sfeditTimestamp'>{$labelOptionTime}</label>\n"; $optionsBox .= "<br />\n"; } if ($spThisUser->admin) { global $wp_locale, $month, $spThisPost; $time_adj = time() + get_option('gmt_offset') * 3600; $dd = gmdate('d', $time_adj); $mm = gmdate('m', $time_adj); $yy = gmdate('Y', $time_adj); $hh = gmdate('H', $time_adj); $mn = gmdate('i', $time_adj); $ss = gmdate('s', $time_adj); $optionsBox .= '<div id="spHiddenTimestamp">' . "\n"; $optionsBox .= "<select class='{$controlInput}' tabindex='114' name='tsMonth' onchange='editTimestamp.checked=true'>\n"; for ($i = 1; $i < 13; $i = $i + 1) { $optionsBox .= "\t\t\t<option value=\"{$i}\""; if ($i == $mm) { $optionsBox .= " selected='selected'"; } if (class_exists('WP_Locale')) { $optionsBox .= '>' . $wp_locale->get_month($i) . '</option>'; } else { $optionsBox .= '>' . $month[$i] . '</option>'; } } $optionsBox .= '</select> '; $optionsBox .= "<input class='{$controlInput}' tabindex='115' type='text' id='tsDay' name='tsDay' value='{$dd}' size='2' maxlength='2'/> \n"; $optionsBox .= "<input class='{$controlInput}' tabindex='116' type='text' id='tsYear' name='tsYear' value='{$yy}' size='4' maxlength='5'/> @\n"; $optionsBox .= "<input class='{$controlInput}' tabindex='117' type='text' id='tsHour' name='tsHour' value='{$hh}' size='2' maxlength='2'/> :\n"; $optionsBox .= "<input class='{$controlInput}' tabindex='118' type='text' id='tsMinute' name='tsMinute' value='{$mn}' size='2' maxlength='2'/> \n"; $optionsBox .= "<input class='{$controlInput}' tabindex='119' type='hidden' id='tsSecond' name='tsSecond' value='{$ss}' /> \n"; $optionsBox .= "</div>"; } if ($spVars['displaymode'] == 'edit') { $optionsBox = apply_filters('sph_post_edit_options_add', $optionsBox, $spThisTopic, $a); } else { $optionsBox = apply_filters('sph_post_options_add', $optionsBox, $spThisTopic, $a); } if ($toolbar == 'toolbar') { $optionsBox .= sp_InsertBreak('direction=both&spacer=6px&echo=0'); } else { $optionsBox .= sp_InsertBreak('echo=0'); } $optionsBox .= '</div>' . "\n"; } if ($display['smileys'] || $display['options']) { $out .= $smileysBox . $optionsBox; $out .= sp_InsertBreak('echo=0'); $out .= '</div>'; } return $out; }
# get all the tabs meta info $tabs = sp_profile_get_tabs(); if (!empty($tabs)) { foreach ($tabs as $tab) { # find the pressed tab in the list of tabs if ($tab['slug'] == $thisTab) { # now output the menu and content $first = true; $thisForm = ''; $thisName = ''; $thisSlug = ''; $out = ''; if (!empty($tab['menus'])) { foreach ($tab['menus'] as $menu) { # do we need an auth check? $authCheck = empty($menu['auth']) ? true : sp_get_auth($menu['auth'], '', $userid); # is this menu being displayed and does user have auth to see it? if ($authCheck && $menu['display']) { $current = ''; # if tab press, see if its the first if ($first && empty($thisMenu)) { $current = 'current'; $thisName = $menu['name']; $thisForm = $menu['form']; $thisSlug = $menu['slug']; $first = false; } else { if (!empty($thisMenu)) { # if this menu was pressed, make it the current form if ($menu['slug'] == $thisMenu) { $current = 'current';
function sp_forumview_stats_query($topics, $forumid) { if (empty($topics)) { return; } global $spThisUser; $t = implode(',', $topics); $spdb = new spdbComplex(); $spdb->table = SFPOSTS; $spdb->fields = SFPOSTS . '.post_id, ' . SFPOSTS . '.topic_id, ' . spdb_zone_datetime('post_date') . ', guest_name, ' . SFPOSTS . '.user_id, post_content, post_status, ' . SFMEMBERS . '.display_name, post_index'; $spdb->join = array(SFTOPICS . ' ON ' . SFTOPICS . '.topic_id = ' . SFPOSTS . '.topic_id'); $spdb->left_join = array(SFMEMBERS . ' ON ' . SFPOSTS . '.user_id = ' . SFMEMBERS . '.user_id'); # only show posts awaiting moderation to admins/mods if (sp_get_auth('moderate_posts', $forumid)) { $spdb->where = SFPOSTS . '.topic_id IN (' . $t . ') AND (post_index = 1 OR ' . SFPOSTS . '.post_id = ' . SFTOPICS . '.post_id)'; } else { $spdb->where = SFPOSTS . '.topic_id IN (' . $t . ') AND (post_index = 1 OR ' . SFPOSTS . '.post_id = ' . SFTOPICS . '.post_id_held)'; } $spdb->orderby = SFPOSTS . '.topic_id, ' . SFPOSTS . '.post_id'; $spdb = apply_filters('sph_forumview_stats_query', $spdb, $this); if (!empty($spThisUser->inspect['q_spForumViewStats'])) { $spdb->inspect = 'spForumViewStats'; $spdb->show = true; } $records = $spdb->select(); return $records; }
function sp_ProfileShowEmail($args = '', $label = '') { global $spProfileUser, $spThisUser; if (!sp_get_auth('view_profiles')) { return; } $defs = array('tagClass' => 'spProfileShowLink', 'leftClass' => 'spColumnSection spProfileLeftCol', 'middleClass' => 'spColumnSection spProfileSpacerCol', 'rightClass' => 'spColumnSection spProfileRightCol', 'adminOnly' => 1, 'echo' => 1, 'get' => 0); $a = wp_parse_args($args, $defs); $a = apply_filters('sph_ProfileShowLink_args', $a); extract($a, EXTR_SKIP); # sanitize before use $tagClass = esc_attr($tagClass); $leftClass = esc_attr($leftClass); $middleClass = esc_attr($middleClass); $rightClass = esc_attr($rightClass); $adminOnly = (int) $adminOnly; # this should really be bypass permission or let anyone view $label = sp_filter_title_display($label); $echo = (int) $echo; $get = (int) $get; if ($get) { return $spProfileUser->user_email; } if (sp_get_auth('view_email') || !$adminOnly) { $out = ''; $out .= "<div class='{$leftClass}'>"; $out .= "<p class='{$tagClass}'>{$label}:</p>"; $out .= '</div>'; $out .= "<div class='{$middleClass}'></div>"; $out .= "<div class='{$rightClass}'>"; $out .= "<p class='{$tagClass}'>{$spProfileUser->user_email}</p>"; $out .= "</div>\n"; $out = apply_filters('sph_ProfileShowEmail', $out, $spProfileUser, $a); if ($echo) { echo $out; } else { return $out; } } }
function sp_filter_rss_display($content) { global $spVars; #save unedited content $original = $content; # 1: Backwards compatible make links clickable $content = sp_filter_display_links($content); # 3: Convert Chars $content = sp_filter_display_chars($content); # 4: Format the paragraphs $content = sp_filter_display_paragraphs($content); # 5: strip shortcodes if (sp_get_option('sffiltershortcodes')) { $content = sp_filter_display_shortcodes($content); } # 6: hide links if (!sp_get_auth('view_links', $spVars['forumid'])) { $content = sp_filter_display_hidelinks($content); } # 7: apply any users custom filters $content = apply_filters('sph_display_rss_content_filter', $content, $original); return $content; }
function sp_render_common_tools($forum, $topic, $post = 0, $page = 0) { global $spThisUser; $out = ''; if (sp_get_auth('lock_topics', $forum['forum_id'])) { $out .= '<div class="spForumToolsLock">'; $locktext = $topic['topic_status'] ? sp_text('Unlock this topic') : sp_text('Lock this topic'); $out .= '<img class="spIcon" src="' . sp_find_icon(SPTHEMEICONSURL, 'sp_ToolsLock.png') . '" alt="" title="" />'; $ajaxUrl = SFHOMEURL . 'index.php?sp_ahah=admintools&sfnonce=' . wp_create_nonce('forum-ahah') . '&action=lock-topic&topic=' . $topic['topic_id']; $out .= "<a href='javascript:void(null)' onclick='spjLockTopic(\"{$ajaxUrl}\");'>{$locktext}</a>"; $out .= '</div>'; } if (sp_get_auth('pin_topics', $forum['forum_id'])) { $out .= '<div class="spForumToolsPin">'; $pintext = $topic['topic_pinned'] ? sp_text('Unpin this topic') : sp_text('Pin this topic'); $out .= '<img class="spIcon" src="' . sp_find_icon(SPTHEMEICONSURL, 'sp_ToolsPin.png') . '" alt="" title="" />'; $ajaxUrl = SFHOMEURL . 'index.php?sp_ahah=admintools&sfnonce=' . wp_create_nonce('forum-ahah') . '&action=pin-topic&topic=' . $topic['topic_id']; $out .= "<a href='javascript:void(null)' onclick='spjPinTopic(\"{$ajaxUrl}\");'>{$pintext}</a>"; $out .= '</div>'; } if (sp_get_auth('pin_topics', $forum['forum_id']) && $topic['topic_pinned']) { $out .= '<div class="spForumToolsPin">'; $pintext = sp_text('Promote this pinned topic'); $out .= '<img class="spIcon" src="' . sp_find_icon(SPTHEMEICONSURL, 'sp_ToolsPin.png') . '" alt="" title="" />'; $site = SFHOMEURL . 'index.php?sp_ahah=admintools&sfnonce=' . wp_create_nonce('forum-ahah') . '&action=order-pins&topicid=' . $topic['topic_id'] . '&forumid=' . $forum['forum_id'] . '&userid=' . $topic['user_id']; $title = sp_text('Order Pinned Topics'); $out .= '<a rel="nofollow" href="javascript:void(null)" onclick="spjDialogAjax(this, \'' . $site . '\', \'' . esc_js($title) . '\', 400, 0, \'center\');">' . $title . '</a>'; $out .= '</div>'; } if (sp_get_auth('edit_own_topic_titles', $forum['forum_id']) && $topic['user_id'] == $spThisUser->ID || sp_get_auth('edit_any_topic_titles', $forum['forum_id'])) { $out .= '<div class="spForumToolsEdit">'; $out .= '<img class="spIcon" src="' . sp_find_icon(SPTHEMEICONSURL, 'sp_ToolsEdit.png') . '" alt="" title="" />'; $site = SFHOMEURL . 'index.php?sp_ahah=admintools&sfnonce=' . wp_create_nonce('forum-ahah') . '&action=edit-title&topicid=' . $topic['topic_id'] . '&forumid=' . $forum['forum_id'] . '&userid=' . $topic['user_id']; $title = sp_text('Edit topic title'); $out .= '<a rel="nofollow" href="javascript:void(null)" onclick="spjDialogAjax(this, \'' . $site . '\', \'' . esc_js($title) . '\', 400, 0, \'center\');">' . $title . '</a>'; $out .= '</div>'; } if (sp_get_auth('delete_topics', $forum['forum_id'])) { $out .= '<div class="spForumToolsDelete">'; $out .= '<img class="spIcon" src="' . sp_find_icon(SPTHEMEICONSURL, 'sp_ToolsDelete.png') . '" alt="" title="" />'; $msg = esc_js(sp_text('Are you sure you want to delete this topic?')); $view = !empty($post) ? 'topic' : 'forum'; $ajaxUrl = SFHOMEURL . 'index.php?sp_ahah=admintools&sfnonce=' . wp_create_nonce('forum-ahah') . '&action=delete-topic&killtopic=' . $topic['topic_id'] . '&killtopicforum=' . $forum['forum_id'] . '&page=' . $page . "&view={$view}"; $out .= "<a href='javascript:void(null)' onclick='spjDeleteTopic(\"{$ajaxUrl}\", {$topic['topic_id']}, {$forum['forum_id']});'>"; $out .= sp_text('Delete this topic'); $out .= '</a>'; } if (sp_get_auth('move_topics', $forum['forum_id'])) { $out .= '<div class="spForumToolsMove">'; $out .= '<img class="spIcon" src="' . sp_find_icon(SPTHEMEICONSURL, 'sp_ToolsMove.png') . '" alt="" title="" />'; $site = SFHOMEURL . 'index.php?sp_ahah=admintools&sfnonce=' . wp_create_nonce('forum-ahah') . '&action=move-topic&topicid=' . $topic['topic_id'] . '&forumid=' . $forum['forum_id']; $title = sp_text('Move this topic'); $out .= '<a rel="nofollow" href="javascript:void(null)" onclick="spjDialogAjax(this, \'' . $site . '\', \'' . esc_js($title) . '\', 400, 0, \'center\');">' . $title . '</a>'; $out .= '</div>'; } $out = apply_filters('sph_add_common_tools', $out, $forum, $topic, $post, $page); return $out; }
function validateData() { $this->abort = false; $this->newpost['action'] = $this->action; # Check flood control (done here vice validatePermission() so we can use the return to post feature) if (!sp_get_auth('bypass_flood_control', $this->newpost['forumid'], $this->userid)) { $flood = sp_get_cache('floodcontrol'); if (!empty($flood) && time() < $flood) { $this->abort = true; $this->message = sp_text('Flood control exceeded, please slow down - Post cannot be saved yet'); return; } } # Check topic name if (empty($this->newpost['topicname'])) { $this->abort = true; $this->message = sp_text('No topic name has been entered and post cannot be saved'); return; } else { $this->newpost['topicname'] = sp_filter_title_save($this->newpost['topicname'], SFTOPICS, 'topic_name'); } # Check Post Content if (empty($this->newpost['postcontent'])) { $this->abort = true; $this->message = sp_text('No topic post has been entered and post cannot be saved'); return; } else { $this->newpost['postcontent_unescaped'] = sp_filter_content_save($this->newpost['postcontent'], 'new', false, SFPOSTS, 'post_content'); $this->newpost['postcontent'] = sp_filter_content_save($this->newpost['postcontent'], 'new', true, SFPOSTS, 'post_content'); } # Check and set user names/ids etc if ($this->guest) { $sfguests = sp_get_option('sfguests'); if (empty($this->newpost['guestname']) || (empty($this->newpost['guestemail']) || !is_email($this->newpost['guestemail'])) && $sfguests['reqemail']) { $this->abort = true; $this->message = sp_text('Guest name and valid email address required'); return; } # force maximum lengths $this->newpost['guestname'] = substr(sp_filter_name_save($this->newpost['guestname']), 0, 20); $this->newpost['guestemail'] = substr(sp_filter_email_save($this->newpost['guestemail']), 0, 50); $this->newpost['postername'] = $this->newpost['guestname']; $this->newpost['posteremail'] = $this->newpost['guestemail']; # check for blacklisted guest name $blockedGuest = sp_get_option('guest-name'); if (!empty($blockedGuest)) { $names = explode(',', $blockedGuest); foreach ($names as $name) { if (strtolower(trim($name)) == strtolower($this->newpost['guestname'])) { $this->abort = true; $this->message = sp_text('The guest name you have chosen is not allowed on this site'); return; } } } # check that the guest name is not the same as a current user $checkdupe = spdb_table(SFMEMBERS, "display_name='" . $this->newpost['guestname'] . "'", 'display_name'); if (!empty($checkdupe)) { $this->abort = true; $this->message = sp_text('This user name already belongs to a forum member'); return; } } # Check if links allowed or if maxmium links have been exceeded $sffilters = sp_get_option('sffilters'); if (!$this->admin) { $links = $this->count_links(); if (sp_get_auth('create_links', $this->newpost['forumid'], $this->userid)) { if ($sffilters['sfmaxlinks'] > 0 && $links > $sffilters['sfmaxlinks']) { $this->abort = true; $this->message = sp_text('Maximum number of allowed links exceeded') . ': ' . $sffilters['sfmaxlinks'] . ' ' . sp_text('allowed'); return; } } else { if ($links > 0) { $this->abort = true; $this->message = sp_text('You are not allowed to put links in post content'); return; } } } # Check if maxmium smileys have been exceeded if (!$this->admin) { if (isset($sffilters['sfmaxsmileys']) && $sffilters['sfmaxsmileys'] > 0 && $this->count_smileys() > $sffilters['sfmaxsmileys']) { $this->abort = true; $this->message = sp_text('Maximum number of allowed smileys exceeded') . ': ' . $sffilters['sfmaxsmileys'] . ' ' . sp_text('allowed'); return; } } # Check for duplicate post of option is set if ($this->member && $sffilters['sfdupemember'] == true || $this->guest && $sffilters['sfdupeguest'] == true) { # But not admin or moderator if (!$this->admin && !$this->moderator) { $dupecheck = spdb_table(SFPOSTS, 'forum_id = ' . $this->newpost['forumid'] . ' AND topic_id=' . $this->newpost['topicid'] . " AND post_content='" . $this->newpost['postcontent'] . "' AND poster_ip='" . $this->newpost['posterip'] . "'", 'row', '', '', ARRAY_A); if ($dupecheck) { $this->abort = true; $this->message = sp_text('Duplicate post refused'); return; } } } # Establish moderation status $bypassAll = sp_get_auth('bypass_moderation', $this->newpost['forumid'], $this->userid); $bypassOnce = sp_get_auth('bypass_moderation_once', $this->newpost['forumid'], $this->userid); if ($bypassAll == true && $bypassOnce == true) { $this->newpost['poststatus'] = 0; } else { if ($bypassAll == false && $bypassOnce == false) { $this->newpost['poststatus'] = 1; } else { if ($bypassAll == true && $bypassOnce == false) { $this->newpost['poststatus'] = 1; if ($this->member) { $prior = spdb_table(SFPOSTS, 'user_id=' . $this->newpost['userid'] . ' AND post_status=0', 'row', '', '1'); if ($prior) { $this->newpost['poststatus'] = 0; } } else { if ($this->guest) { $prior = spdb_table(SFPOSTS, "guest_name='" . $this->newpost['guestname'] . "' AND guest_email='" . $this->newpost['guestemail'] . "' AND post_status=0", 'row', '', '1'); if ($prior) { $this->newpost['poststatus'] = 0; } } } } else { $this->newpost['poststatus'] = 1; } } } # Finally one or two other data items if ($this->action == 'topic') { $this->newpost['topicslug'] = sp_create_slug($this->newpost['topicname'], true, SFTOPICS, 'topic_slug'); } else { $this->newpost['emailprefix'] = 'Re: '; } $this->newpost['groupname'] = sp_get_group_name_from_forum($this->newpost['forumid']); if (empty($this->newpost['forumname'])) { $this->newpost['forumname'] = spdb_table(SFFORUMS, "forum_slug='" . $this->newpost['forumslug'] . "'", 'forum_name'); } $this->newpost = apply_filters('sph_post_data_validation', $this->newpost); do_action('sph_pre_post_create', $this->newpost); $this->newpost = apply_filters('sph_new_forum_post', $this->newpost); }
function sp_captcha_do_check_post($newpost) { if (!sp_get_auth('bypass_captcha', $newpost['forumid'])) { if (!session_id()) { session_start(); } if (isset($_POST['captcha']) && $_POST['captcha'] == $_SESSION['captcha']) { unset($_SESSION['captcha']); } else { $newpost['error'] = __('Post cannot be saved - captcha not properly completed', 'sp-cap'); } } return $newpost; }
function sp_build_name_display($userid, $username, $linkNames = 1) { global $spThisUser, $spVars; $username = apply_filters('sph_build_name_display', $username, $userid); if ($userid) { $profile = sp_get_option('sfprofile'); if (sp_get_auth('view_profiles') && ($profile['namelink'] == 2 && $linkNames == 1)) { # link to profile return sp_attach_user_profile_link($userid, $username); } else { if ($profile['namelink'] == 3) { # link to website return sp_attach_user_web_link($userid, $username); } else { $username = apply_filters('sph_build_name_display_option', $username, $userid); } } } # neither permission or profile/web link return $username; }
function sp_process_profileshow_view() { global $spVars, $spThisUser; if (!empty($spVars['member'])) { $userid = (int) $spVars['member']; $userid = spdb_table(SFMEMBERS, "user_id={$userid}", 'user_id'); } else { $userid = $spThisUser->ID; } if (!sp_get_auth('view_profiles') || empty($userid) || $userid < 0) { sp_notify(SPFAILURE, sp_text('Invalid profile request')); return 'spDefault.php'; } else { global $spProfileUser; sp_SetupUserProfileData(); return 'spProfileShow.php'; } }
function sp_listview_query($topicIds, $count, $group, $forumIds, $firstPost, $popup) { global $spThisUser, $spGlobals; # If no topic ids and no count then nothjing to do - return empty if (empty($topicIds) && $count == 0) { return; } # set popup flag for new posts $this->popup = $popup; # Do we have enough topic ids to satisfy count? if (empty($topicIds) || $count != 0 && count($topicIds) < $count) { $topicIds = $this->sp_listview_populate_topicids($topicIds, $forumIds, $count); } # Do we havwe too many topic ids? if ($topicIds && ($count != 0 && count($topicIds) > $count)) { $topicIds = array_slice($topicIds, 0, $count, true); } if (empty($topicIds)) { return; } # Construct the main WHERE clause and then main query $where = SFTOPICS . '.topic_id IN (' . implode(',', $topicIds) . ')'; if ($group) { $orderby = 'group_seq, forum_seq, ' . SFTOPICS . '.post_id DESC'; } else { $orderby = SFTOPICS . '.post_id DESC'; } $spdb = new spdbComplex(); $spdb->table = SFTOPICS; $spdb->fields = SFTOPICS . '.forum_id, forum_name, forum_slug, forum_disabled, ' . SFTOPICS . '.topic_id, topic_name, topic_slug, topic_icon, topic_icon_new, ' . SFTOPICS . '.post_count, ' . SFTOPICS . '.post_id, post_status, post_index, ' . spdb_zone_datetime('post_date') . ', guest_name, ' . SFPOSTS . '.user_id, post_content, display_name'; $spdb->join = array(SFFORUMS . ' ON ' . SFFORUMS . '.forum_id = ' . SFTOPICS . '.forum_id', SFGROUPS . ' ON ' . SFGROUPS . '.group_id = ' . SFFORUMS . '.group_id', SFPOSTS . ' ON ' . SFPOSTS . '.post_id = ' . SFTOPICS . '.post_id'); $spdb->left_join = array(SFMEMBERS . ' ON ' . SFMEMBERS . '.user_id = ' . SFPOSTS . '.user_id'); $spdb->where = $where; $spdb->orderby = $orderby; $spdb = apply_filters('sph_topic_list_query', $spdb, $this); $records = $spdb->select(); # add filters where required plus extra data # And the new array $list = array(); if ($records) { # check if all forum ids are the same $x = current($records); $f = $x->forum_id; $single = 1; foreach ($records as $r) { if ($r->forum_id != $f) { $single = 0; } } reset($records); $new = ''; $first = ''; # Now we can grab the supplementary post records where there may be new posts... if ($spThisUser->member) { $new = $this->sp_listview_populate_newposts($topicIds); } # go and grab the first post info if desired if ($firstPost) { $first = $this->sp_listview_populate_firstposts($topicIds); } # Some values we need # How many topics to a page? $ppaged = $spGlobals['display']['posts']['perpage']; if (empty($ppaged) || $ppaged == 0) { $ppaged = 20; } # establish topic sort order $order = 'ASC'; # default if ($spGlobals['display']['posts']['sortdesc']) { $order = 'DESC'; } # global override $listPos = 1; foreach ($records as $r) { $show = true; # can the user see this forum? if (!sp_can_view($r->forum_id, 'topic-title')) { $show = false; } # if in moderattion can this user approve posts? if ($r->post_status != 0 && !sp_get_auth('moderate_posts', $r->forum_id)) { $show = false; } if ($show) { $t = $r->topic_id; $list[$t] = new stdClass(); $list[$t]->forum_id = $r->forum_id; $list[$t]->forum_name = sp_filter_title_display($r->forum_name); $list[$t]->forum_disabled = $r->forum_disabled; $list[$t]->forum_permalink = sp_build_url($r->forum_slug, '', 1, 0); $list[$t]->topic_id = $r->topic_id; $list[$t]->topic_name = sp_filter_title_display($r->topic_name); $list[$t]->topic_permalink = sp_build_url($r->forum_slug, $r->topic_slug, 1, 0); $list[$t]->topic_icon = sanitize_file_name($r->topic_icon); $list[$t]->topic_icon_new = sanitize_file_name($r->topic_icon_new); $list[$t]->post_count = $r->post_count; $list[$t]->post_id = $r->post_id; $list[$t]->post_status = $r->post_status; $list[$t]->post_date = $r->post_date; $list[$t]->user_id = $r->user_id; $list[$t]->guest_name = sp_filter_name_display($r->guest_name); $list[$t]->display_name = sp_filter_name_display($r->display_name); if (sp_can_view($r->forum_id, 'post-content', $spThisUser->ID, $r->user_id)) { $list[$t]->post_tip = $r->post_status ? sp_text('Post awaiting moderation') : sp_filter_tooltip_display($r->post_content, $r->post_status); } else { $list[$t]->post_tip = ''; } $list[$t]->list_position = $listPos; if (empty($r->display_name)) { $list[$t]->display_name = $list[$t]->guest_name; } # Lastly determine the page for the post permalink if ($order == 'ASC') { $page = $r->post_index / $ppaged; if (!is_int($page)) { $page = intval($page + 1); } } else { $page = $r->post_count - $r->post_index; $page = $page / $ppaged; $page = intval($page + 1); } $r->page = $page; $list[$t]->post_permalink = sp_build_url($r->forum_slug, $r->topic_slug, $r->page, $r->post_id, $r->post_index); $list[$t]->single_forum = $single; # add in any new post details if they exist if (!empty($new) && array_key_exists($t, $new)) { $list[$t]->new_post_count = $new[$t]->new_post_count; $list[$t]->new_post_post_id = $new[$t]->new_post_post_id; $list[$t]->new_post_post_index = $new[$t]->new_post_post_index; $list[$t]->new_post_post_date = $new[$t]->new_post_post_date; $list[$t]->new_post_user_id = $new[$t]->new_post_user_id; $list[$t]->new_post_display_name = $new[$t]->new_post_display_name; $list[$t]->new_post_guest_name = $new[$t]->new_post_guest_name; $list[$t]->new_post_permalink = sp_build_url($r->forum_slug, $r->topic_slug, 0, $new[$t]->new_post_post_id, $new[$t]->new_post_post_index); if (empty($new[$t]->new_post_display_name)) { $list[$t]->new_post_display_name = $new[$t]->new_post_guest_name; } } # add the first post info if desired if ($firstPost) { $list[$t]->first_post_permalink = sp_build_url($r->forum_slug, $r->topic_slug, 0, $first[$t]->post_id, 1); $list[$t]->first_post_date = $first[$t]->post_date; $list[$t]->first_user_id = $first[$t]->user_id; $list[$t]->first_guest_name = sp_filter_name_display($first[$t]->guest_name); $list[$t]->first_display_name = sp_filter_name_display($first[$t]->display_name); if (sp_can_view($r->forum_id, 'post-content', $spThisUser->ID, $first[$t]->user_id)) { $list[$t]->first_post_tip = $first[$t]->post_status ? sp_text('Post awaiting moderation') : sp_filter_tooltip_display($first[$t]->post_content, $first[$t]->post_status); } else { $list[$t]->first_post_tip = ''; } if (empty($list[$t]->first_display_name)) { $list[$t]->first_display_name = $list[$t]->first_guest_name; } } $list[$t] = apply_filters('sph_topic_list_record', $list[$t], $r); $listPos++; } } unset($records); unset($new); unset($first); } return $list; }
function sp_load_forum_scripts() { global $spVars, $spThisUser, $spMobile, $spDevice; $footer = sp_get_option('sfscriptfoot') ? true : false; do_action('sph_scripts_start', $footer); $script = defined('SP_SCRIPTS_DEBUG') && SP_SCRIPTS_DEBUG ? SFJSCRIPT . 'sp-forum-dev.js' : SFJSCRIPT . 'sp-forum.js'; sp_plugin_enqueue_script('spforum', $script, array('jquery', 'jquery-form'), false, $footer); $target = isset($spVars['forumid']) ? $spVars['forumid'] : 'global'; $strings = array('problem' => sp_text('Unable to save'), 'noguestname' => sp_text('No guest username entered'), 'noguestemail' => sp_text('No guest email Entered'), 'notopictitle' => sp_text('No topic title entered'), 'nomath' => sp_text('Spam math unanswered'), 'nocontent' => sp_text('No post content entered'), 'rejected' => sp_text('This post is rejected because it contains embedded formatting, probably pasted in form MS Word or other WYSIWYG editor'), 'iframe' => sp_text('This post contains an iframe which are disallowed'), 'savingpost' => sp_text('Saving post'), 'nosearch' => sp_text('No search text entered'), 'allwordmin' => sp_text('Minimum number of characters that can be used for a search word is'), 'somewordmin' => sp_text('Not all words can be used for the search as minimum word length is'), 'wait' => sp_text('Please wait'), 'deletepost' => sp_text('Are you sure you want to delete this post?'), 'deletetopic' => sp_text('Are you sure you want to delete this topic?'), 'topicdeleted' => sp_text('Topic deleted'), 'postdeleted' => sp_text('Post deleted'), 'markread' => sp_text('All posts marked as read'), 'pinpost' => sp_text('Post pin status toggled'), 'pintopic' => sp_text('Topic pin status toggled'), 'locktopic' => sp_text('Topic lock status toggled')); $strings = apply_filters('sph_forum_vars', $strings); sp_plugin_localize_script('spforum', 'sp_forum_vars', $strings); # Older themes (Unified) define a constant SP_MOBILE_THEME now being deprecated. # if this constant exists (custom Unfied theme) swap for theme cap registration if (defined('SP_MOBILE_THEME') && SP_MOBILE_THEME) { add_theme_support('sp-theme-responsive'); } # sp_platform_vars is not static so cannot be in combined js cache and cannote use localize script $tooltips = defined('SP_TOOLTIPS') ? SP_TOOLTIPS : true; $mobtheme = current_theme_supports('sp-theme-responsive') ? 1 : 0; $checkboxes = defined('SP_USE_PRETTY_CBOX') ? SP_USE_PRETTY_CBOX : false; $iframe = sp_get_auth('can_use_iframes', $target, $spThisUser->ID) ? 'no' : 'yes'; ?> <script type='text/javascript'> /* <![CDATA[ */ var sp_platform_vars = { "focus":"forum", "mobile":"<?php echo $spMobile; ?> ", "device":"<?php echo $spDevice; ?> ", "tooltips":"<?php echo $tooltips; ?> ", "mobiletheme":"<?php echo $mobtheme; ?> ", "checkboxes":"<?php echo $checkboxes; ?> ", "headpadding":"<?php echo sp_get_option('spheaderspace'); ?> ", "saveprocess": 0, "checkiframe":"<?php echo $iframe; ?> ", <?php do_action('sph_platform_vars'); ?> }; /* ]]> */ </script> <?php $script = defined('SP_SCRIPTS_DEBUG') && SP_SCRIPTS_DEBUG ? SFCJSCRIPT . 'sp-common-dev.js' : SFCJSCRIPT . 'sp-common.js'; sp_plugin_enqueue_script('spcommon', $script, array('jquery', 'jquery-ui-core', 'jquery-ui-widget', 'jquery-ui-dialog', 'jquery-ui-autocomplete', 'jquery-effects-slide'), false, $footer); if ($checkboxes) { $script = defined('SP_SCRIPTS_DEBUG') && SP_SCRIPTS_DEBUG ? SFCJSCRIPT . 'checkboxes/prettyCheckboxes-dev.js' : SFCJSCRIPT . 'checkboxes/prettyCheckboxes.js'; sp_plugin_enqueue_script('jquery.checkboxes', $script, array('jquery'), false, $footer); } $script = defined('SP_SCRIPTS_DEBUG') && SP_SCRIPTS_DEBUG ? SFJSCRIPT . 'print-this/printThis-dev.js' : SFJSCRIPT . 'print-this/printThis.js'; sp_plugin_enqueue_script('sfprintthis', $script, array('jquery'), false, $footer); # Dialog boxes and other jQuery UI components $script = defined('SP_SCRIPTS_DEBUG') && SP_SCRIPTS_DEBUG ? SFJSCRIPT . 'msdropdown/msdropdown-dev.js' : SFJSCRIPT . 'msdropdown/msdropdown.js'; sp_plugin_enqueue_script('jquery.ui.msdropdown', $script, array('jquery', 'jquery-ui-core', 'jquery-ui-widget'), false, $footer); if ($spDevice != 'desktop') { sp_plugin_enqueue_script('jquery-touch-punch', false, array('jquery', 'jquery-ui-core', 'jquery-ui-widget', 'jquery-ui-mouse'), false, $footer); $script = defined('SP_SCRIPTS_DEBUG') && SP_SCRIPTS_DEBUG ? SFJSCRIPT . 'mobile/sp-mobilemenu-dev.js' : SFJSCRIPT . 'mobile/sp-mobilemenu.js'; sp_plugin_enqueue_script('jquery.spmobilemenu', $script, array('jquery'), false, $footer); } else { sp_plugin_enqueue_script('jquery-ui-tooltip', false, array('jquery', 'jquery-ui-core', 'jquery-ui-widget'), false, $footer); } sp_plugin_enqueue_script('jquery.tools', SFJSCRIPT . 'jquery-tools/jquery.tools.min.js', array('jquery', 'jquery-ui-core', 'jquery-ui-widget'), false, $footer); # password strength meter on profile if ($spVars['pageview'] == 'profileedit') { wp_enqueue_script('user-profile'); } # tell plugins to enqueue their scripts do_action('sph_print_plugin_scripts', $footer); $combine_js = sp_get_option('combinejs'); if ($combine_js) { # use compressed scripts sp_combine_plugin_script_files(); } else { # use individual scripts global $sp_plugin_scripts, $wp_scripts; if (!empty($sp_plugin_scripts)) { foreach ($sp_plugin_scripts->queue as $handle) { # enqueue with wp $f = empty($sp_plugin_scripts->registered[$handle]->extra['group']) || $sp_plugin_scripts->registered[$handle]->extra['group'] == 0 ? false : true; $plugin_footer = is_array($sp_plugin_scripts->registered[$handle]->extra) && $f == 1 ? true : false; wp_enqueue_script($handle, $sp_plugin_scripts->registered[$handle]->src, $sp_plugin_scripts->registered[$handle]->deps, false, $plugin_footer); # too late to register script since already formatted - so just set the wp script data equal it our localized data $data = $sp_plugin_scripts->get_data($handle, 'data'); $wp_scripts->registered[$handle]->extra['data'] = $data; } } } do_action('sph_scripts_end', $footer); }
function sp_UpdateProfile() { global $spGlobals, $spThisUser; # make sure nonce is there check_admin_referer('forum-profile', 'forum-profile'); $message = array(); # dont update forum if its locked down if ($spGlobals['lockdown']) { $message['type'] = 'error'; $message['text'] = sp_text('This forum is currently locked - access is read only - profile not updated'); return $message; } # do we have a form to update? if (isset($_GET['form'])) { $thisForm = sp_esc_str($_GET['form']); } else { $message['type'] = 'error'; $message['text'] = sp_text('Profile update aborted - no valid form'); return $message; } # do we have an actual user to update? if (isset($_GET['userid'])) { $thisUser = sp_esc_int($_GET['userid']); } else { $message['type'] = 'error'; $message['text'] = sp_text('Profile update aborted - no valid user'); return $message; } # Check the user ID for current user of admin edit if ($thisUser != $spThisUser->ID && !$spThisUser->admin) { $message['type'] = 'error'; $message['text'] = sp_text('Profile update aborted - no valid user'); return $message; } if (isset($spThisUser->sp_change_pw) && $spThisUser->sp_change_pw) { $pass1 = $pass2 = ''; if (isset($_POST['pass1'])) { $pass1 = $_POST['pass1']; } if (isset($_POST['pass2'])) { $pass2 = $_POST['pass2']; } if (empty($pass1) || empty($pass2) || $pass1 != $pass2) { $message['type'] = 'error'; $message['text'] = sp_text('Cannot save profile until password has been changed'); return $message; } } # form save filter $thisForm = apply_filters('sph_profile_save_thisForm', $thisForm); # valid save attempt, so lets process the save switch ($thisForm) { case 'show-memberships': # update memberships # any usergroup removals? if (isset($_POST['usergroup_leave'])) { foreach ($_POST['usergroup_leave'] as $membership) { sp_remove_membership(sp_esc_str($membership), $thisUser); } } # any usergroup joins? if (isset($_POST['usergroup_join'])) { foreach ($_POST['usergroup_join'] as $membership) { sp_add_membership(sp_esc_int($membership), $thisUser); } } # fire action for plugins $message = apply_filters('sph_UpdateProfileMemberships', $message, $thisUser); # output update message if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Memberships updated'); } break; case 'account-settings': # update account settings # check for password update $pass1 = $pass2 = ''; if (isset($_POST['pass1'])) { $pass1 = $_POST['pass1']; } if (isset($_POST['pass2'])) { $pass2 = $_POST['pass2']; } if (!empty($pass1) || !empty($pass2)) { if ($pass1 != $pass2) { $message['type'] = 'error'; $message['text'] = sp_text('Please enter the same password in the two password fields'); return $message; } else { # update the password $user = new stdClass(); $user->ID = (int) $thisUser; $user->user_pass = $pass1; wp_update_user(get_object_vars($user)); if (isset($spThisUser->sp_change_pw) && $spThisUser->sp_change_pw) { delete_user_meta($spThisUser->ID, 'sp_change_pw'); } } } # now check the email is valid and unique $update = apply_filters('sph_ProfileUserEmailUpdate', true); if ($update) { $curEmail = sp_filter_email_save($_POST['curemail']); $email = sp_filter_email_save($_POST['email']); if ($email != $curEmail) { if (empty($email)) { $message['type'] = 'error'; $message['text'] = sp_text('Please enter a valid email address'); return $message; } elseif (($owner_id = email_exists($email)) && $owner_id != $thisUser) { $message['type'] = 'error'; $message['text'] = sp_text('The email address is already registered. Please choose another one'); return $message; } # save new email address $sql = 'UPDATE ' . SFUSERS . " SET user_email='{$email}' WHERE ID=" . $thisUser; spdb_query($sql); } } # fire action for plugins $message = apply_filters('sph_UpdateProfileSettings', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Account settings updated'); } break; case 'edit-profile': # update profile settings # validate any username change $update = apply_filters('sph_ProfileUserDisplayNameUpdate', true); if ($update) { $spProfile = sp_get_option('sfprofile'); if ($spProfile['nameformat'] || $spThisUser->admin) { $display_name = !empty($_POST['display_name']) ? trim($_POST['display_name']) : spdb_table(SFUSERS, "ID={$thisUser}", 'user_login'); $display_name = sp_filter_name_save($display_name); # make sure display name isnt already used if ($_POST['oldname'] != $display_name) { $records = spdb_table(SFMEMBERS, "display_name='{$display_name}'"); if ($records) { foreach ($records as $record) { if ($record->user_id != $thisUser) { $message['type'] = 'error'; $message['text'] = $display_name . ' ' . sp_text('is already in use - please choose a different display name'); return $message; } } } # validate display name $errors = new WP_Error(); $user = new stdClass(); $user->display_name = $display_name; sp_validate_display_name($errors, true, $user); if ($errors->get_error_codes()) { $message['type'] = 'error'; $message['text'] = sp_text('The display name you have chosen is not allowed on this site'); return $message; } # now save the display name sp_update_member_item($thisUser, 'display_name', $display_name); # Update new users list with changed display name sp_update_newuser_name(sp_filter_name_save($_POST['oldname']), $display_name); # do we need to sync display name with wp? $options = sp_get_member_item($thisUser, 'user_options'); if ($options['namesync']) { spdb_query('UPDATE ' . SFUSERS . ' SET display_name="' . $display_name . '" WHERE ID=' . $thisUser); } } } } # save the url $update = apply_filters('sph_ProfileUserWebsiteUpdate', true); if ($update) { $url = sp_filter_url_save($_POST['website']); $sql = 'UPDATE ' . SFUSERS . ' SET user_url="' . $url . '" WHERE ID=' . $thisUser; spdb_query($sql); } # update first name, last name, location and biorgraphy $update = apply_filters('sph_ProfileUserFirstNameUpdate', true); if ($update) { update_user_meta($thisUser, 'first_name', sp_filter_name_save(trim($_POST['first_name']))); } $update = apply_filters('sph_ProfileUserLastNameUpdate', true); if ($update) { update_user_meta($thisUser, 'last_name', sp_filter_name_save(trim($_POST['last_name']))); } $update = apply_filters('sph_ProfileUserLocationUpdate', true); if ($update) { update_user_meta($thisUser, 'location', sp_filter_title_save(trim($_POST['location']))); } $update = apply_filters('sph_ProfileUserBiographyUpdate', true); if ($update) { update_user_meta($thisUser, 'description', sp_filter_save_kses($_POST['description'])); } # fire action for plugins $message = apply_filters('sph_UpdateProfileProfile', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Profile settings updated'); } break; case 'edit-identities': # update identity settings # update the user identities $update = apply_filters('sph_ProfileUserAIMUpdate', true); if ($update) { update_user_meta($thisUser, 'aim', sp_filter_title_save(trim($_POST['aim']))); } $update = apply_filters('sph_ProfileUserYahooUpdate', true); if ($update) { update_user_meta($thisUser, 'yim', sp_filter_title_save(trim($_POST['yim']))); } $update = apply_filters('sph_ProfileUserGoogleUpdate', true); if ($update) { update_user_meta($thisUser, 'jabber', sp_filter_title_save(trim($_POST['jabber']))); } $update = apply_filters('sph_ProfileUserMSNUpdate', true); if ($update) { update_user_meta($thisUser, 'msn', sp_filter_title_save(trim($_POST['msn']))); } $update = apply_filters('sph_ProfileUserICQUpdate', true); if ($update) { update_user_meta($thisUser, 'icq', sp_filter_title_save(trim($_POST['icq']))); } $update = apply_filters('sph_ProfileUserSkypeUpdate', true); if ($update) { update_user_meta($thisUser, 'skype', sp_filter_title_save(trim($_POST['skype']))); } $update = apply_filters('sph_ProfileUserFacebookUpdate', true); if ($update) { update_user_meta($thisUser, 'facebook', sp_filter_title_save(trim($_POST['facebook']))); } $update = apply_filters('sph_ProfileUserMySpaceUpdate', true); if ($update) { update_user_meta($thisUser, 'myspace', sp_filter_title_save(trim($_POST['myspace']))); } $update = apply_filters('sph_ProfileUserTwitterUpdate', true); if ($update) { update_user_meta($thisUser, 'twitter', sp_filter_title_save(trim($_POST['twitter']))); } $update = apply_filters('sph_ProfileUserLinkedInUpdate', true); if ($update) { update_user_meta($thisUser, 'linkedin', sp_filter_title_save(trim($_POST['linkedin']))); } $update = apply_filters('sph_ProfileUserYouTubeUpdate', true); if ($update) { update_user_meta($thisUser, 'youtube', sp_filter_title_save(trim($_POST['youtube']))); } $update = apply_filters('sph_ProfileUserGooglePlusUpdate', true); if ($update) { update_user_meta($thisUser, 'googleplus', sp_filter_title_save(trim($_POST['googleplus']))); } # fire action for plugins $message = apply_filters('sph_UpdateProfileIdentities', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Identities updated'); } break; case 'avatar-upload': # upload avatar # did we get an avatar to upload? if (empty($_FILES['avatar-upload']['name'])) { $message['type'] = 'error'; $message['text'] = sp_text('Sorry, the avatar filename was empty'); return $message; } # Verify the file extension global $spPaths; $uploaddir = SF_STORE_DIR . '/' . $spPaths['avatars'] . '/'; $filename = basename($_FILES['avatar-upload']['name']); $path = pathinfo($filename); $ext = strtolower($path['extension']); if ($ext != 'jpg' && $ext != 'jpeg' && $ext != 'gif' && $ext != 'png') { $message['type'] = 'error'; $message['text'] = sp_text('Sorry, only JPG, JPEG, PNG, or GIF files are allowed'); return $message; } # check image file mimetype $mimetype = 0; $mimetype = exif_imagetype($_FILES['avatar-upload']['tmp_name']); if (empty($mimetype) || $mimetype == 0 || $mimetype > 3) { $message['type'] = 'error'; $message['text'] = sp_text('Sorry, the avatar file is an invalid format'); return $message; } # make sure file extension and mime type actually match if ($mimetype == 1 && $ext != 'gif' || $mimetype == 2 && ($ext != 'jpg' && $ext != 'jpeg') || $mimetype == 3 && $ext != 'png') { $message['type'] = 'error'; $message['text'] = sp_text('Sorry, the file mime type does not match file extension'); return $message; } # Clean up file name just in case $filename = date('U') . sp_filter_filename_save(basename($_FILES['avatar-upload']['name'])); $uploadfile = $uploaddir . $filename; # check for existence if (file_exists($uploadfile)) { $message['type'] = 'error'; $message['text'] = sp_text('Sorry, the avatar file already exists'); return $message; } # check file size against limit if provided $spAvatars = sp_get_option('sfavatars'); if ($_FILES['avatar-upload']['size'] > $spAvatars['sfavatarfilesize']) { $message['type'] = 'error'; $message['text'] = sp_text('Sorry, the avatar file exceeds the maximum allowed size'); return $message; } # valid avatar, so try moving the uploaded file to the avatar storage directory if (move_uploaded_file($_FILES['avatar-upload']['tmp_name'], $uploadfile)) { @chmod("{$uploadfile}", 0644); # do we need to resize? $sfavatars = sp_get_option('sfavatars'); if ($sfavatars['sfavatarresize']) { $editor = wp_get_image_editor($uploadfile); if (is_wp_error($editor)) { @unlink($uploadfile); $message['type'] = 'error'; $message['text'] = sp_text('Sorry, there was a problem resizing the avatar'); return $message; } else { $editor->resize($sfavatars['sfavatarsize'], $sfavatars['sfavatarsize'], true); $imageinfo = $editor->save($uploadfile); $filename = $imageinfo['file']; } } # update member avatar data $avatar = sp_get_member_item($thisUser, 'avatar'); $avatar['uploaded'] = $filename; sp_update_member_item($thisUser, 'avatar', $avatar); } else { $message['type'] = 'error'; $message['text'] = sp_text('Sorry, the avatar file could not be moved to the avatar storage location'); return $message; } # fire action for plugins $message = apply_filters('sph_UpdateProfileAvatarUpload', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Uploaded avatar updated'); } break; case 'avatar-pool': # pool avatar # get pool avatar name $filename = sp_filter_filename_save($_POST['spPoolAvatar']); # error if no pool avatar provided if (empty($filename)) { $message['type'] = 'error'; $message['text'] = sp_text('Sorry, you must select a pool avatar before trying to save it'); return $message; } # save the pool avatar $avatar = sp_get_member_item($thisUser, 'avatar'); $avatar['pool'] = $filename; sp_update_member_item($thisUser, 'avatar', $avatar); # fire action for plugins $message = apply_filters('sph_UpdateProfileAvatarPool', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Pool avatar updated'); } break; case 'avatar-remote': # remote avatar # get remote avatar name $filename = sp_filter_url_save($_POST['spAvatarRemote']); $avatar = sp_get_member_item($thisUser, 'avatar'); $avatar['remote'] = $filename; sp_update_member_item($thisUser, 'avatar', $avatar); # fire action for plugins $message = apply_filters('sph_UpdateProfileAvatarRemote', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Remote avatar updated'); } break; case 'edit-signature': # save signature # Check if maxmium links has been exceeded $numLinks = substr_count($_POST['postitem'], '</a>'); $spFilters = sp_get_option('sffilters'); if (!sp_get_auth('create_links', 'global', $thisUser) && $numLinks > 0 && !$spThisUser->admin) { $message['type'] = 'error'; $message['text'] = sp_text('You are not allowed to put links in signatures'); return $message; } if (sp_get_auth('create_links', 'global', $thisUser) && $spFilters['sfmaxlinks'] != 0 && $numLinks > $spFilters['sfmaxlinks'] && !$spThisUser->admin) { $message['type'] = 'error'; $message['text'] = sp_text('Maximum number of allowed links exceeded in signature') . ': ' . $spFilters['sfmaxlinks'] . ' ' . sp_text('allowed'); return $message; } // $sig = esc_sql(sp_filter_save_kses(trim($_POST['postitem']))); $sig = sp_filter_content_save($_POST['postitem'], 'edit'); sp_update_member_item($thisUser, 'signature', $sig); # fire action for plugins $message = apply_filters('sph_UpdateProfileSignature', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Signature updated'); } break; case 'edit-photos': # save photos $photos = array(); $spProfileOptions = sp_get_option('sfprofile'); for ($x = 0; $x < $spProfileOptions['photosmax']; $x++) { $photos[$x] = sp_filter_url_save($_POST['photo' . $x]); } update_user_meta($thisUser, 'photos', $photos); # fire action for plugins $message = apply_filters('sph_UpdateProfilePhotos', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Photos updated'); } break; case 'edit-global-options': # save global options $options = sp_get_member_item($thisUser, 'user_options'); $options['hidestatus'] = isset($_POST['hidestatus']) ? true : false; $update = apply_filters('sph_ProfileUserSyncNameUpdate', true); if ($update) { $options['namesync'] = isset($_POST['namesync']) ? true : false; } sp_update_member_item($thisUser, 'user_options', $options); # fire action for plugins $message = apply_filters('sph_UpdateProfileGlobalOptions', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Global options updated'); } break; case 'edit-posting-options': # save posting options $update = apply_filters('sph_ProfileUserEditorUpdate', true); if ($update) { $options = sp_get_member_item($thisUser, 'user_options'); if (isset($_POST['editor'])) { $options['editor'] = sp_esc_int($_POST['editor']); } sp_update_member_item($thisUser, 'user_options', $options); } # fire action for plugins $message = apply_filters('sph_UpdateProfilePostingOptions', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Posting options updated'); } break; case 'edit-display-options': # save display options $options = sp_get_member_item($thisUser, 'user_options'); if (isset($_POST['timezone'])) { if (preg_match('/^UTC[+-]/', $_POST['timezone'])) { # correct for manual UTC offets $userOffset = preg_replace('/UTC\\+?/', '', $_POST['timezone']) * 3600; } else { # get timezone offset for user $date_time_zone_selected = new DateTimeZone(sp_esc_str($_POST['timezone'])); $userOffset = timezone_offset_get($date_time_zone_selected, date_create()); } # get timezone offset for server based on wp settings $wptz = get_option('timezone_string'); if (empty($wptz)) { $serverOffset = get_option('gmt_offset'); } else { $date_time_zone_selected = new DateTimeZone($wptz); $serverOffset = timezone_offset_get($date_time_zone_selected, date_create()); } # calculate time offset between user and server $options['timezone'] = (int) round(($userOffset - $serverOffset) / 3600, 2); $options['timezone_string'] = sp_esc_str($_POST['timezone']); } else { $options['timezone'] = 0; $options['timezone_string'] = 'UTC'; } if (isset($_POST['unreadposts'])) { $sfcontrols = sp_get_option('sfcontrols'); $options['unreadposts'] = is_numeric($_POST['unreadposts']) ? max(min(sp_esc_int($_POST['unreadposts']), $sfcontrols['sfmaxunreadposts']), 0) : $sfcontrols['sfdefunreadposts']; } $options['topicASC'] = isset($_POST['topicASC']); $options['postDESC'] = isset($_POST['postDESC']); sp_update_member_item($thisUser, 'user_options', $options); # fire action for plugins $message = apply_filters('sph_UpdateProfileDisplayOptions', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Display options updated'); } break; default: break; } # let plugins do their thing on success $message = apply_filters('sph_ProfileFormSave_' . $thisForm, $message, $thisUser, $thisForm); do_action('sph_UpdateProfile', $thisUser, $thisForm); # reset the plugin_data just in case sp_reset_member_plugindata($thisUser); # done saving - return the messages return $message; }
function sp_unapprove_post($postid = 0, $show = true) { global $spVars, $spThisUser; if ($postid == 0) { return; } if (!sp_get_auth('moderate_posts', $spVars['forumid'])) { if ($show) { if (!is_user_logged_in()) { $msg = sp_text('Access denied - are you logged in?'); } else { $msg = sp_text('Access denied - you do not have permission'); } sp_notify(SPFAILURE, $msg); } return; } $success = spdb_query('UPDATE ' . SFPOSTS . " SET post_status=1 WHERE post_id={$postid}"); if ($success == false) { if ($show) { sp_notify(SPFAILURE, sp_text('Post unapproval failed')); } } else { if ($show) { sp_notify(SPSUCCESS, sp_text('Post unapproved')); } # add to waiting list $post = spdb_select('row', 'SELECT * FROM ' . SFPOSTS . " WHERE post_id={$postid}"); $topic = spdb_select('row', 'SELECT * FROM ' . SFTOPICS . " WHERE topic_id={$post->topic_id}"); sp_add_to_waiting($post->topic_id, $post->forum_id, $post->post_id, $post->user_id); $nData = array(); $nData['user_id'] = $post->user_id; $nData['guest_email'] = isset($post->guestemail) ? $post->guestemail : ''; $nData['post_id'] = $post->post_id; $nData['link'] = sp_permalink_from_postid($post->post_id); $nData['link_text'] = $topic->topic_name; $nData['message'] = sp_text('Your post is awaiting moderation in the topic'); $nData['expires'] = time() + 30 * 24 * 60 * 60; # 30 days; 24 hours; 60 mins; 60secs sp_add_notice($nData); # flush and rebuild topic cache sp_rebuild_topic_cache(); sp_build_post_index($post->topic_id); sp_build_forum_index($post->forum_id); do_action('sph_post_unapproved', $post->post_id, $spThisUser->ID); } }
function sp_render_add_topic_form($args) { global $spVars, $spGlobals, $spThisForum, $spThisUser, $spGuestCookie; include_once SF_PLUGIN_DIR . '/forum/content/forms/sp-form-components.php'; $toolbar = $spGlobals['display']['editor']['toolbar']; $defs = array('tagClass' => 'spForm', 'hide' => 1, 'controlFieldset' => 'spEditorFieldset', 'controlInput' => 'spControl', 'controlSubmit' => 'spSubmit', 'controlOrder' => 'cancel|save', 'maxTitleLength' => 200, 'labelHeading' => sp_text('Add Topic'), 'labelGuestName' => sp_text('Guest name (required)'), 'labelGuestEmail' => sp_text('Guest email (required)'), 'labelModerateAll' => sp_text('NOTE: new posts are subject to administrator approval before being displayed'), 'labelModerateOnce' => sp_text('NOTE: first posts are subject to administrator approval before being displayed'), 'labelTopicName' => sp_text('Topic name'), 'labelSmileys' => sp_text('Smileys'), 'labelOptions' => sp_text('Options'), 'labelOptionLock' => sp_text('Lock this topic'), 'labelOptionPin' => sp_text('Pin this post'), 'labelOptionTime' => sp_text('Edit post timestamp'), 'labelMath' => sp_text('Math Required'), 'labelMathSum' => sp_text('What is the sum of'), 'labelPostButtonReady' => sp_text('Submit Topic'), 'labelPostButtonMath' => sp_text('Do Math To Save'), 'labelPostCancel' => sp_text('Cancel'), 'tipSmileysButton' => sp_text('Open/Close to Add a Smiley'), 'tipOptionsButton' => sp_text('Open/Close to select Posting Options'), 'tipSubmitButton' => sp_text('Save the New Topic'), 'tipCancelButton' => sp_text('Cancel the New Topic')); $a = wp_parse_args($args, $defs); extract($a, EXTR_SKIP); # sanitize $tagClass = esc_attr($tagClass); $hide = (int) $hide; $controlFieldset = esc_attr($controlFieldset); $controlInput = esc_attr($controlInput); $maxTitleLength = (int) $maxTitleLength; $labelHeading = sp_filter_title_display($labelHeading); $labelGuestName = sp_filter_title_display($labelGuestName); $labelGuestEmail = sp_filter_title_display($labelGuestEmail); $labelModerateAll = sp_filter_title_display($labelModerateAll); $labelModerateOnce = sp_filter_title_display($labelModerateOnce); $labelTopicName = sp_filter_title_display($labelTopicName); # Check for a failure package in case this is a redirect $f = sp_get_cache('post'); if (isset($f['guestname']) ? $guestnameval = $f['guestname'] : ($guestnameval = $spGuestCookie->guest_name)) { } if (isset($f['guestemail']) ? $guestemailval = $f['guestemail'] : ($guestemailval = $spGuestCookie->guest_email)) { } if (isset($f['newtopicname']) ? $topicnameval = $f['newtopicname'] : ($topicnameval = '')) { } if (isset($f['postitem']) ? $postitemval = $f['postitem'] : ($postitemval = '')) { } if (isset($f['message']) ? $failmessage = $f['message'] : ($failmessage = '')) { } $captchaValue = sp_get_option('captcha-value'); $out = ''; # Grab above editor message if there is one $postmsg = sp_get_option('sfpostmsg'); # Grab in-editor message if one $inEdMsg = sp_filter_text_display(sp_get_option('sfeditormsg')); if ($hide ? $hide = ' style="display:none;"' : ($hide = '')) { } $out .= '<div id="spPostForm"' . $hide . '>' . "\n"; $out .= "<form class='{$tagClass}' action='" . SFHOMEURL . "index.php?sp_ahah=post&sfnonce=" . wp_create_nonce('forum-ahah') . "' method='post' id='addtopic' name='addtopic' onsubmit='return spjValidatePostForm(this, {$spThisUser->guest}, 1, \"" . sp_paint_file_icon(SPTHEMEICONSURL, 'sp_Success.png') . "\");'>\n"; $out .= sp_create_nonce('forum-userform_addtopic'); $out .= '<div class="spEditor">' . "\n"; $out = apply_filters('sph_topic_editor_top', $out, $spThisForum); $out .= "<fieldset class='{$controlFieldset}'>\n"; $out .= "<legend>{$labelHeading}: " . $spThisForum->forum_name . "</legend>\n"; $out .= "<input type='hidden' name='action' value='topic' />\n"; $out .= "<input type='hidden' name='forumid' value='{$spThisForum->forum_id}' />\n"; $out .= "<input type='hidden' name='forumslug' value='{$spThisForum->forum_slug}' />\n"; $out .= "<input type='hidden' name='captcha' value='{$captchaValue}' />\n"; # input field that plugins can use $out .= "<input type='hidden' id='spEditorCustomValue' name='spEditorCustomValue' value='' />\n"; # plugins can add before the header $out = apply_filters('sph_topic_before_editor_header', $out, $spThisForum, $a); $tout = ''; $tout .= '<div class="spEditorSection">'; # let plugins add stuff at top of editor header $tout = apply_filters('sph_topic_editor_header_top', $tout, $spThisForum, $a); if (!empty($postmsg['sfpostmsgtopic'])) { $tout .= '<div class="spEditorMessage">' . sp_filter_text_display($postmsg['sfpostmsgtext']) . '</div>' . "\n"; } # create an empty div to allow plugins to add something $tout .= '<div id="spEditorCustomDiv"></div>'; if ($spThisUser->guest) { $tout .= '<div class="spEditorSectionLeft">' . "\n"; $tout .= "<div class='spEditorTitle'>{$labelGuestName}:\n"; $tout .= "<input type='text' tabindex='100' class='{$controlInput}' name='guestname' value='{$guestnameval}' /></div>\n"; $tout .= '</div>' . "\n"; $sfguests = sp_get_option('sfguests'); if ($sfguests['reqemail']) { $tout .= '<div class="spEditorSectionRight">' . "\n"; $tout .= "<div class='spEditorTitle'>{$labelGuestEmail}:\n"; $tout .= "<input type='text' tabindex='101' class='{$controlInput}' name='guestemail' value='{$guestemailval}' /></div>\n"; $tout .= '</div>' . "\n"; } $tout .= '<div class="spClear"></div>' . "\n"; } if (!sp_get_auth('bypass_moderation', $spThisForum->forum_id)) { $tout .= "<p class='spLabelSmall'>{$labelModerateAll}</p>\n"; } elseif (!sp_get_auth('bypass_moderation_once', $spThisForum->forum_id)) { $tout .= "<p class='spLabelSmall'>{$labelModerateOnce}</p>\n"; } $tout2 = ''; $tout2 .= "<div class='spEditorTitle'>{$labelTopicName}: \n"; $tout2 .= "<input id='spTopicTitle' type='text' tabindex='102' class='{$controlInput}' maxlength='{$maxTitleLength}' name='newtopicname' value='{$topicnameval}'/>\n"; $tout2 = apply_filters('sph_topic_editor_name', $tout2, $a); $tout2 .= '</div>' . "\n"; $tout .= apply_filters('sph_topic_editor_title', $tout2, $spThisForum, $a); # let plugins add stuff at bottom of editor header $tout = apply_filters('sph_topic_editor_header_bottom', $tout, $spThisForum, $a); $tout .= '</div>' . "\n"; # allow plugins to filter just the header $out .= apply_filters('sph_topic_editor_header', $tout, $spThisForum, $a); # do we have content? Or just add any inline message if (empty($postitemval)) { $postitemval = $inEdMsg; } # Display the selected editor $tout = ''; $tout .= '<div id="spEditorContent">' . "\n"; $tout .= sp_setup_editor(103, $postitemval); $tout .= '</div>' . "\n"; # allow plugins to filter the editor content $out .= apply_filters('sph_topic_editor_content', $tout, $spThisForum, $a); # define area above toolbar for plugins to add components $section = apply_filters('sph_topic_editor_above_toolbar', '', $spThisForum, $a); if (!empty($section)) { $tout = ''; $tout .= '<div class="spEditorSection">'; $tout .= $section; $tout .= '</div>' . "\n"; $out .= apply_filters('sph_topic_editor_above_toolbar_end', $tout, $spThisForum, $a); } # DEFINE NEW FAILURE AREA HERE # define validation failure notice area $out .= "<div class='spClear'></div>\n"; $out .= "<div id='spPostNotifications'>{$failmessage}</div>\n"; # TOOLBAR # define toolbar - submit buttons on right, plugin extensions on left $toolbarRight = apply_filters('sph_topic_editor_toolbar_submit', '', $spThisForum, $a, 'toolbar'); $toolbarLeft = apply_filters('sph_topic_editor_toolbar_buttons', '', $spThisForum, $a, 'toolbar'); if (!empty($toolbarRight) || !empty($toolbarLeft)) { # Submit section $tout = ''; $tout .= '<div class="spEditorSection spEditorToolbar">'; $tout .= $toolbarRight; # toolbar for plugins to add buttons $tout .= $toolbarLeft; $out .= apply_filters('sph_topic_editor_toolbar', $tout, $spThisForum, $a, 'toolbar'); $out .= '<div style="clear:both"></div>'; $out .= '</div>' . "\n"; } # START SMILEYS/OPTIONS # let plugins add stuff at top of editor footer $tout = ''; $tout = apply_filters('sph_topic_editor_footer_top', $tout, $spThisForum, $a); # smileys and options $tout = apply_filters('sp_topic_editor_inline_footer', $tout, $spThisForum, $a, 'inline'); # let plugins add stuff at end of editor footer $tout = apply_filters('sph_topic_editor_footer_bottom', $tout, $spThisForum, $a); # plugins can remove or adjust whole footer $out .= apply_filters('sph_topic_editor_footer', $tout, $spThisForum, $a); # allow plugins to insert stuff after editor footer $out = apply_filters('sph_topic_editor_after_footer', $out, $spThisForum, $a); # START SUBMIT SECTION # define submit section of no toolbar in use if (!$toolbar) { $out .= '<div class="spEditorSubmit">' . "\n"; $out = apply_filters('sph_topic_editor_submit_top', $out, $spThisForum, $a); # let plugins add/remove the controls area $tout = apply_filters('sp_topic_editor_inline_submit', '', $spThisForum, $a, 'inline'); # let plugins add stuff at end of editor submit bottom $out .= apply_filters('sph_topic_editor_submit_bottom', $tout, $spThisForum, $a); $out .= '</div>' . "\n"; } # close it up $out .= '</fieldset>' . "\n"; $out = apply_filters('sph_topic_editor_bottom', $out, $spThisForum, $a); $out .= '</div>' . "\n"; $out .= '</form>' . "\n"; $out .= '</div>' . "\n"; # let plugins add stuff beneath the editor $out = apply_filters('sph_topic_editor_beneath', $out, $spThisForum, $a); return $out; }
function sp_postlistview_query($where, $order, $count, $view, $type) { global $spGlobals, $spThisUser; # If no WHERE clause then return empty if (empty($where)) { return; } # build list of forums user can view $fids = sp_user_visible_forums($view); if (!empty($fids)) { $fids = implode(',', $fids); $where .= ' AND ' . SFPOSTS . ".forum_id IN ({$fids})"; } # Check order if (empty($order)) { $order = SFPOSTS . '.post_id DESC'; } $spdb = new spdbComplex(); $spdb->table = SFPOSTS; $spdb->fields = SFPOSTS . '.post_id, post_content, ' . spdb_zone_datetime('post_date') . ', ' . SFPOSTS . '.topic_id, ' . SFPOSTS . '.forum_id, ' . SFPOSTS . '.user_id, guest_name, post_status, post_index, forum_name, forum_slug, forum_disabled, ' . SFFORUMS . '.group_id, group_name, topic_name, topic_slug, ' . SFTOPICS . '.post_count, topic_opened, display_name'; $spdb->join = array(SFFORUMS . ' ON ' . SFFORUMS . '.forum_id = ' . SFPOSTS . '.forum_id', SFGROUPS . ' ON ' . SFGROUPS . '.group_id = ' . SFFORUMS . '.group_id', SFTOPICS . ' ON ' . SFTOPICS . '.topic_id = ' . SFPOSTS . '.topic_id'); $spdb->left_join = array(SFMEMBERS . ' ON ' . SFMEMBERS . '.user_id = ' . SFPOSTS . '.user_id'); $spdb->where = $where; $spdb->orderby = $order; if ($count) { $spdb->limits = $count; } $spdb = apply_filters('sph_post_list_query', $spdb, $this, $type); if (!empty($spThisUser->inspect['q_spPostListView'])) { $spdb->inspect = 'spPostListView'; $spdb->show = true; } $records = $spdb->select(); # Now check authorisations and clean up the object $list = array(); # Some values we need # How many topics to a page? $ppaged = $spGlobals['display']['posts']['perpage']; if (empty($ppaged) || $ppaged == 0) { $ppaged = 20; } # establish topic sort order $porder = 'ASC'; # default if ($spGlobals['display']['posts']['sortdesc']) { $porder = 'DESC'; } # global override if ($records) { $listPos = 1; foreach ($records as $r) { if (sp_can_view($r->forum_id, 'forum-title')) { if ($r->post_status == 0 || sp_get_auth('moderate_posts', $r->forum_id)) { $p = $r->post_id; $list[$p] = $r; # Now apply any necessary filters and data changes $list[$p]->post_content = sp_filter_content_display($r->post_content); $list[$p]->post_content_raw = $r->post_content; $list[$p]->forum_name = sp_filter_title_display($r->forum_name); $list[$p]->forum_disabled = $r->forum_disabled; $list[$p]->forum_permalink = sp_build_url($r->forum_slug, '', 1, 0); $list[$p]->topic_permalink = sp_build_url($r->forum_slug, $r->topic_slug, 1, 0); $list[$p]->topic_name = sp_filter_title_display($r->topic_name); $list[$p]->topic_opened = $r->topic_opened; $list[$p]->group_name = sp_filter_title_display($r->group_name); if (sp_can_view($r->forum_id, 'post-content', $spThisUser->ID, $r->user_id, $r->topic_id, $r->post_id)) { $list[$p]->post_tip = $r->post_status ? sp_text('Post awaiting moderation') : sp_filter_tooltip_display($r->post_content, $r->post_status); } else { $list[$p]->post_tip = ''; } # Ensure display name is populated if (empty($r->display_name)) { $list[$p]->display_name = $list[$p]->guest_name; } $list[$p]->display_name = sp_filter_name_display($list[$p]->display_name); # determine the page for the post permalink if ($porder == 'ASC') { $page = $r->post_index / $ppaged; if (!is_int($page)) { $page = intval($page + 1); } } else { $page = $r->post_count - $r->post_index; $page = $page / $ppaged; $page = intval($page + 1); } $list[$p]->post_permalink = sp_build_url($r->forum_slug, $r->topic_slug, $page, $r->post_id, $r->post_index); $list[$p]->list_position = $listPos; $list[$p] = apply_filters('sph_post_list_record', $list[$p], $r, $type); } } $listPos++; } } return $list; }
function sp_topicview_query($topicid = 0, $cPage = 1, $forumid = 0) { global $spGlobals, $spThisUser, $spVars; # do we have a valid topic id if ($topicid == 0) { $this->topicViewStatus = 'no data'; return; } else { $WHERE = SFTOPICS . '.topic_id=' . $topicid; } # default to no access $this->topicViewStatus = 'no access'; # some setup vars $startlimit = 0; $lastpage = 0; # how many posts per page? $ppaged = $spGlobals['display']['posts']['perpage']; if (!$ppaged) { $ppaged = 10; } # setup where we are in the post list (paging) if ($cPage != 1) { $startlimit = ($cPage - 1) * $ppaged; } $LIMIT = $startlimit . ', ' . $ppaged; # Set up order by $setSort = false; $reverse = false; $setSort = $spGlobals['display']['posts']['sortdesc']; if (isset($spGlobals['sort_order']['topic'])) { $reverse = array_search($topicid, (array) $spGlobals['sort_order']['topic']) !== false ? true : false; } if (isset($spThisUser->postDESC) && $spThisUser->postDESC) { $reverse = !$reverse; } if ($setSort xor $reverse) { $ORDER = 'post_pinned DESC, ' . SFPOSTS . ".post_id DESC"; } else { $ORDER = 'post_pinned DESC, ' . SFPOSTS . ".post_id ASC"; } # add newpost/sfwaiting support for admins $waitCheck = ', NULL AS new_post'; if ($spThisUser->admin || $spThisUser->moderator) { $waitCheck = ', ' . SFWAITING . '.post_count AS new_post'; } # Discover if this topic is in users new post list $maybeNewPost = false; if ($spThisUser->member && sp_is_in_users_newposts($topicid)) { $maybeNewPost = true; } # retrieve topic and post records $spdb = new spdbComplex(); $spdb->table = SFTOPICS; $spdb->found_rows = true; $spdb->fields = 'group_id, ' . SFTOPICS . '.topic_id, ' . SFTOPICS . '.forum_id, topic_name, topic_slug, topic_status, topic_pinned, topic_icon, topic_opened, ' . SFTOPICS . '.post_count, forum_name, forum_slug, forum_status, forum_disabled, forum_rss_private, ' . SFPOSTS . '.post_id, ' . spdb_zone_datetime('post_date') . ', ' . SFPOSTS . '.user_id, ' . SFTOPICS . '.user_id AS topic_starter, guest_name, guest_email, post_status, post_pinned, post_index, post_edit, poster_ip, source, post_content' . $waitCheck; $spdb->join = array(SFPOSTS . ' ON ' . SFTOPICS . '.topic_id=' . SFPOSTS . '.topic_id', SFFORUMS . ' ON ' . SFTOPICS . '.forum_id=' . SFFORUMS . '.forum_id'); if ($spThisUser->admin || $spThisUser->moderator) { $spdb->left_join = array(SFWAITING . ' ON ' . SFPOSTS . '.post_id=' . SFWAITING . '.post_id'); } $spdb->where = $WHERE; $spdb->orderby = $ORDER; $spdb->limits = $LIMIT; $spdb = apply_filters('sph_topicview_query', $spdb, $this); if (!empty($spThisUser->inspect['q_spTopicView'])) { $spdb->inspect = 'spTopicView'; $spdb->show = true; } $records = $spdb->select(); $t = array(); if ($records) { $tidx = $topicid; $pidx = 0; $r = current($records); if (sp_get_auth('view_forum', $r->forum_id)) { $this->topicViewStatus = 'data'; # construct the parent topic object $t[$tidx] = new stdClass(); $t[$tidx]->topic_id = $r->topic_id; $t[$tidx]->forum_id = $r->forum_id; $t[$tidx]->group_id = $r->group_id; $t[$tidx]->forum_name = sp_filter_title_display($r->forum_name); $t[$tidx]->topic_name = sp_filter_title_display($r->topic_name); $t[$tidx]->topic_slug = $r->topic_slug; $t[$tidx]->topic_opened = $r->topic_opened; $t[$tidx]->forum_status = $r->forum_status; $t[$tidx]->topic_pinned = $r->topic_pinned; $t[$tidx]->forum_disabled = $r->forum_disabled; $t[$tidx]->forum_slug = $r->forum_slug; $t[$tidx]->forum_rss_private = $r->forum_rss_private; $t[$tidx]->topic_permalink = sp_build_url($r->forum_slug, $r->topic_slug, 1, 0); $t[$tidx]->topic_status = $r->topic_status; $t[$tidx]->topic_icon = sanitize_file_name($r->topic_icon); $t[$tidx]->rss = ''; $t[$tidx]->editmode = 0; $t[$tidx]->tools_flag = 1; $t[$tidx]->display_page = $this->topicPage; $t[$tidx]->posts_per_page = $ppaged; $t[$tidx]->unread = 0; # user calc_rows and nor post_count as - for example - some posts may be hiodden by choice. $t[$tidx]->post_count = spdb_select('var', 'SELECT FOUND_ROWS()'); # Can the user create new topics or should we lock the forum? $t[$tidx]->start_topics = sp_get_auth('start_topics', $r->forum_id); $t[$tidx]->reply_topics = sp_get_auth('reply_topics', $r->forum_id); $t[$tidx]->reply_own_topics = sp_get_auth('reply_own_topics', $r->forum_id); # grab topic start info $t[$tidx]->topic_starter = $r->topic_starter; $totalPages = $r->post_count / $ppaged; if (!is_int($totalPages)) { $totalPages = intval($totalPages) + 1; } $t[$tidx]->total_pages = $totalPages; if ($setSort xor $reverse) { if ($cPage == 1) { $lastpage = true; } } else { if ($cPage == $totalPages) { $lastpage = true; } } $t[$tidx]->last_page = $lastpage; $t[$tidx] = apply_filters('sph_topicview_topic_record', $t[$tidx], $r); reset($records); unset($r); # now loop through the post records $newPostFlag = false; $firstPostPage = 1; $pinned = 0; # define post id and post user id arrays for plugins to use in combined filter $p = array(); $u = array(); foreach ($records as $r) { $pidx = $r->post_id; $p[] = $pidx; # prepare for user object $cUser = $spThisUser->ID == $r->user_id; $cSmall = !$cUser; $t[$tidx]->posts[$pidx] = new stdClass(); $t[$tidx]->posts[$pidx]->post_id = $r->post_id; $t[$tidx]->posts[$pidx]->post_date = $r->post_date; $t[$tidx]->posts[$pidx]->user_id = $r->user_id; $t[$tidx]->posts[$pidx]->guest_name = sp_filter_name_display($r->guest_name); $t[$tidx]->posts[$pidx]->guest_email = sp_filter_email_display($r->guest_email); $t[$tidx]->posts[$pidx]->post_status = $r->post_status; $t[$tidx]->posts[$pidx]->post_pinned = $r->post_pinned; $t[$tidx]->posts[$pidx]->post_index = $r->post_index; $t[$tidx]->posts[$pidx]->poster_ip = $r->poster_ip; $t[$tidx]->posts[$pidx]->source = $r->source; $t[$tidx]->posts[$pidx]->post_permalink = sp_build_url($r->forum_slug, $r->topic_slug, $cPage, $r->post_id); $t[$tidx]->posts[$pidx]->edits = ''; $t[$tidx]->posts[$pidx]->last_post = 0; $t[$tidx]->posts[$pidx]->last_post_on_page = 0; $t[$tidx]->posts[$pidx]->first_post_on_page = $firstPostPage; $t[$tidx]->posts[$pidx]->editmode = 0; $t[$tidx]->posts[$pidx]->post_content = sp_filter_content_display($r->post_content); $t[$tidx]->posts[$pidx]->first_pinned = 0; $t[$tidx]->posts[$pidx]->last_pinned = 0; $t[$tidx]->posts[$pidx]->postUser = new stdClass(); $t[$tidx]->posts[$pidx]->postUser = clone sp_get_user($r->user_id, $cUser, $cSmall); # populate the user guest name and email in case the poster is a guest if ($r->user_id == 0) { $t[$tidx]->posts[$pidx]->postUser->guest_name = $t[$tidx]->posts[$pidx]->guest_name; $t[$tidx]->posts[$pidx]->postUser->guest_email = $t[$tidx]->posts[$pidx]->guest_email; $t[$tidx]->posts[$pidx]->postUser->display_name = $t[$tidx]->posts[$pidx]->guest_name; $t[$tidx]->posts[$pidx]->postUser->ip = $t[$tidx]->posts[$pidx]->poster_ip; } # pinned status if ($firstPostPage == 1 && $r->post_pinned) { $t[$tidx]->posts[$pidx]->first_pinned = true; $pinned = $pidx; } if ($firstPostPage == 0 && $pinned > 0 && $r->post_pinned == false) { $t[$tidx]->posts[$pinned]->last_pinned = true; } elseif ($r->post_pinned) { $pinned = $pidx; } $firstPostPage = 0; # Is this a new post for the current user? if ($spThisUser->guest) { $newPostFlag = false; } else { if ($maybeNewPost && strtotime($r->post_date) > strtotime($spThisUser->lastvisit)) { $newPostFlag = true; } if (isset($r->new_post)) { $newPostFlag = true; } } $t[$tidx]->posts[$pidx]->new_post = $newPostFlag; # do we need to hide an admin post? if (!sp_get_auth('view_admin_posts', $r->forum_id) && sp_is_forum_admin($r->user_id)) { $adminview = sp_get_sfmeta('adminview', 'message'); if ($adminview) { $t[$tidx]->posts[$pidx]->post_content = '<div class="spMessage">'; $t[$tidx]->posts[$pidx]->post_content .= sp_filter_text_display($adminview[0]['meta_value']); $t[$tidx]->posts[$pidx]->post_content .= '</div>'; } else { $t[$tidx]->posts[$pidx]->post_content = ''; } } # do we need to hide an others posts? if (sp_get_auth('view_own_admin_posts', $r->forum_id) && !sp_is_forum_admin($r->user_id) && !sp_is_forum_mod($r->user_id) && $spThisUser->ID != $r->user_id) { $userview = sp_get_sfmeta('userview', 'message'); if ($userview) { $t[$tidx]->posts[$pidx]->post_content = '<div class="spMessage">'; $t[$tidx]->posts[$pidx]->post_content .= sp_filter_text_display($userview[0]['meta_value']); $t[$tidx]->posts[$pidx]->post_content .= '</div>'; } else { $t[$tidx]->posts[$pidx]->post_content = ''; } } # Is this post to be edited? if ($spVars['displaymode'] == 'edit' && $spVars['postedit'] == $r->post_id) { $t[$tidx]->editmode = 1; $t[$tidx]->editpost_id = $r->post_id; $t[$tidx]->editpost_content = sp_filter_content_edit($r->post_content); $t[$tidx]->posts[$pidx]->editmode = 1; } # Add edit history if (!empty($r->post_edit) && is_serialized($r->post_edit)) { $edits = unserialize($r->post_edit); $eidx = 0; foreach ($edits as $e) { $t[$tidx]->posts[$pidx]->edits[$eidx] = new stdClass(); $t[$tidx]->posts[$pidx]->edits[$eidx]->by = $e['by']; $t[$tidx]->posts[$pidx]->edits[$eidx]->at = $e['at']; $eidx++; } } if (!in_array($r->user_id, $u)) { $u[] = $r->user_id; } $t[$tidx]->posts[$pidx] = apply_filters('sph_topicview_post_records', $t[$tidx]->posts[$pidx], $r); } # index of post IDs with position in listing $t[$tidx]->post_keys = $p; $t[$tidx]->posts[$pidx]->last_post = $lastpage; $t[$tidx]->posts[$pidx]->last_post_on_page = 1; # save last post on page id $t[$tidx]->last_post_id = $r->post_id; # allow plugins to add more data to combined topic/post data structure $t[$tidx] = apply_filters('sph_topicview_combined_data', $t[$tidx], $p, $u); unset($records); } else { # check for view forum lists but not topic lists if (sp_can_view($r->forum_id, 'forum-title')) { $this->topicViewStatus = 'sneak peek'; } } } return $t; }
function sp_order_topic_pins() { $topicid = sp_esc_int($_GET['topicid']); $forumid = sp_esc_int($_GET['forumid']); if (!sp_get_auth('pin_topics', $forumid)) { if (!is_user_logged_in()) { sp_etext('Access denied - are you logged in?'); } else { sp_etext('Access denied - you do not have permission'); } die; } $thisforum = spdb_table(SFFORUMS, "forum_id={$forumid}", 'row'); $topics = spdb_table(SFTOPICS, "forum_id={$forumid} AND topic_pinned > 0", '', 'topic_pinned DESC'); if (empty($topics) || empty($forumid)) { die; } ?> <div id="spMainContainer" class="spForumToolsPopup"> <div class="spForumToolsHeader"> <div class="spForumToolsHeaderTitle"><?php sp_etext('Please note: The HIGHER numbered topics will appear at the top of the list'); ?> </div> </div> <form action="<?php echo sp_build_url($thisforum->forum_slug, '', 1, 0); ?> " method="post" name="ordertopicpinsform"> <input type="hidden" name="orderpinsforumid" value="<?php echo $forumid; ?> " /> <table class="spPopupTable"> <?php foreach ($topics as $topic) { ?> <tr><td class="spLabel" style="width:85%"><?php echo sp_filter_title_display($topic->topic_name); ?> <input type="hidden" name="topicid[]" value="<?php echo $topic->topic_id; ?> " /></td> <td class="spControl"> <input type="text" class="spControl" size="6" name="porder[]" value="<?php echo $topic->topic_pinned; ?> " /> </td> <?php } ?> </table> <div class="spCenter"> <input type="submit" class="spSubmit" name="ordertopicpins" value="<?php sp_etext('Save Pin Order Changes'); ?> " /> <input type="button" class="spSubmit" name="cancel" value="<?php sp_etext('Cancel'); ?> " onclick="jQuery('#dialog').dialog('close');" /> </div> </form> </div> <?php }
function sp_groupview_query($groupids = '', $idOrder = false) { global $spThisUser; # can we get the results from the cache? $records = array(); if (empty($spThisUser->inspect['q_spGroupView'])) { $records = sp_get_cache('group'); } if (!$records) { $WHERE = ''; if (!empty($groupids)) { $gcount = count($groupids); $done = 0; foreach ($groupids as $id) { $WHERE .= '(' . SFGROUPS . ".group_id={$id})"; $done++; if ($done < $gcount) { $WHERE .= ' OR '; } } } $this->groupViewStatus = empty($groupids) ? 'no data' : 'no access'; # retrieve group and forum records $spdb = new spdbComplex(); $spdb->table = SFGROUPS; $spdb->fields = SFGROUPS . '.group_id, group_name, group_desc, group_rss, group_icon, group_message, forum_id, forum_name, forum_slug, forum_desc, forum_status, forum_disabled, forum_icon, forum_icon_new, forum_icon_locked, forum_rss_private, post_id, post_id_held, topic_count, post_count, post_count_held, parent, children'; $spdb->join = array(SFFORUMS . ' ON ' . SFGROUPS . '.group_id = ' . SFFORUMS . '.group_id'); $spdb->where = $WHERE; $spdb->orderby = 'group_seq, forum_seq'; $spdb = apply_filters('sph_groupview_query', $spdb, $this); if (!empty($spThisUser->inspect['q_spGroupView'])) { $spdb->inspect = 'spGroupView'; $spdb->show = true; $spThisUser->inspect['q_spGroupView'] = false; } $records = $spdb->select(); if ($records) { sp_add_cache('group', $records); } } $g = ''; if ($records) { # Set status initially to 'no access' in case current user can view no forums $this->groupViewStatus = 'no access'; $gidx = 0; $fidx = 0; $sidx = 0; $cparent = 0; $subPostId = 0; # define array to collect data $p = array(); $g = array(); foreach ($records as $r) { $groupid = $r->group_id; $forumid = $r->forum_id; if (sp_can_view($forumid, 'forum-title')) { if ($gidx == 0 || $g[$gidx]->group_id != $groupid) { # reset status to 'data' $this->groupViewStatus = 'data'; $gidx = $groupid; $fidx = 0; $g[$gidx] = new stdClass(); $g[$gidx]->group_id = $r->group_id; $g[$gidx]->group_name = sp_filter_title_display($r->group_name); $g[$gidx]->group_desc = sp_filter_title_display($r->group_desc); $g[$gidx]->group_rss = esc_url($r->group_rss); $g[$gidx]->group_icon = sanitize_file_name($r->group_icon); $g[$gidx]->group_message = sp_filter_text_display($r->group_message); $g[$gidx]->group_rss_active = 0; $g[$gidx] = apply_filters('sph_groupview_group_records', $g[$gidx], $r); } if (isset($r->forum_id)) { # Is this a subform? if ($r->parent != 0) { $sidx = $r->forum_id; $g[$gidx]->forums[$cparent]->subforums[$sidx] = new stdClass(); $g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_id = $r->forum_id; $g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_name = sp_filter_title_display($r->forum_name); $g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_slug = $r->forum_slug; $g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_icon = sanitize_file_name($r->forum_icon); $g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_icon_new = sanitize_file_name($r->forum_icon_new); $g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_icon_locked = sanitize_file_name($r->forum_icon_locked); $g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_disabled = $r->forum_disabled; $g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_permalink = sp_build_url($r->forum_slug, '', 1, 0); $g[$gidx]->forums[$cparent]->subforums[$sidx]->topic_count = $r->topic_count; $g[$gidx]->forums[$cparent]->subforums[$sidx]->post_count = $r->post_count; $g[$gidx]->forums[$cparent]->subforums[$sidx]->parent = $r->parent; $g[$gidx]->forums[$cparent]->subforums[$sidx]->children = $r->children; $g[$gidx]->forums[$cparent]->subforums[$sidx]->post_id = $r->post_id; $g[$gidx]->forums[$cparent]->subforums[$sidx]->unread = 0; # check if we can look at posts in moderation - if not swap for 'held' values if (!sp_get_auth('moderate_posts', $r->forum_id)) { $g[$gidx]->forums[$cparent]->subforums[$sidx]->post_count = $r->post_count_held; $g[$gidx]->forums[$cparent]->subforums[$sidx]->post_id = $r->post_id_held; } # See if any forums are in the current users newpost list if ($spThisUser->member && isset($spThisUser->newposts['forums'])) { $c = 0; if ($spThisUser->newposts['forums']) { foreach ($spThisUser->newposts['forums'] as $fnp) { if ($fnp == $sidx) { $c++; } } } # set the subforum unread count $g[$gidx]->forums[$cparent]->subforums[$sidx]->unread = $c; } # Update top parent counts with subforum counts $g[$gidx]->forums[$cparent]->topic_count_sub += $g[$gidx]->forums[$cparent]->subforums[$sidx]->topic_count; $g[$gidx]->forums[$cparent]->post_count_sub += $g[$gidx]->forums[$cparent]->subforums[$sidx]->post_count; # and what about the most recent post? Is this in a subforum? if ($g[$gidx]->forums[$cparent]->subforums[$sidx]->post_id > $g[$gidx]->forums[$cparent]->post_id && $g[$gidx]->forums[$cparent]->subforums[$sidx]->post_id > $subPostId) { # store the alternative forum id in case we need to display the topic data for this one if inc. subs $g[$gidx]->forums[$cparent]->forum_id_sub = $r->forum_id; # add the last post in subforum to the list for stats retrieval $subPostId = $g[$gidx]->forums[$cparent]->subforums[$sidx]->post_id; $p[$r->forum_id] = $subPostId; } } else { # it's a top level forum $subPostId = 0; $fidx = $forumid; $g[$gidx]->forums[$fidx] = new stdClass(); $g[$gidx]->forums[$fidx]->forum_id = $r->forum_id; $g[$gidx]->forums[$fidx]->forum_id_sub = 0; $g[$gidx]->forums[$fidx]->forum_name = sp_filter_title_display($r->forum_name); $g[$gidx]->forums[$fidx]->forum_slug = $r->forum_slug; $g[$gidx]->forums[$fidx]->forum_permalink = sp_build_url($r->forum_slug, '', 1, 0); $g[$gidx]->forums[$fidx]->forum_desc = sp_filter_title_display($r->forum_desc); $g[$gidx]->forums[$fidx]->forum_status = $r->forum_status; $g[$gidx]->forums[$fidx]->forum_disabled = $r->forum_disabled; $g[$gidx]->forums[$fidx]->forum_icon = sanitize_file_name($r->forum_icon); $g[$gidx]->forums[$fidx]->forum_icon_new = sanitize_file_name($r->forum_icon_new); $g[$gidx]->forums[$fidx]->forum_icon_locked = sanitize_file_name($r->forum_icon_locked); $g[$gidx]->forums[$fidx]->forum_rss_private = $r->forum_rss_private; $g[$gidx]->forums[$fidx]->post_id = $r->post_id; $g[$gidx]->forums[$fidx]->topic_count = $r->topic_count; $g[$gidx]->forums[$fidx]->topic_count_sub = $r->topic_count; $g[$gidx]->forums[$fidx]->post_count = $r->post_count; $g[$gidx]->forums[$fidx]->post_count_sub = $r->post_count; $g[$gidx]->forums[$fidx]->parent = $r->parent; $g[$gidx]->forums[$fidx]->children = $r->children; $g[$gidx]->forums[$fidx]->unread = 0; if (empty($g[$gidx]->forums[$fidx]->post_id)) { $g[$gidx]->forums[$fidx]->post_id = 0; } # Can the user create new topics or should we lock the forum? $g[$gidx]->forums[$fidx]->start_topics = sp_get_auth('start_topics', $r->forum_id); # check if we can look at posts in moderation - if not swap for 'held' values if (!sp_get_auth('moderate_posts', $r->forum_id)) { $g[$gidx]->forums[$fidx]->post_id = $r->post_id_held; $g[$gidx]->forums[$fidx]->post_count = $r->post_count_held; $g[$gidx]->forums[$fidx]->post_count_sub = $r->post_count_held; $thisPostid = $r->post_id_held; } else { $thisPostid = $r->post_id; } # See if any forums are in the current users newpost list if ($spThisUser->member && isset($spThisUser->newposts['forums'])) { $c = 0; if ($spThisUser->newposts['forums']) { foreach ($spThisUser->newposts['forums'] as $fnp) { if ($fnp == $fidx) { $c++; } } } $g[$gidx]->forums[$fidx]->unread = $c; } if (empty($r->children)) { $cparent = 0; } else { $cparent = $fidx; $sidx = 0; } # Build post id array for collecting stats at the end if (!empty($thisPostid)) { $p[$fidx] = $thisPostid; } $g[$gidx]->forums[$fidx] = apply_filters('sph_groupview_forum_records', $g[$gidx]->forums[$fidx], $r); } # Build special Group level flag on whether to show group RSS button or not (based on any forum in group having RSS access if (sp_get_auth('view_forum', $r->forum_id) && !$r->forum_rss_private) { $g[$gidx]->group_rss_active = 1; } } } } } if ($this->includeStats == true) { # Go grab the forum stats and data if (!empty($p)) { $stats = $this->sp_groupview_stats_query($p); if ($stats) { foreach ($g as $gr) { foreach ($gr->forums as $f) { if (!empty($stats[$f->forum_id])) { $s = $stats[$f->forum_id]; $f->topic_id = $s->topic_id; $f->topic_name = sp_filter_title_display($s->topic_name); $f->topic_slug = $s->topic_slug; $f->post_id = $s->post_id; $f->post_permalink = sp_build_url($f->forum_slug, $s->topic_slug, 0, $s->post_id, $s->post_index); $f->post_date = $s->post_date; $f->post_status = $s->post_status; $f->post_index = $s->post_index; # see if we can display the tooltip if (sp_can_view($f->forum_id, 'post-content', $spThisUser->ID, $s->user_id, $s->topic_id, $s->post_id)) { $f->post_tip = $s->post_status ? sp_text('Post awaiting moderation') : sp_filter_tooltip_display($s->post_content, $s->post_status); } else { $f->post_tip = ''; } $f->user_id = $s->user_id; $f->display_name = sp_filter_name_display($s->display_name); $f->guest_name = sp_filter_name_display($s->guest_name); } # do we need to record a possible subforum substitute topic? $fsub = $f->forum_id_sub; if ($fsub != 0 && !empty($stats[$fsub])) { $s = $stats[$fsub]; $f->topic_id_sub = $s->topic_id; $f->topic_name_sub = sp_filter_title_display($s->topic_name); $f->topic_slug_sub = $s->topic_slug; $f->post_id_sub = $s->post_id; $f->post_permalink_sub = sp_build_url($f->subforums[$fsub]->forum_slug, $s->topic_slug, 0, $s->post_id, $s->post_index); $f->post_date_sub = $s->post_date; $f->post_status_sub = $s->post_status; $f->post_index_sub = $s->post_index; # see if we can display the tooltip if (sp_can_view($fsub, 'post-content', $spThisUser->ID, $s->user_id, $s->topic_id, $s->post_id)) { $f->post_tip_sub = $s->post_status ? sp_text('Post awaiting moderation') : sp_filter_tooltip_display($s->post_content, $s->post_status); } else { $f->post_tip_sub = ''; } $f->user_id_sub = $s->user_id; $f->display_name_sub = sp_filter_name_display($s->display_name); $f->guest_name_sub = sp_filter_name_display($s->guest_name); } $f = apply_filters('sph_groupview_stats_records', $f, $s); } } unset($stats); } } } # Do we need to re-order IDs based on passed in IDs if ($groupids && $idOrder) { $n = array(); foreach ($groupids as $gid) { if (array_key_exists($gid, $g)) { $n[$gid] = $g[$gid]; } } $g = $n; unset($n); } return $g; }
# Author : Simple:Press # # The 'default' template is used to display generic or unknown pages # # -------------------------------------------------------------------------------------- global $spDevice; # Load the forum header template - normally first thing # ---------------------------------------------------------------------- sp_SectionStart('tagClass=spHeadContainer', 'head'); sp_load_template('spHead.php'); sp_SectionEnd('', 'head'); sp_SectionStart('tagClass=spBodyContainer', 'body'); # lets see if we can figure out why we got here and output some useful info # ---------------------------------------------------------------------- sp_SectionStart('tagClass=spMessage'); if ($spVars['profile'] == 'show') { if (!sp_get_auth('view_profiles')) { echo __sp('Access denied - you do not have permission to view this page'); } else { echo __sp('The requested member does not exist'); } } else { echo __sp('The requested page does not exist'); } sp_SectionEnd(); sp_SectionEnd('', 'body'); # Load the forum footer template - normally last thing # ---------------------------------------------------------------------- sp_SectionStart('tagClass=spFootContainer', 'foot'); sp_load_template('spFoot.php'); sp_SectionEnd('', 'foot');
function sp_can_view($forumid, $view, $userid = 0, $posterid = 0, $topicid = 0, $postid = 0) { global $spGlobals, $spThisUser, $spStatus; # bail if awaiting upgrade since no forums are visible if (!isset($spStatus) || isset($spStatus) && $spStatus != 'ok') { return; } # return false for any disabled forums since they are not shown on front end if (in_array($forumid, $spGlobals['disabled_forums'])) { return false; } # make sure we at least use the current user if (empty($userid)) { $userid = $spThisUser->ID; } $auth = false; switch ($view) { case 'forum-title': $auth = sp_get_auth('view_forum', $forumid, $userid) || sp_get_auth('view_forum_lists', $forumid, $userid) || sp_get_auth('view_forum_topic_lists', $forumid, $userid); $auth = apply_filters('sph_auth_view_forum_title', $auth, $forumid, $view, $userid, $posterid); break; case 'topic-title': $auth = sp_get_auth('view_forum', $forumid, $userid) || sp_get_auth('view_forum_topic_lists', $forumid, $userid); $auth = apply_filters('sph_auth_view_topic_title', $auth, $forumid, $view, $userid, $posterid); break; case 'post-content': $auth = sp_get_auth('view_forum', $forumid, $userid) && (!sp_is_forum_admin($posterid) || sp_get_auth('view_admin_posts', $forumid, $userid)) && (sp_is_forum_admin($posterid) || sp_is_forum_mod($posterid) || $userid == $posterid || !sp_get_auth('view_own_admin_posts', $forumid, $userid)); $auth = apply_filters('sph_auth_view_post_content', $auth, $forumid, $view, $userid, $posterid, $topicid, $postid); break; default: $auth = apply_filters('sph_auth_view_' . $view, $auth, $forumid, $view, $userid, $posterid, $topicid, $postid); break; } $auth = apply_filters('sph_auth_view', $auth, $forumid, $view, $userid, $posterid); return $auth; }
function sp_PostForumToolButton($args = '', $label = '', $toolTip = '') { global $spThisTopic, $spThisPost, $spThisPostUser, $spThisUser, $spGuestCookie, $spGlobals; if ($spGlobals['lockdown'] == true && $spThisUser->admin == false) { return; } $show = false; if ($spThisUser->admin || $spThisUser->moderator) { $show = true; } else { $edit_days = sp_get_option('editpostdays'); $post_date = strtotime(sp_date('d', $spThisPost->post_date)); $date_diff = floor((time() - $post_date) / (60 * 60 * 24)); if (sp_get_auth('view_email', $spThisTopic->forum_id) || sp_get_auth('pin_posts', $spThisTopic->forum_id) || sp_get_auth('edit_any_post', $spThisTopic->forum_id) || sp_get_auth('edit_own_posts_forever', $spThisTopic->forum_id) && $spThisUser->member && $spThisPostUser->ID == $spThisUser->ID || sp_get_auth('edit_own_posts_forever', $spThisTopic->forum_id) && $spThisUser->guest && $spThisPost->guest_email == $spGuestCookie->guest_email || sp_get_auth('edit_own_posts_reply', $spThisTopic->forum_id) && $spThisUser->member && $spThisPostUser->ID == $spThisUser->ID && $spThisPost->last_post || sp_get_auth('edit_own_posts_reply', $spThisTopic->forum_id) && $spThisUser->guest && $spThisPost->guest_email == $spGuestCookie->guest_email && $spThisPost->last_post || sp_get_auth('edit_own_posts_for_time', $spThisTopic->forum_id) && $spThisUser->member && $spThisPostUser->ID == $spThisUser->ID && $date_diff <= $edit_days || sp_get_auth('move_posts', $spThisTopic->forum_id) || sp_get_auth('reassign_posts', $spThisTopic->forum_id) || sp_get_auth('delete_any_post', $spThisTopic->forum_id) || sp_get_auth('delete_own_posts', $spThisTopic->forum_id) && $spThisPostUser->user_id == $spThisUser->ID || sp_get_auth('moderate_posts', $spThisTopic->forum_id) && $spThisPost->post_status != 0) { $show = true; } } $show = apply_filters('sph_forum_tools_topic_show', $show); if (!$show) { return; } $defs = array('tagId' => 'spForumToolButton%ID%', 'tagClass' => 'spToolsButton', 'icon' => 'sp_ForumTools.png', 'iconClass' => 'spIcon', 'hide' => 1, 'containerClass' => 'spTopicPostSection'); $a = wp_parse_args($args, $defs); $a = apply_filters('sph_PostForumToolButton_args', $a); extract($a, EXTR_SKIP); # sanitize before use $tagId = esc_attr($tagId); $tagClass = esc_attr($tagClass); $icon = sanitize_file_name($icon); $iconClass = esc_attr($iconClass); $containerClass = esc_attr($containerClass); $hide = (int) $hide; $toolTip = esc_attr($toolTip); $label = sp_filter_title_display($label); $tagId = str_ireplace('%ID%', $spThisPost->post_id, $tagId); $addStyle = ''; if ($hide) { $addStyle = " style='display: none;' "; } $last = $spThisPost->last_post ? 1 : 0; $site = SFHOMEURL . 'index.php?sp_ahah=admintoollinks&sfnonce=' . wp_create_nonce('forum-ahah') . "&action=posttools&post={$spThisPost->post_id}&page={$spThisTopic->display_page}&postnum={$spThisPost->post_index}&name=" . urlencode($spThisPostUser->display_name) . "&forum={$spThisTopic->forum_id}&last={$last}"; $out = "<a class='{$tagClass}' id='{$tagId}' title='{$toolTip}' rel='nofollow' href='javascript:void(null)' {$addStyle} "; $title = esc_js(sp_text('Forum Tools')); $out .= "onclick='spjDialogAjax(this, \"" . $site . "\", \"" . $title . "\", 350, 0, 0);' >"; if (!empty($icon)) { $out .= sp_paint_icon($iconClass, SPTHEMEICONSURL, $icon); } if (!empty($label)) { $out .= $label; } $out .= "</a>\n"; $out = apply_filters('sph_PostForumToolButton', $out, $a); echo $out; # Add script to hover admin buttons - just once if ($spThisTopic->tools_flag && $hide) { ?> <script type='text/javascript'> /* <![CDATA[ */ var sptb = { toolclass : '.<?php echo $containerClass; ?> ' }; /* ]]> */ </script> <?php add_action('wp_footer', 'spjs_AddPostToolsHover'); $spThisTopic->tools_flag = false; } }
function sp_TopicEditorWindow($addTopicForm) { global $spThisUser, $spThisForum, $spGlobals; if (sp_get_auth('start_topics', $spThisForum->forum_id) && !$spThisForum->forum_status && !$spGlobals['lockdown'] || $spThisUser->admin) { $out = '<a id="dataform"></a>' . "\n"; $out .= sp_add_topic($addTopicForm); echo $out; # inline js to open topic form if from the topic view (script below) if ($addTopicForm['hide'] == 0 || isset($_GET['new']) && $_GET['new'] == 'topic') { add_action('wp_footer', 'spjs_OpenTopicForm'); } } }
function sp_MemberListUsergroupSelect($args = '') { global $spMembersList; if (empty($spMembersList->userGroups)) { return; } if (!sp_get_auth('view_members_list')) { return; } global $spMembersList; $defs = array('tagId' => 'spUsergroupSelect', 'tagClass' => 'spUsergroupSelect', 'selectClass' => 'spControl', 'echo' => 1); $a = wp_parse_args($args, $defs); $a = apply_filters('sph_MemberListUsergroupSelect_args', $a); extract($a, EXTR_SKIP); # sanitize before use $tagId = esc_attr($tagId); $tagClass = esc_attr($tagClass); $selectClass = esc_attr($selectClass); $echo = (int) $echo; $search = !empty($_POST['msearch']) && !isset($_POST['allmembers']) ? '&msearch=' . sp_esc_str($_POST['msearch']) : ''; $search = !empty($_GET['msearch']) ? '&msearch=' . sp_esc_str($_GET['msearch']) : $search; $ug = !empty($_POST['ug']) && !isset($_POST['allmembers']) ? sp_esc_int($_POST['ug']) : ''; $ug = !empty($_GET['ug']) ? sp_esc_int($_GET['ug']) : $ug; $out = "<div id='{$tagId}' class='{$tagClass}'>"; $out .= "<select class='{$selectClass}' name='sp_usergroup_select' onchange='javascript:spjChangeURL(this)'>"; $out .= "<option value='#'>" . sp_text('Select Specific Usergroup') . "</option>"; foreach ($spMembersList->userGroups as $usergroup) { $selected = $usergroup['usergroup_id'] == $ug ? "selected='selected'" : ''; $out .= "<option {$selected} value='" . sp_get_sfqurl(sp_url('members')) . 'ug=' . $usergroup['usergroup_id'] . $search . "'>" . sp_filter_title_display($usergroup['usergroup_name']) . '</option>'; } if (!empty($ug)) { $out .= "<option value='" . sp_get_sfqurl(sp_url('members')) . $search . "'>" . sp_text('Reset to Default Usergroups') . "</option>"; } $out .= '</select>'; $out .= "</div>\n"; $out = apply_filters('sph_MemberListUsergroupSelect', $out, $a); if ($echo) { echo $out; } else { return $out; } }