function sp_akismet($newpost)
{
global $spThisUser;
if (sp_get_auth('bypass_akismet', $newpost['forumid'])) {
return $newpost;
}
if (function_exists('akismet_http_post') == false) {
return $newpost;
}
$akismet = sp_get_option('spAkismet');
if (empty($akismet) || $akismet == 1) {
return $newpost;
}
$spam = sp_check_akismet($newpost);
if (true == $spam) {
if ($akismet == 2) {
$newpost['poststatus'] = 2;
}
if ($akismet == 3) {
sp_notify(1, __('This post has been identified as spam and has been rejected', 'spab'));
wp_redirect(sp_url());
die;
}
}
return $newpost;
}
function sp_check_spammath($forumid)
{
# Spam Check
$spamtest = array();
$spamtest[0] = false;
$usemath = true;
if (sp_get_auth('bypass_math_question', $forumid) == false) {
$spamtest = sp_spamcheck();
}
return $spamtest;
}
function sp_kses_array()
{
global $allowedforumtags, $allowedforumprotocols, $spVars, $spThisUser;
$allowedforumprotocols = apply_filters('sph_allowed_protocols', array('http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'clsid', 'data'));
$allowedforumtags = array('address' => array('class' => true), 'a' => array('class' => true, 'href' => true, 'id' => true, 'title' => true, 'rel' => true, 'rev' => true, 'name' => true, 'target' => true, 'style' => true), 'abbr' => array('class' => true, 'title' => true), 'acronym' => array('title' => true, 'class' => true), 'article' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'aside' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'audio' => array('autoplay' => true, 'class' => true, 'controls' => true, 'id' => true, 'loop' => true, 'muted' => true, 'poster' => true, 'preload' => true, 'src' => true, 'style' => true), 'b' => array('class' => true), 'big' => array('class' => true), 'blockquote' => array('id' => true, 'cite' => true, 'class' => true, 'lang' => true, 'xml:lang' => true, 'style' => true), 'br' => array('class' => true), 'caption' => array('align' => true, 'class' => true), 'cite' => array('class' => true, 'dir' => true, 'lang' => true, 'title' => true), 'code' => array('class' => true, 'style' => true), 'dd' => array('class' => true), 'del' => array('datetime' => true), 'details' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'open' => true, 'style' => true, 'xml:lang' => true), 'div' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'dl' => array('class' => true), 'dt' => array('class' => true), 'em' => array('class' => true), 'embed' => array('height' => true, 'name' => true, 'pallette' => true, 'src' => true, 'type' => true, 'width' => true), 'figure' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'figcaption' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'font' => array('color' => true, 'face' => true, 'size' => true), 'footer' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'header' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'hgroup' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'h1' => array('align' => true, 'class' => true, 'id' => true, 'style' => true), 'h2' => array('align' => true, 'class' => true, 'id' => true, 'style' => true), 'h3' => array('align' => true, 'class' => true, 'id' => true, 'style' => true), 'h4' => array('align' => true, 'class' => true, 'id' => true, 'style' => true), 'h5' => array('align' => true, 'class' => true, 'id' => true, 'style' => true), 'h6' => array('align' => true, 'class' => true, 'id' => true, 'style' => true), 'hr' => array('align' => true, 'class' => true, 'noshade' => true, 'size' => true, 'width' => true), 'i' => array('class' => true), 'img' => array('alt' => true, 'title' => true, 'align' => true, 'border' => true, 'class' => true, 'height' => true, 'hspace' => true, 'longdesc' => true, 'vspace' => true, 'src' => true, 'style' => true, 'width' => true), 'ins' => array('datetime' => true, 'cite' => true), 'kbd' => array('class' => true), 'label' => array('for' => true), 'legend' => array('align' => true), 'li' => array('align' => true, 'class' => true, 'id' => true, 'style' => true), 'menu' => array('class' => true, 'style' => true, 'type' => true), 'nav' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'object' => array('classid' => true, 'codebase' => true, 'codetype' => true, 'data' => true, 'declare' => true, 'height' => true, 'name' => true, 'param' => true, 'standby' => true, 'type' => true, 'usemap' => true, 'width' => true), 'param' => array('id' => true, 'name' => true, 'type' => true, 'value' => true, 'valuetype' => true), 'p' => array('class' => true, 'align' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'pre' => array('class' => true, 'style' => true, 'width' => true), 'q' => array('cite' => true), 's' => array('class' => true), 'section' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'small' => array('class' => true), 'source' => array('class' => true, 'id' => true, 'media' => true, 'src' => true, 'style' => true, 'type' => true), 'span' => array('class' => true, 'dir' => true, 'align' => true, 'lang' => true, 'style' => true, 'title' => true, 'xml:lang' => true, 'id' => true), 'strike' => array('class' => true), 'strong' => array('class' => true), 'sub' => array('class' => true), 'summary' => array('align' => true, 'class' => true, 'dir' => true, 'lang' => true, 'style' => true, 'xml:lang' => true), 'sup' => array('class' => true), 'table' => array('align' => true, 'bgcolor' => true, 'border' => true, 'cellpadding' => true, 'cellspacing' => true, 'class' => true, 'dir' => true, 'id' => true, 'rules' => true, 'style' => true, 'summary' => true, 'width' => true), 'tbody' => array('align' => true, 'char' => true, 'charoff' => true, 'valign' => true), 'td' => array('abbr' => true, 'align' => true, 'axis' => true, 'bgcolor' => true, 'char' => true, 'charoff' => true, 'class' => true, 'colspan' => true, 'dir' => true, 'headers' => true, 'height' => true, 'nowrap' => true, 'rowspan' => true, 'scope' => true, 'style' => true, 'valign' => true, 'width' => true), 'tfoot' => array('align' => true, 'char' => true, 'class' => true, 'charoff' => true, 'valign' => true), 'th' => array('abbr' => true, 'align' => true, 'axis' => true, 'bgcolor' => true, 'char' => true, 'charoff' => true, 'class' => true, 'colspan' => true, 'headers' => true, 'height' => true, 'nowrap' => true, 'rowspan' => true, 'scope' => true, 'valign' => true, 'width' => true), 'thead' => array('align' => true, 'char' => true, 'charoff' => true, 'class' => true, 'valign' => true), 'title' => array('class' => true), 'tr' => array('align' => true, 'bgcolor' => true, 'char' => true, 'charoff' => true, 'class' => true, 'style' => true, 'valign' => true), 'tt' => array('class' => true), 'u' => array('class' => true), 'ul' => array('class' => true, 'style' => true, 'type' => true), 'ol' => array('class' => true, 'start' => true, 'style' => true, 'type' => true), 'var' => array('class' => true), 'video' => array('autoplay' => true, 'class' => true, 'controls' => true, 'height' => true, 'id' => true, 'loop' => true, 'muted' => true, 'poster' => true, 'preload' => true, 'src' => true, 'style' => true, 'width' => true));
$target = isset($spVars['forumid']) ? $spVars['forumid'] : 'global';
if (isset($spThisUser) && sp_get_auth('can_use_iframes', $target, $spThisUser->ID)) {
$allowedforumtags['iframe'] = array('width' => true, 'height' => true, 'frameborder' => true, 'src' => true, 'frameborder' => true, 'marginwidth' => true, 'marginheight' => true);
}
$allowedforumtags = apply_filters('sph_kses_allowed_tags', $allowedforumtags);
}
function sp_update_users_newposts()
{
global $spThisUser;
# Check the users checktime against the last post timestamp to see if we need to do this
$checkTime = spdb_zone_mysql_checkdate($spThisUser->checktime);
$postTime = sp_get_option('poststamp');
if (strtotime($checkTime) > strtotime($postTime) && !isset($_GET['mark-read'])) {
return;
}
# so there must have been a new post since the last page load for this user
$newPostList = $spThisUser->newposts;
if (empty($newPostList['topics'])) {
# clean it up to be on the safe side
unset($newPostList);
$newPostList = array();
$newPostList['topics'] = array();
$newPostList['forums'] = array();
}
# create new holding array and new checktime (now)
$addPostList = array();
$addPostList['topics'] = array();
$addPostList['forums'] = array();
sp_set_server_timezone();
$newCheckTime = sp_apply_timezone(time(), 'mysql');
# Use the current checktime for any new posts since users session began
$records = spdb_select('set', "SELECT DISTINCT topic_id, forum_id FROM " . SFPOSTS . "\n\t\t\t\t\t\t\t\t WHERE post_status = 0 AND post_date > '" . $checkTime . "' AND user_id != " . $spThisUser->ID . "\n\t\t\t\t\t\t\t\t ORDER BY post_id DESC LIMIT " . $spThisUser->unreadposts . ";", ARRAY_A);
if ($records) {
foreach ($records as $r) {
if (sp_get_auth('view_forum', $r['forum_id']) && !in_array($r['topic_id'], $newPostList['topics'])) {
$addPostList['topics'][] = $r['topic_id'];
$addPostList['forums'][] = $r['forum_id'];
}
}
}
$addPostList = apply_filters('sph_new_post_list', $addPostList, $newPostList);
# now merge the arrays and truncate if necessary
$newPostList['topics'] = array_merge($addPostList['topics'], $newPostList['topics']);
$newPostList['forums'] = array_merge($addPostList['forums'], $newPostList['forums']);
if (count($newPostList['topics']) > $spThisUser->unreadposts) {
array_splice($newPostList['topics'], $spThisUser->unreadposts);
array_splice($newPostList['forums'], $spThisUser->unreadposts);
}
# update sfmembers - do it here to ensure both are updated together
spdb_query("UPDATE " . SFMEMBERS . " SET newposts='" . serialize($newPostList) . "', checktime='" . $newCheckTime . "' WHERE user_id=" . $spThisUser->ID);
$spThisUser->newpostlist = true;
$spThisUser->checktime = $newCheckTime;
$spThisUser->newposts = $newPostList;
}
function sp_do_sp_AddNewTopicLinkTag($args = '')
{
#check if forum displayed
if (sp_abort_display_forum()) {
return;
}
$defs = array('tagId' => 'spAddNewTopicLinkTag', 'tagClass' => 'spLinkTag', 'forumId' => '', 'linkText' => '%FORUMNAME%', 'beforeLink' => __('Add new topic in the ', 'sp-ttags'), 'afterLink' => __(' forum', 'sp-ttags'), 'echo' => 1);
$a = wp_parse_args($args, $defs);
$a = apply_filters('sph_AddNewTopicLinkTag_args', $a);
extract($a, EXTR_SKIP);
# sanitize before use
$tagId = esc_attr($tagId);
$tagClass = esc_attr($tagClass);
$forumId = (int) $forumId;
$linkText = esc_attr($linkText);
$beforeLink = sp_filter_title_display($beforeLink);
$afterLink = sp_filter_title_display($afterLink);
$echo = (int) $echo;
if (!$forumId) {
return;
}
if (!empty($beforeLink)) {
$beforeLink = trim($beforeLink) . ' ';
}
if (!empty($afterLink)) {
$afterLink = ' ' . trim($afterLink);
}
sp_forum_api_support();
if (sp_get_auth('start_topics', $forumId)) {
$forum = spdb_table(SFFORUMS, "forum_id={$forumId}", 'row');
$linkText = str_replace("%FORUMNAME%", sp_filter_title_display($forum->forum_name), $linkText);
$url = sp_build_url($forum->forum_slug, '', 0, 0);
$url = sp_get_sfqurl($url) . 'new=topic';
$out = "<span id='{$tagId}' class='{$tagClass}'>";
$out .= $beforeLink . '<a href="' . $url . '">' . $linkText . '</a>' . $afterLink;
$out .= '</span>';
$out = apply_filters('sph_AddNewTopicLinkTag', $out);
if ($echo) {
echo $out;
} else {
return $out;
}
}
}
function sp_ForumIndexAddIcon($args = '', $toolTip = '')
{
global $spThisForum, $spGlobals, $spThisUser;
$defs = array('tagId' => 'spForumIndexAddIcon%ID%', 'tagClass' => 'spIcon', 'icon' => 'sp_ForumStatusAdd.png', 'echo' => 1, 'get' => 0);
$a = wp_parse_args($args, $defs);
$a = apply_filters('sph_ForumIndexAddIcon_args', $a);
extract($a, EXTR_SKIP);
# sanitize before use
$tagId = esc_attr($tagId);
$tagClass = esc_attr($tagClass);
$icon = sanitize_file_name($icon);
$echo = (int) $echo;
$tagId = str_ireplace('%ID%', $spThisForum->forum_id, $tagId);
$out = '';
# add new topic icon
if (sp_get_auth('start_topics', $spThisForum->forum_id) && (!$spThisForum->forum_status && !$spGlobals['lockdown'] || $spThisUser->admin)) {
$url = sp_build_url($spThisForum->forum_slug, '', 1, 0) . sp_add_get() . 'new=topic';
$out .= "<a id='{$tagId}' class='{$tagClass} vtip' title='{$toolTip}' href='{$url}'>\n";
if (!empty($icon)) {
$out .= "<img src='" . sp_find_icon(SPTHEMEICONSURL, "{$icon}") . "' alt='' />\n";
}
$out .= "</a>\n";
$out = apply_filters('sph_ForumIndexAddIcon', $out, $a);
}
if ($echo) {
echo $out;
} else {
return $out;
}
}
function sp_post_editor_smileys_options($out, $spThisTopic, $a, $toolbar)
{
global $spGlobals, $spVars, $spThisUser;
extract($a, EXTR_SKIP);
# sanitize
$controlInput = esc_attr($controlInput);
$labelSmileys = sp_filter_title_display($labelSmileys);
$labelOptions = sp_filter_title_display($labelOptions);
$labelOptionTime = sp_filter_title_display($labelOptionTime);
$smileysBox = '';
$optionsBox = '';
# work out what we need to display
$display = array();
$display['smileys'] = false;
$display['options'] = false;
if (sp_get_auth('can_use_smileys', $spThisTopic->forum_id)) {
$display['smileys'] = true;
}
if ((sp_get_auth('lock_topics', $spThisTopic->forum_id) || sp_get_auth('pin_posts', $spThisTopic->forum_id)) && $spVars['displaymode'] != 'edit' || $spThisUser->admin || $spThisUser->moderator) {
$display['options'] = true;
}
$display = apply_filters('sph_post_editor_display_options', $display);
# Now start the displays
$class = $toolbar == 'toolbar' ? ' spInlineSection' : '';
if ($display['smileys'] || $display['options']) {
$out .= sp_InsertBreak('echo=0') . "<div>\n";
}
# Smileys
if ($display['smileys']) {
$smileysBox = apply_filters('sph_post_smileys_display', $smileysBox, $spThisTopic, $a);
if ($display['options'] && $toolbar == 'inline') {
$smileysBox .= "<div id='spSmileysBox' class='spEditorSection spEditorSectionLeft{$class}'>\n";
} else {
$smileysBox .= "<div id='spSmileysBox' class='spEditorSection{$class}'>\n";
}
$smileysBox .= "<div class='spEditorHeading'>{$labelSmileys}\n";
$smileysBox = apply_filters('sph_post_smileys_header_add', $smileysBox, $spThisTopic, $a);
$smileysBox .= '</div>';
$smileysBox .= '<div class="spEditorSmileys">' . "\n";
$smileysBox .= sp_render_smileys();
$smileysBox .= '</div>';
$smileysBox = apply_filters('sph_post_smileys_add', $smileysBox, $spThisTopic, $a);
if ($toolbar == 'toolbar') {
$smileysBox .= sp_InsertBreak('direction=both&spacer=6px&echo=0');
}
$smileysBox .= '</div>' . "\n";
}
# Options
if ($display['options']) {
$optionsBox = apply_filters('sph_post_options_display', $optionsBox, $spThisTopic, $a);
if ($display['smileys'] && $toolbar == 'inline') {
$optionsBox .= "<div id='spOptionsBox' class='spEditorSection spEditorSectionRight{$class}'>\n";
} else {
$optionsBox .= "<div id='spOptionsBox' class='spEditorSection{$class}'>\n";
}
$optionsBox .= "<div class='spEditorHeading'>{$labelOptions}\n";
$optionsBox = apply_filters('sph_post_options_header_add', $optionsBox, $spThisTopic, $a);
$optionsBox .= '</div>';
if ($spVars['displaymode'] != 'edit') {
$labelOptionLock = sp_filter_title_display($labelOptionLock);
$labelOptionPin = sp_filter_title_display($labelOptionPin);
if (sp_get_auth('lock_topics', $spThisTopic->forum_id)) {
$optionsBox .= "<input type='checkbox' class='{$controlInput}' name='topiclock' id='sftopiclock' tabindex='110' />\n";
$optionsBox .= "<label class='spLabel spCheckbox' for='sftopiclock'>{$labelOptionLock}</label>\n";
$optionsBox .= "<br />\n";
}
if (sp_get_auth('pin_topics', $spThisTopic->forum_id)) {
$optionsBox .= "<input type='checkbox' class='{$controlInput}' name='postpin' id='sfpostpin' tabindex='111' />\n";
$optionsBox .= "<label class='spLabel spCheckbox' for='sfpostpin'>{$labelOptionPin}</label>\n";
$optionsBox .= "<br />\n";
}
}
if ($spThisUser->admin) {
$optionsBox .= "<input type='checkbox' class='{$controlInput}' tabindex='112' id='sfeditTimestamp' name='editTimestamp' onchange='spjToggleLayer(\"spHiddenTimestamp\");'/>\n";
$optionsBox .= "<label class='spLabel spCheckbox' for='sfeditTimestamp'>{$labelOptionTime}</label>\n";
$optionsBox .= "<br />\n";
}
if ($spThisUser->admin) {
global $wp_locale, $month, $spThisPost;
$time_adj = time() + get_option('gmt_offset') * 3600;
$dd = gmdate('d', $time_adj);
$mm = gmdate('m', $time_adj);
$yy = gmdate('Y', $time_adj);
$hh = gmdate('H', $time_adj);
$mn = gmdate('i', $time_adj);
$ss = gmdate('s', $time_adj);
$optionsBox .= '<div id="spHiddenTimestamp">' . "\n";
$optionsBox .= "<select class='{$controlInput}' tabindex='114' name='tsMonth' onchange='editTimestamp.checked=true'>\n";
for ($i = 1; $i < 13; $i = $i + 1) {
$optionsBox .= "\t\t\t<option value=\"{$i}\"";
if ($i == $mm) {
$optionsBox .= " selected='selected'";
}
if (class_exists('WP_Locale')) {
$optionsBox .= '>' . $wp_locale->get_month($i) . '</option>';
} else {
$optionsBox .= '>' . $month[$i] . '</option>';
}
}
$optionsBox .= '</select> ';
$optionsBox .= "<input class='{$controlInput}' tabindex='115' type='text' id='tsDay' name='tsDay' value='{$dd}' size='2' maxlength='2'/> \n";
$optionsBox .= "<input class='{$controlInput}' tabindex='116' type='text' id='tsYear' name='tsYear' value='{$yy}' size='4' maxlength='5'/> @\n";
$optionsBox .= "<input class='{$controlInput}' tabindex='117' type='text' id='tsHour' name='tsHour' value='{$hh}' size='2' maxlength='2'/> :\n";
$optionsBox .= "<input class='{$controlInput}' tabindex='118' type='text' id='tsMinute' name='tsMinute' value='{$mn}' size='2' maxlength='2'/> \n";
$optionsBox .= "<input class='{$controlInput}' tabindex='119' type='hidden' id='tsSecond' name='tsSecond' value='{$ss}' /> \n";
$optionsBox .= "</div>";
}
if ($spVars['displaymode'] == 'edit') {
$optionsBox = apply_filters('sph_post_edit_options_add', $optionsBox, $spThisTopic, $a);
} else {
$optionsBox = apply_filters('sph_post_options_add', $optionsBox, $spThisTopic, $a);
}
if ($toolbar == 'toolbar') {
$optionsBox .= sp_InsertBreak('direction=both&spacer=6px&echo=0');
} else {
$optionsBox .= sp_InsertBreak('echo=0');
}
$optionsBox .= '</div>' . "\n";
}
if ($display['smileys'] || $display['options']) {
$out .= $smileysBox . $optionsBox;
$out .= sp_InsertBreak('echo=0');
$out .= '</div>';
}
return $out;
}
# get all the tabs meta info
$tabs = sp_profile_get_tabs();
if (!empty($tabs)) {
foreach ($tabs as $tab) {
# find the pressed tab in the list of tabs
if ($tab['slug'] == $thisTab) {
# now output the menu and content
$first = true;
$thisForm = '';
$thisName = '';
$thisSlug = '';
$out = '';
if (!empty($tab['menus'])) {
foreach ($tab['menus'] as $menu) {
# do we need an auth check?
$authCheck = empty($menu['auth']) ? true : sp_get_auth($menu['auth'], '', $userid);
# is this menu being displayed and does user have auth to see it?
if ($authCheck && $menu['display']) {
$current = '';
# if tab press, see if its the first
if ($first && empty($thisMenu)) {
$current = 'current';
$thisName = $menu['name'];
$thisForm = $menu['form'];
$thisSlug = $menu['slug'];
$first = false;
} else {
if (!empty($thisMenu)) {
# if this menu was pressed, make it the current form
if ($menu['slug'] == $thisMenu) {
$current = 'current';
function sp_forumview_stats_query($topics, $forumid)
{
if (empty($topics)) {
return;
}
global $spThisUser;
$t = implode(',', $topics);
$spdb = new spdbComplex();
$spdb->table = SFPOSTS;
$spdb->fields = SFPOSTS . '.post_id, ' . SFPOSTS . '.topic_id, ' . spdb_zone_datetime('post_date') . ',
guest_name, ' . SFPOSTS . '.user_id, post_content, post_status, ' . SFMEMBERS . '.display_name, post_index';
$spdb->join = array(SFTOPICS . ' ON ' . SFTOPICS . '.topic_id = ' . SFPOSTS . '.topic_id');
$spdb->left_join = array(SFMEMBERS . ' ON ' . SFPOSTS . '.user_id = ' . SFMEMBERS . '.user_id');
# only show posts awaiting moderation to admins/mods
if (sp_get_auth('moderate_posts', $forumid)) {
$spdb->where = SFPOSTS . '.topic_id IN (' . $t . ') AND (post_index = 1 OR ' . SFPOSTS . '.post_id = ' . SFTOPICS . '.post_id)';
} else {
$spdb->where = SFPOSTS . '.topic_id IN (' . $t . ') AND (post_index = 1 OR ' . SFPOSTS . '.post_id = ' . SFTOPICS . '.post_id_held)';
}
$spdb->orderby = SFPOSTS . '.topic_id, ' . SFPOSTS . '.post_id';
$spdb = apply_filters('sph_forumview_stats_query', $spdb, $this);
if (!empty($spThisUser->inspect['q_spForumViewStats'])) {
$spdb->inspect = 'spForumViewStats';
$spdb->show = true;
}
$records = $spdb->select();
return $records;
}
function sp_ProfileShowEmail($args = '', $label = '')
{
global $spProfileUser, $spThisUser;
if (!sp_get_auth('view_profiles')) {
return;
}
$defs = array('tagClass' => 'spProfileShowLink', 'leftClass' => 'spColumnSection spProfileLeftCol', 'middleClass' => 'spColumnSection spProfileSpacerCol', 'rightClass' => 'spColumnSection spProfileRightCol', 'adminOnly' => 1, 'echo' => 1, 'get' => 0);
$a = wp_parse_args($args, $defs);
$a = apply_filters('sph_ProfileShowLink_args', $a);
extract($a, EXTR_SKIP);
# sanitize before use
$tagClass = esc_attr($tagClass);
$leftClass = esc_attr($leftClass);
$middleClass = esc_attr($middleClass);
$rightClass = esc_attr($rightClass);
$adminOnly = (int) $adminOnly;
# this should really be bypass permission or let anyone view
$label = sp_filter_title_display($label);
$echo = (int) $echo;
$get = (int) $get;
if ($get) {
return $spProfileUser->user_email;
}
if (sp_get_auth('view_email') || !$adminOnly) {
$out = '';
$out .= "<div class='{$leftClass}'>";
$out .= "<p class='{$tagClass}'>{$label}:</p>";
$out .= '</div>';
$out .= "<div class='{$middleClass}'></div>";
$out .= "<div class='{$rightClass}'>";
$out .= "<p class='{$tagClass}'>{$spProfileUser->user_email}</p>";
$out .= "</div>\n";
$out = apply_filters('sph_ProfileShowEmail', $out, $spProfileUser, $a);
if ($echo) {
echo $out;
} else {
return $out;
}
}
}
function sp_filter_rss_display($content)
{
global $spVars;
#save unedited content
$original = $content;
# 1: Backwards compatible make links clickable
$content = sp_filter_display_links($content);
# 3: Convert Chars
$content = sp_filter_display_chars($content);
# 4: Format the paragraphs
$content = sp_filter_display_paragraphs($content);
# 5: strip shortcodes
if (sp_get_option('sffiltershortcodes')) {
$content = sp_filter_display_shortcodes($content);
}
# 6: hide links
if (!sp_get_auth('view_links', $spVars['forumid'])) {
$content = sp_filter_display_hidelinks($content);
}
# 7: apply any users custom filters
$content = apply_filters('sph_display_rss_content_filter', $content, $original);
return $content;
}
function sp_render_common_tools($forum, $topic, $post = 0, $page = 0)
{
global $spThisUser;
$out = '';
if (sp_get_auth('lock_topics', $forum['forum_id'])) {
$out .= '<div class="spForumToolsLock">';
$locktext = $topic['topic_status'] ? sp_text('Unlock this topic') : sp_text('Lock this topic');
$out .= '<img class="spIcon" src="' . sp_find_icon(SPTHEMEICONSURL, 'sp_ToolsLock.png') . '" alt="" title="" />';
$ajaxUrl = SFHOMEURL . 'index.php?sp_ahah=admintools&sfnonce=' . wp_create_nonce('forum-ahah') . '&action=lock-topic&topic=' . $topic['topic_id'];
$out .= "<a href='javascript:void(null)' onclick='spjLockTopic(\"{$ajaxUrl}\");'>{$locktext}</a>";
$out .= '</div>';
}
if (sp_get_auth('pin_topics', $forum['forum_id'])) {
$out .= '<div class="spForumToolsPin">';
$pintext = $topic['topic_pinned'] ? sp_text('Unpin this topic') : sp_text('Pin this topic');
$out .= '<img class="spIcon" src="' . sp_find_icon(SPTHEMEICONSURL, 'sp_ToolsPin.png') . '" alt="" title="" />';
$ajaxUrl = SFHOMEURL . 'index.php?sp_ahah=admintools&sfnonce=' . wp_create_nonce('forum-ahah') . '&action=pin-topic&topic=' . $topic['topic_id'];
$out .= "<a href='javascript:void(null)' onclick='spjPinTopic(\"{$ajaxUrl}\");'>{$pintext}</a>";
$out .= '</div>';
}
if (sp_get_auth('pin_topics', $forum['forum_id']) && $topic['topic_pinned']) {
$out .= '<div class="spForumToolsPin">';
$pintext = sp_text('Promote this pinned topic');
$out .= '<img class="spIcon" src="' . sp_find_icon(SPTHEMEICONSURL, 'sp_ToolsPin.png') . '" alt="" title="" />';
$site = SFHOMEURL . 'index.php?sp_ahah=admintools&sfnonce=' . wp_create_nonce('forum-ahah') . '&action=order-pins&topicid=' . $topic['topic_id'] . '&forumid=' . $forum['forum_id'] . '&userid=' . $topic['user_id'];
$title = sp_text('Order Pinned Topics');
$out .= '<a rel="nofollow" href="javascript:void(null)" onclick="spjDialogAjax(this, \'' . $site . '\', \'' . esc_js($title) . '\', 400, 0, \'center\');">' . $title . '</a>';
$out .= '</div>';
}
if (sp_get_auth('edit_own_topic_titles', $forum['forum_id']) && $topic['user_id'] == $spThisUser->ID || sp_get_auth('edit_any_topic_titles', $forum['forum_id'])) {
$out .= '<div class="spForumToolsEdit">';
$out .= '<img class="spIcon" src="' . sp_find_icon(SPTHEMEICONSURL, 'sp_ToolsEdit.png') . '" alt="" title="" />';
$site = SFHOMEURL . 'index.php?sp_ahah=admintools&sfnonce=' . wp_create_nonce('forum-ahah') . '&action=edit-title&topicid=' . $topic['topic_id'] . '&forumid=' . $forum['forum_id'] . '&userid=' . $topic['user_id'];
$title = sp_text('Edit topic title');
$out .= '<a rel="nofollow" href="javascript:void(null)" onclick="spjDialogAjax(this, \'' . $site . '\', \'' . esc_js($title) . '\', 400, 0, \'center\');">' . $title . '</a>';
$out .= '</div>';
}
if (sp_get_auth('delete_topics', $forum['forum_id'])) {
$out .= '<div class="spForumToolsDelete">';
$out .= '<img class="spIcon" src="' . sp_find_icon(SPTHEMEICONSURL, 'sp_ToolsDelete.png') . '" alt="" title="" />';
$msg = esc_js(sp_text('Are you sure you want to delete this topic?'));
$view = !empty($post) ? 'topic' : 'forum';
$ajaxUrl = SFHOMEURL . 'index.php?sp_ahah=admintools&sfnonce=' . wp_create_nonce('forum-ahah') . '&action=delete-topic&killtopic=' . $topic['topic_id'] . '&killtopicforum=' . $forum['forum_id'] . '&page=' . $page . "&view={$view}";
$out .= "<a href='javascript:void(null)' onclick='spjDeleteTopic(\"{$ajaxUrl}\", {$topic['topic_id']}, {$forum['forum_id']});'>";
$out .= sp_text('Delete this topic');
$out .= '</a>';
}
if (sp_get_auth('move_topics', $forum['forum_id'])) {
$out .= '<div class="spForumToolsMove">';
$out .= '<img class="spIcon" src="' . sp_find_icon(SPTHEMEICONSURL, 'sp_ToolsMove.png') . '" alt="" title="" />';
$site = SFHOMEURL . 'index.php?sp_ahah=admintools&sfnonce=' . wp_create_nonce('forum-ahah') . '&action=move-topic&topicid=' . $topic['topic_id'] . '&forumid=' . $forum['forum_id'];
$title = sp_text('Move this topic');
$out .= '<a rel="nofollow" href="javascript:void(null)" onclick="spjDialogAjax(this, \'' . $site . '\', \'' . esc_js($title) . '\', 400, 0, \'center\');">' . $title . '</a>';
$out .= '</div>';
}
$out = apply_filters('sph_add_common_tools', $out, $forum, $topic, $post, $page);
return $out;
}
function validateData()
{
$this->abort = false;
$this->newpost['action'] = $this->action;
# Check flood control (done here vice validatePermission() so we can use the return to post feature)
if (!sp_get_auth('bypass_flood_control', $this->newpost['forumid'], $this->userid)) {
$flood = sp_get_cache('floodcontrol');
if (!empty($flood) && time() < $flood) {
$this->abort = true;
$this->message = sp_text('Flood control exceeded, please slow down - Post cannot be saved yet');
return;
}
}
# Check topic name
if (empty($this->newpost['topicname'])) {
$this->abort = true;
$this->message = sp_text('No topic name has been entered and post cannot be saved');
return;
} else {
$this->newpost['topicname'] = sp_filter_title_save($this->newpost['topicname'], SFTOPICS, 'topic_name');
}
# Check Post Content
if (empty($this->newpost['postcontent'])) {
$this->abort = true;
$this->message = sp_text('No topic post has been entered and post cannot be saved');
return;
} else {
$this->newpost['postcontent_unescaped'] = sp_filter_content_save($this->newpost['postcontent'], 'new', false, SFPOSTS, 'post_content');
$this->newpost['postcontent'] = sp_filter_content_save($this->newpost['postcontent'], 'new', true, SFPOSTS, 'post_content');
}
# Check and set user names/ids etc
if ($this->guest) {
$sfguests = sp_get_option('sfguests');
if (empty($this->newpost['guestname']) || (empty($this->newpost['guestemail']) || !is_email($this->newpost['guestemail'])) && $sfguests['reqemail']) {
$this->abort = true;
$this->message = sp_text('Guest name and valid email address required');
return;
}
# force maximum lengths
$this->newpost['guestname'] = substr(sp_filter_name_save($this->newpost['guestname']), 0, 20);
$this->newpost['guestemail'] = substr(sp_filter_email_save($this->newpost['guestemail']), 0, 50);
$this->newpost['postername'] = $this->newpost['guestname'];
$this->newpost['posteremail'] = $this->newpost['guestemail'];
# check for blacklisted guest name
$blockedGuest = sp_get_option('guest-name');
if (!empty($blockedGuest)) {
$names = explode(',', $blockedGuest);
foreach ($names as $name) {
if (strtolower(trim($name)) == strtolower($this->newpost['guestname'])) {
$this->abort = true;
$this->message = sp_text('The guest name you have chosen is not allowed on this site');
return;
}
}
}
# check that the guest name is not the same as a current user
$checkdupe = spdb_table(SFMEMBERS, "display_name='" . $this->newpost['guestname'] . "'", 'display_name');
if (!empty($checkdupe)) {
$this->abort = true;
$this->message = sp_text('This user name already belongs to a forum member');
return;
}
}
# Check if links allowed or if maxmium links have been exceeded
$sffilters = sp_get_option('sffilters');
if (!$this->admin) {
$links = $this->count_links();
if (sp_get_auth('create_links', $this->newpost['forumid'], $this->userid)) {
if ($sffilters['sfmaxlinks'] > 0 && $links > $sffilters['sfmaxlinks']) {
$this->abort = true;
$this->message = sp_text('Maximum number of allowed links exceeded') . ': ' . $sffilters['sfmaxlinks'] . ' ' . sp_text('allowed');
return;
}
} else {
if ($links > 0) {
$this->abort = true;
$this->message = sp_text('You are not allowed to put links in post content');
return;
}
}
}
# Check if maxmium smileys have been exceeded
if (!$this->admin) {
if (isset($sffilters['sfmaxsmileys']) && $sffilters['sfmaxsmileys'] > 0 && $this->count_smileys() > $sffilters['sfmaxsmileys']) {
$this->abort = true;
$this->message = sp_text('Maximum number of allowed smileys exceeded') . ': ' . $sffilters['sfmaxsmileys'] . ' ' . sp_text('allowed');
return;
}
}
# Check for duplicate post of option is set
if ($this->member && $sffilters['sfdupemember'] == true || $this->guest && $sffilters['sfdupeguest'] == true) {
# But not admin or moderator
if (!$this->admin && !$this->moderator) {
$dupecheck = spdb_table(SFPOSTS, 'forum_id = ' . $this->newpost['forumid'] . ' AND topic_id=' . $this->newpost['topicid'] . " AND post_content='" . $this->newpost['postcontent'] . "' AND poster_ip='" . $this->newpost['posterip'] . "'", 'row', '', '', ARRAY_A);
if ($dupecheck) {
$this->abort = true;
$this->message = sp_text('Duplicate post refused');
return;
}
}
}
# Establish moderation status
$bypassAll = sp_get_auth('bypass_moderation', $this->newpost['forumid'], $this->userid);
$bypassOnce = sp_get_auth('bypass_moderation_once', $this->newpost['forumid'], $this->userid);
if ($bypassAll == true && $bypassOnce == true) {
$this->newpost['poststatus'] = 0;
} else {
if ($bypassAll == false && $bypassOnce == false) {
$this->newpost['poststatus'] = 1;
} else {
if ($bypassAll == true && $bypassOnce == false) {
$this->newpost['poststatus'] = 1;
if ($this->member) {
$prior = spdb_table(SFPOSTS, 'user_id=' . $this->newpost['userid'] . ' AND post_status=0', 'row', '', '1');
if ($prior) {
$this->newpost['poststatus'] = 0;
}
} else {
if ($this->guest) {
$prior = spdb_table(SFPOSTS, "guest_name='" . $this->newpost['guestname'] . "' AND guest_email='" . $this->newpost['guestemail'] . "' AND post_status=0", 'row', '', '1');
if ($prior) {
$this->newpost['poststatus'] = 0;
}
}
}
} else {
$this->newpost['poststatus'] = 1;
}
}
}
# Finally one or two other data items
if ($this->action == 'topic') {
$this->newpost['topicslug'] = sp_create_slug($this->newpost['topicname'], true, SFTOPICS, 'topic_slug');
} else {
$this->newpost['emailprefix'] = 'Re: ';
}
$this->newpost['groupname'] = sp_get_group_name_from_forum($this->newpost['forumid']);
if (empty($this->newpost['forumname'])) {
$this->newpost['forumname'] = spdb_table(SFFORUMS, "forum_slug='" . $this->newpost['forumslug'] . "'", 'forum_name');
}
$this->newpost = apply_filters('sph_post_data_validation', $this->newpost);
do_action('sph_pre_post_create', $this->newpost);
$this->newpost = apply_filters('sph_new_forum_post', $this->newpost);
}
function sp_captcha_do_check_post($newpost)
{
if (!sp_get_auth('bypass_captcha', $newpost['forumid'])) {
if (!session_id()) {
session_start();
}
if (isset($_POST['captcha']) && $_POST['captcha'] == $_SESSION['captcha']) {
unset($_SESSION['captcha']);
} else {
$newpost['error'] = __('Post cannot be saved - captcha not properly completed', 'sp-cap');
}
}
return $newpost;
}
function sp_build_name_display($userid, $username, $linkNames = 1)
{
global $spThisUser, $spVars;
$username = apply_filters('sph_build_name_display', $username, $userid);
if ($userid) {
$profile = sp_get_option('sfprofile');
if (sp_get_auth('view_profiles') && ($profile['namelink'] == 2 && $linkNames == 1)) {
# link to profile
return sp_attach_user_profile_link($userid, $username);
} else {
if ($profile['namelink'] == 3) {
# link to website
return sp_attach_user_web_link($userid, $username);
} else {
$username = apply_filters('sph_build_name_display_option', $username, $userid);
}
}
}
# neither permission or profile/web link
return $username;
}
function sp_process_profileshow_view()
{
global $spVars, $spThisUser;
if (!empty($spVars['member'])) {
$userid = (int) $spVars['member'];
$userid = spdb_table(SFMEMBERS, "user_id={$userid}", 'user_id');
} else {
$userid = $spThisUser->ID;
}
if (!sp_get_auth('view_profiles') || empty($userid) || $userid < 0) {
sp_notify(SPFAILURE, sp_text('Invalid profile request'));
return 'spDefault.php';
} else {
global $spProfileUser;
sp_SetupUserProfileData();
return 'spProfileShow.php';
}
}
function sp_listview_query($topicIds, $count, $group, $forumIds, $firstPost, $popup)
{
global $spThisUser, $spGlobals;
# If no topic ids and no count then nothjing to do - return empty
if (empty($topicIds) && $count == 0) {
return;
}
# set popup flag for new posts
$this->popup = $popup;
# Do we have enough topic ids to satisfy count?
if (empty($topicIds) || $count != 0 && count($topicIds) < $count) {
$topicIds = $this->sp_listview_populate_topicids($topicIds, $forumIds, $count);
}
# Do we havwe too many topic ids?
if ($topicIds && ($count != 0 && count($topicIds) > $count)) {
$topicIds = array_slice($topicIds, 0, $count, true);
}
if (empty($topicIds)) {
return;
}
# Construct the main WHERE clause and then main query
$where = SFTOPICS . '.topic_id IN (' . implode(',', $topicIds) . ')';
if ($group) {
$orderby = 'group_seq, forum_seq, ' . SFTOPICS . '.post_id DESC';
} else {
$orderby = SFTOPICS . '.post_id DESC';
}
$spdb = new spdbComplex();
$spdb->table = SFTOPICS;
$spdb->fields = SFTOPICS . '.forum_id, forum_name, forum_slug, forum_disabled, ' . SFTOPICS . '.topic_id, topic_name, topic_slug, topic_icon, topic_icon_new, ' . SFTOPICS . '.post_count,
' . SFTOPICS . '.post_id, post_status, post_index, ' . spdb_zone_datetime('post_date') . ',
guest_name, ' . SFPOSTS . '.user_id, post_content, display_name';
$spdb->join = array(SFFORUMS . ' ON ' . SFFORUMS . '.forum_id = ' . SFTOPICS . '.forum_id', SFGROUPS . ' ON ' . SFGROUPS . '.group_id = ' . SFFORUMS . '.group_id', SFPOSTS . ' ON ' . SFPOSTS . '.post_id = ' . SFTOPICS . '.post_id');
$spdb->left_join = array(SFMEMBERS . ' ON ' . SFMEMBERS . '.user_id = ' . SFPOSTS . '.user_id');
$spdb->where = $where;
$spdb->orderby = $orderby;
$spdb = apply_filters('sph_topic_list_query', $spdb, $this);
$records = $spdb->select();
# add filters where required plus extra data
# And the new array
$list = array();
if ($records) {
# check if all forum ids are the same
$x = current($records);
$f = $x->forum_id;
$single = 1;
foreach ($records as $r) {
if ($r->forum_id != $f) {
$single = 0;
}
}
reset($records);
$new = '';
$first = '';
# Now we can grab the supplementary post records where there may be new posts...
if ($spThisUser->member) {
$new = $this->sp_listview_populate_newposts($topicIds);
}
# go and grab the first post info if desired
if ($firstPost) {
$first = $this->sp_listview_populate_firstposts($topicIds);
}
# Some values we need
# How many topics to a page?
$ppaged = $spGlobals['display']['posts']['perpage'];
if (empty($ppaged) || $ppaged == 0) {
$ppaged = 20;
}
# establish topic sort order
$order = 'ASC';
# default
if ($spGlobals['display']['posts']['sortdesc']) {
$order = 'DESC';
}
# global override
$listPos = 1;
foreach ($records as $r) {
$show = true;
# can the user see this forum?
if (!sp_can_view($r->forum_id, 'topic-title')) {
$show = false;
}
# if in moderattion can this user approve posts?
if ($r->post_status != 0 && !sp_get_auth('moderate_posts', $r->forum_id)) {
$show = false;
}
if ($show) {
$t = $r->topic_id;
$list[$t] = new stdClass();
$list[$t]->forum_id = $r->forum_id;
$list[$t]->forum_name = sp_filter_title_display($r->forum_name);
$list[$t]->forum_disabled = $r->forum_disabled;
$list[$t]->forum_permalink = sp_build_url($r->forum_slug, '', 1, 0);
$list[$t]->topic_id = $r->topic_id;
$list[$t]->topic_name = sp_filter_title_display($r->topic_name);
$list[$t]->topic_permalink = sp_build_url($r->forum_slug, $r->topic_slug, 1, 0);
$list[$t]->topic_icon = sanitize_file_name($r->topic_icon);
$list[$t]->topic_icon_new = sanitize_file_name($r->topic_icon_new);
$list[$t]->post_count = $r->post_count;
$list[$t]->post_id = $r->post_id;
$list[$t]->post_status = $r->post_status;
$list[$t]->post_date = $r->post_date;
$list[$t]->user_id = $r->user_id;
$list[$t]->guest_name = sp_filter_name_display($r->guest_name);
$list[$t]->display_name = sp_filter_name_display($r->display_name);
if (sp_can_view($r->forum_id, 'post-content', $spThisUser->ID, $r->user_id)) {
$list[$t]->post_tip = $r->post_status ? sp_text('Post awaiting moderation') : sp_filter_tooltip_display($r->post_content, $r->post_status);
} else {
$list[$t]->post_tip = '';
}
$list[$t]->list_position = $listPos;
if (empty($r->display_name)) {
$list[$t]->display_name = $list[$t]->guest_name;
}
# Lastly determine the page for the post permalink
if ($order == 'ASC') {
$page = $r->post_index / $ppaged;
if (!is_int($page)) {
$page = intval($page + 1);
}
} else {
$page = $r->post_count - $r->post_index;
$page = $page / $ppaged;
$page = intval($page + 1);
}
$r->page = $page;
$list[$t]->post_permalink = sp_build_url($r->forum_slug, $r->topic_slug, $r->page, $r->post_id, $r->post_index);
$list[$t]->single_forum = $single;
# add in any new post details if they exist
if (!empty($new) && array_key_exists($t, $new)) {
$list[$t]->new_post_count = $new[$t]->new_post_count;
$list[$t]->new_post_post_id = $new[$t]->new_post_post_id;
$list[$t]->new_post_post_index = $new[$t]->new_post_post_index;
$list[$t]->new_post_post_date = $new[$t]->new_post_post_date;
$list[$t]->new_post_user_id = $new[$t]->new_post_user_id;
$list[$t]->new_post_display_name = $new[$t]->new_post_display_name;
$list[$t]->new_post_guest_name = $new[$t]->new_post_guest_name;
$list[$t]->new_post_permalink = sp_build_url($r->forum_slug, $r->topic_slug, 0, $new[$t]->new_post_post_id, $new[$t]->new_post_post_index);
if (empty($new[$t]->new_post_display_name)) {
$list[$t]->new_post_display_name = $new[$t]->new_post_guest_name;
}
}
# add the first post info if desired
if ($firstPost) {
$list[$t]->first_post_permalink = sp_build_url($r->forum_slug, $r->topic_slug, 0, $first[$t]->post_id, 1);
$list[$t]->first_post_date = $first[$t]->post_date;
$list[$t]->first_user_id = $first[$t]->user_id;
$list[$t]->first_guest_name = sp_filter_name_display($first[$t]->guest_name);
$list[$t]->first_display_name = sp_filter_name_display($first[$t]->display_name);
if (sp_can_view($r->forum_id, 'post-content', $spThisUser->ID, $first[$t]->user_id)) {
$list[$t]->first_post_tip = $first[$t]->post_status ? sp_text('Post awaiting moderation') : sp_filter_tooltip_display($first[$t]->post_content, $first[$t]->post_status);
} else {
$list[$t]->first_post_tip = '';
}
if (empty($list[$t]->first_display_name)) {
$list[$t]->first_display_name = $list[$t]->first_guest_name;
}
}
$list[$t] = apply_filters('sph_topic_list_record', $list[$t], $r);
$listPos++;
}
}
unset($records);
unset($new);
unset($first);
}
return $list;
}
function sp_load_forum_scripts()
{
global $spVars, $spThisUser, $spMobile, $spDevice;
$footer = sp_get_option('sfscriptfoot') ? true : false;
do_action('sph_scripts_start', $footer);
$script = defined('SP_SCRIPTS_DEBUG') && SP_SCRIPTS_DEBUG ? SFJSCRIPT . 'sp-forum-dev.js' : SFJSCRIPT . 'sp-forum.js';
sp_plugin_enqueue_script('spforum', $script, array('jquery', 'jquery-form'), false, $footer);
$target = isset($spVars['forumid']) ? $spVars['forumid'] : 'global';
$strings = array('problem' => sp_text('Unable to save'), 'noguestname' => sp_text('No guest username entered'), 'noguestemail' => sp_text('No guest email Entered'), 'notopictitle' => sp_text('No topic title entered'), 'nomath' => sp_text('Spam math unanswered'), 'nocontent' => sp_text('No post content entered'), 'rejected' => sp_text('This post is rejected because it contains embedded formatting, probably pasted in form MS Word or other WYSIWYG editor'), 'iframe' => sp_text('This post contains an iframe which are disallowed'), 'savingpost' => sp_text('Saving post'), 'nosearch' => sp_text('No search text entered'), 'allwordmin' => sp_text('Minimum number of characters that can be used for a search word is'), 'somewordmin' => sp_text('Not all words can be used for the search as minimum word length is'), 'wait' => sp_text('Please wait'), 'deletepost' => sp_text('Are you sure you want to delete this post?'), 'deletetopic' => sp_text('Are you sure you want to delete this topic?'), 'topicdeleted' => sp_text('Topic deleted'), 'postdeleted' => sp_text('Post deleted'), 'markread' => sp_text('All posts marked as read'), 'pinpost' => sp_text('Post pin status toggled'), 'pintopic' => sp_text('Topic pin status toggled'), 'locktopic' => sp_text('Topic lock status toggled'));
$strings = apply_filters('sph_forum_vars', $strings);
sp_plugin_localize_script('spforum', 'sp_forum_vars', $strings);
# Older themes (Unified) define a constant SP_MOBILE_THEME now being deprecated.
# if this constant exists (custom Unfied theme) swap for theme cap registration
if (defined('SP_MOBILE_THEME') && SP_MOBILE_THEME) {
add_theme_support('sp-theme-responsive');
}
# sp_platform_vars is not static so cannot be in combined js cache and cannote use localize script
$tooltips = defined('SP_TOOLTIPS') ? SP_TOOLTIPS : true;
$mobtheme = current_theme_supports('sp-theme-responsive') ? 1 : 0;
$checkboxes = defined('SP_USE_PRETTY_CBOX') ? SP_USE_PRETTY_CBOX : false;
$iframe = sp_get_auth('can_use_iframes', $target, $spThisUser->ID) ? 'no' : 'yes';
?>
<script type='text/javascript'>
/* <![CDATA[ */
var sp_platform_vars = {
"focus":"forum",
"mobile":"<?php
echo $spMobile;
?>
",
"device":"<?php
echo $spDevice;
?>
",
"tooltips":"<?php
echo $tooltips;
?>
",
"mobiletheme":"<?php
echo $mobtheme;
?>
",
"checkboxes":"<?php
echo $checkboxes;
?>
",
"headpadding":"<?php
echo sp_get_option('spheaderspace');
?>
",
"saveprocess": 0,
"checkiframe":"<?php
echo $iframe;
?>
",
<?php
do_action('sph_platform_vars');
?>
};
/* ]]> */
</script>
<?php
$script = defined('SP_SCRIPTS_DEBUG') && SP_SCRIPTS_DEBUG ? SFCJSCRIPT . 'sp-common-dev.js' : SFCJSCRIPT . 'sp-common.js';
sp_plugin_enqueue_script('spcommon', $script, array('jquery', 'jquery-ui-core', 'jquery-ui-widget', 'jquery-ui-dialog', 'jquery-ui-autocomplete', 'jquery-effects-slide'), false, $footer);
if ($checkboxes) {
$script = defined('SP_SCRIPTS_DEBUG') && SP_SCRIPTS_DEBUG ? SFCJSCRIPT . 'checkboxes/prettyCheckboxes-dev.js' : SFCJSCRIPT . 'checkboxes/prettyCheckboxes.js';
sp_plugin_enqueue_script('jquery.checkboxes', $script, array('jquery'), false, $footer);
}
$script = defined('SP_SCRIPTS_DEBUG') && SP_SCRIPTS_DEBUG ? SFJSCRIPT . 'print-this/printThis-dev.js' : SFJSCRIPT . 'print-this/printThis.js';
sp_plugin_enqueue_script('sfprintthis', $script, array('jquery'), false, $footer);
# Dialog boxes and other jQuery UI components
$script = defined('SP_SCRIPTS_DEBUG') && SP_SCRIPTS_DEBUG ? SFJSCRIPT . 'msdropdown/msdropdown-dev.js' : SFJSCRIPT . 'msdropdown/msdropdown.js';
sp_plugin_enqueue_script('jquery.ui.msdropdown', $script, array('jquery', 'jquery-ui-core', 'jquery-ui-widget'), false, $footer);
if ($spDevice != 'desktop') {
sp_plugin_enqueue_script('jquery-touch-punch', false, array('jquery', 'jquery-ui-core', 'jquery-ui-widget', 'jquery-ui-mouse'), false, $footer);
$script = defined('SP_SCRIPTS_DEBUG') && SP_SCRIPTS_DEBUG ? SFJSCRIPT . 'mobile/sp-mobilemenu-dev.js' : SFJSCRIPT . 'mobile/sp-mobilemenu.js';
sp_plugin_enqueue_script('jquery.spmobilemenu', $script, array('jquery'), false, $footer);
} else {
sp_plugin_enqueue_script('jquery-ui-tooltip', false, array('jquery', 'jquery-ui-core', 'jquery-ui-widget'), false, $footer);
}
sp_plugin_enqueue_script('jquery.tools', SFJSCRIPT . 'jquery-tools/jquery.tools.min.js', array('jquery', 'jquery-ui-core', 'jquery-ui-widget'), false, $footer);
# password strength meter on profile
if ($spVars['pageview'] == 'profileedit') {
wp_enqueue_script('user-profile');
}
# tell plugins to enqueue their scripts
do_action('sph_print_plugin_scripts', $footer);
$combine_js = sp_get_option('combinejs');
if ($combine_js) {
# use compressed scripts
sp_combine_plugin_script_files();
} else {
# use individual scripts
global $sp_plugin_scripts, $wp_scripts;
if (!empty($sp_plugin_scripts)) {
foreach ($sp_plugin_scripts->queue as $handle) {
# enqueue with wp
$f = empty($sp_plugin_scripts->registered[$handle]->extra['group']) || $sp_plugin_scripts->registered[$handle]->extra['group'] == 0 ? false : true;
$plugin_footer = is_array($sp_plugin_scripts->registered[$handle]->extra) && $f == 1 ? true : false;
wp_enqueue_script($handle, $sp_plugin_scripts->registered[$handle]->src, $sp_plugin_scripts->registered[$handle]->deps, false, $plugin_footer);
# too late to register script since already formatted - so just set the wp script data equal it our localized data
$data = $sp_plugin_scripts->get_data($handle, 'data');
$wp_scripts->registered[$handle]->extra['data'] = $data;
}
}
}
do_action('sph_scripts_end', $footer);
}
function sp_UpdateProfile()
{
global $spGlobals, $spThisUser;
# make sure nonce is there
check_admin_referer('forum-profile', 'forum-profile');
$message = array();
# dont update forum if its locked down
if ($spGlobals['lockdown']) {
$message['type'] = 'error';
$message['text'] = sp_text('This forum is currently locked - access is read only - profile not updated');
return $message;
}
# do we have a form to update?
if (isset($_GET['form'])) {
$thisForm = sp_esc_str($_GET['form']);
} else {
$message['type'] = 'error';
$message['text'] = sp_text('Profile update aborted - no valid form');
return $message;
}
# do we have an actual user to update?
if (isset($_GET['userid'])) {
$thisUser = sp_esc_int($_GET['userid']);
} else {
$message['type'] = 'error';
$message['text'] = sp_text('Profile update aborted - no valid user');
return $message;
}
# Check the user ID for current user of admin edit
if ($thisUser != $spThisUser->ID && !$spThisUser->admin) {
$message['type'] = 'error';
$message['text'] = sp_text('Profile update aborted - no valid user');
return $message;
}
if (isset($spThisUser->sp_change_pw) && $spThisUser->sp_change_pw) {
$pass1 = $pass2 = '';
if (isset($_POST['pass1'])) {
$pass1 = $_POST['pass1'];
}
if (isset($_POST['pass2'])) {
$pass2 = $_POST['pass2'];
}
if (empty($pass1) || empty($pass2) || $pass1 != $pass2) {
$message['type'] = 'error';
$message['text'] = sp_text('Cannot save profile until password has been changed');
return $message;
}
}
# form save filter
$thisForm = apply_filters('sph_profile_save_thisForm', $thisForm);
# valid save attempt, so lets process the save
switch ($thisForm) {
case 'show-memberships':
# update memberships
# any usergroup removals?
if (isset($_POST['usergroup_leave'])) {
foreach ($_POST['usergroup_leave'] as $membership) {
sp_remove_membership(sp_esc_str($membership), $thisUser);
}
}
# any usergroup joins?
if (isset($_POST['usergroup_join'])) {
foreach ($_POST['usergroup_join'] as $membership) {
sp_add_membership(sp_esc_int($membership), $thisUser);
}
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfileMemberships', $message, $thisUser);
# output update message
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Memberships updated');
}
break;
case 'account-settings':
# update account settings
# check for password update
$pass1 = $pass2 = '';
if (isset($_POST['pass1'])) {
$pass1 = $_POST['pass1'];
}
if (isset($_POST['pass2'])) {
$pass2 = $_POST['pass2'];
}
if (!empty($pass1) || !empty($pass2)) {
if ($pass1 != $pass2) {
$message['type'] = 'error';
$message['text'] = sp_text('Please enter the same password in the two password fields');
return $message;
} else {
# update the password
$user = new stdClass();
$user->ID = (int) $thisUser;
$user->user_pass = $pass1;
wp_update_user(get_object_vars($user));
if (isset($spThisUser->sp_change_pw) && $spThisUser->sp_change_pw) {
delete_user_meta($spThisUser->ID, 'sp_change_pw');
}
}
}
# now check the email is valid and unique
$update = apply_filters('sph_ProfileUserEmailUpdate', true);
if ($update) {
$curEmail = sp_filter_email_save($_POST['curemail']);
$email = sp_filter_email_save($_POST['email']);
if ($email != $curEmail) {
if (empty($email)) {
$message['type'] = 'error';
$message['text'] = sp_text('Please enter a valid email address');
return $message;
} elseif (($owner_id = email_exists($email)) && $owner_id != $thisUser) {
$message['type'] = 'error';
$message['text'] = sp_text('The email address is already registered. Please choose another one');
return $message;
}
# save new email address
$sql = 'UPDATE ' . SFUSERS . " SET user_email='{$email}' WHERE ID=" . $thisUser;
spdb_query($sql);
}
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfileSettings', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Account settings updated');
}
break;
case 'edit-profile':
# update profile settings
# validate any username change
$update = apply_filters('sph_ProfileUserDisplayNameUpdate', true);
if ($update) {
$spProfile = sp_get_option('sfprofile');
if ($spProfile['nameformat'] || $spThisUser->admin) {
$display_name = !empty($_POST['display_name']) ? trim($_POST['display_name']) : spdb_table(SFUSERS, "ID={$thisUser}", 'user_login');
$display_name = sp_filter_name_save($display_name);
# make sure display name isnt already used
if ($_POST['oldname'] != $display_name) {
$records = spdb_table(SFMEMBERS, "display_name='{$display_name}'");
if ($records) {
foreach ($records as $record) {
if ($record->user_id != $thisUser) {
$message['type'] = 'error';
$message['text'] = $display_name . ' ' . sp_text('is already in use - please choose a different display name');
return $message;
}
}
}
# validate display name
$errors = new WP_Error();
$user = new stdClass();
$user->display_name = $display_name;
sp_validate_display_name($errors, true, $user);
if ($errors->get_error_codes()) {
$message['type'] = 'error';
$message['text'] = sp_text('The display name you have chosen is not allowed on this site');
return $message;
}
# now save the display name
sp_update_member_item($thisUser, 'display_name', $display_name);
# Update new users list with changed display name
sp_update_newuser_name(sp_filter_name_save($_POST['oldname']), $display_name);
# do we need to sync display name with wp?
$options = sp_get_member_item($thisUser, 'user_options');
if ($options['namesync']) {
spdb_query('UPDATE ' . SFUSERS . ' SET display_name="' . $display_name . '" WHERE ID=' . $thisUser);
}
}
}
}
# save the url
$update = apply_filters('sph_ProfileUserWebsiteUpdate', true);
if ($update) {
$url = sp_filter_url_save($_POST['website']);
$sql = 'UPDATE ' . SFUSERS . ' SET user_url="' . $url . '" WHERE ID=' . $thisUser;
spdb_query($sql);
}
# update first name, last name, location and biorgraphy
$update = apply_filters('sph_ProfileUserFirstNameUpdate', true);
if ($update) {
update_user_meta($thisUser, 'first_name', sp_filter_name_save(trim($_POST['first_name'])));
}
$update = apply_filters('sph_ProfileUserLastNameUpdate', true);
if ($update) {
update_user_meta($thisUser, 'last_name', sp_filter_name_save(trim($_POST['last_name'])));
}
$update = apply_filters('sph_ProfileUserLocationUpdate', true);
if ($update) {
update_user_meta($thisUser, 'location', sp_filter_title_save(trim($_POST['location'])));
}
$update = apply_filters('sph_ProfileUserBiographyUpdate', true);
if ($update) {
update_user_meta($thisUser, 'description', sp_filter_save_kses($_POST['description']));
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfileProfile', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Profile settings updated');
}
break;
case 'edit-identities':
# update identity settings
# update the user identities
$update = apply_filters('sph_ProfileUserAIMUpdate', true);
if ($update) {
update_user_meta($thisUser, 'aim', sp_filter_title_save(trim($_POST['aim'])));
}
$update = apply_filters('sph_ProfileUserYahooUpdate', true);
if ($update) {
update_user_meta($thisUser, 'yim', sp_filter_title_save(trim($_POST['yim'])));
}
$update = apply_filters('sph_ProfileUserGoogleUpdate', true);
if ($update) {
update_user_meta($thisUser, 'jabber', sp_filter_title_save(trim($_POST['jabber'])));
}
$update = apply_filters('sph_ProfileUserMSNUpdate', true);
if ($update) {
update_user_meta($thisUser, 'msn', sp_filter_title_save(trim($_POST['msn'])));
}
$update = apply_filters('sph_ProfileUserICQUpdate', true);
if ($update) {
update_user_meta($thisUser, 'icq', sp_filter_title_save(trim($_POST['icq'])));
}
$update = apply_filters('sph_ProfileUserSkypeUpdate', true);
if ($update) {
update_user_meta($thisUser, 'skype', sp_filter_title_save(trim($_POST['skype'])));
}
$update = apply_filters('sph_ProfileUserFacebookUpdate', true);
if ($update) {
update_user_meta($thisUser, 'facebook', sp_filter_title_save(trim($_POST['facebook'])));
}
$update = apply_filters('sph_ProfileUserMySpaceUpdate', true);
if ($update) {
update_user_meta($thisUser, 'myspace', sp_filter_title_save(trim($_POST['myspace'])));
}
$update = apply_filters('sph_ProfileUserTwitterUpdate', true);
if ($update) {
update_user_meta($thisUser, 'twitter', sp_filter_title_save(trim($_POST['twitter'])));
}
$update = apply_filters('sph_ProfileUserLinkedInUpdate', true);
if ($update) {
update_user_meta($thisUser, 'linkedin', sp_filter_title_save(trim($_POST['linkedin'])));
}
$update = apply_filters('sph_ProfileUserYouTubeUpdate', true);
if ($update) {
update_user_meta($thisUser, 'youtube', sp_filter_title_save(trim($_POST['youtube'])));
}
$update = apply_filters('sph_ProfileUserGooglePlusUpdate', true);
if ($update) {
update_user_meta($thisUser, 'googleplus', sp_filter_title_save(trim($_POST['googleplus'])));
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfileIdentities', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Identities updated');
}
break;
case 'avatar-upload':
# upload avatar
# did we get an avatar to upload?
if (empty($_FILES['avatar-upload']['name'])) {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the avatar filename was empty');
return $message;
}
# Verify the file extension
global $spPaths;
$uploaddir = SF_STORE_DIR . '/' . $spPaths['avatars'] . '/';
$filename = basename($_FILES['avatar-upload']['name']);
$path = pathinfo($filename);
$ext = strtolower($path['extension']);
if ($ext != 'jpg' && $ext != 'jpeg' && $ext != 'gif' && $ext != 'png') {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, only JPG, JPEG, PNG, or GIF files are allowed');
return $message;
}
# check image file mimetype
$mimetype = 0;
$mimetype = exif_imagetype($_FILES['avatar-upload']['tmp_name']);
if (empty($mimetype) || $mimetype == 0 || $mimetype > 3) {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the avatar file is an invalid format');
return $message;
}
# make sure file extension and mime type actually match
if ($mimetype == 1 && $ext != 'gif' || $mimetype == 2 && ($ext != 'jpg' && $ext != 'jpeg') || $mimetype == 3 && $ext != 'png') {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the file mime type does not match file extension');
return $message;
}
# Clean up file name just in case
$filename = date('U') . sp_filter_filename_save(basename($_FILES['avatar-upload']['name']));
$uploadfile = $uploaddir . $filename;
# check for existence
if (file_exists($uploadfile)) {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the avatar file already exists');
return $message;
}
# check file size against limit if provided
$spAvatars = sp_get_option('sfavatars');
if ($_FILES['avatar-upload']['size'] > $spAvatars['sfavatarfilesize']) {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the avatar file exceeds the maximum allowed size');
return $message;
}
# valid avatar, so try moving the uploaded file to the avatar storage directory
if (move_uploaded_file($_FILES['avatar-upload']['tmp_name'], $uploadfile)) {
@chmod("{$uploadfile}", 0644);
# do we need to resize?
$sfavatars = sp_get_option('sfavatars');
if ($sfavatars['sfavatarresize']) {
$editor = wp_get_image_editor($uploadfile);
if (is_wp_error($editor)) {
@unlink($uploadfile);
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, there was a problem resizing the avatar');
return $message;
} else {
$editor->resize($sfavatars['sfavatarsize'], $sfavatars['sfavatarsize'], true);
$imageinfo = $editor->save($uploadfile);
$filename = $imageinfo['file'];
}
}
# update member avatar data
$avatar = sp_get_member_item($thisUser, 'avatar');
$avatar['uploaded'] = $filename;
sp_update_member_item($thisUser, 'avatar', $avatar);
} else {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the avatar file could not be moved to the avatar storage location');
return $message;
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfileAvatarUpload', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Uploaded avatar updated');
}
break;
case 'avatar-pool':
# pool avatar
# get pool avatar name
$filename = sp_filter_filename_save($_POST['spPoolAvatar']);
# error if no pool avatar provided
if (empty($filename)) {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, you must select a pool avatar before trying to save it');
return $message;
}
# save the pool avatar
$avatar = sp_get_member_item($thisUser, 'avatar');
$avatar['pool'] = $filename;
sp_update_member_item($thisUser, 'avatar', $avatar);
# fire action for plugins
$message = apply_filters('sph_UpdateProfileAvatarPool', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Pool avatar updated');
}
break;
case 'avatar-remote':
# remote avatar
# get remote avatar name
$filename = sp_filter_url_save($_POST['spAvatarRemote']);
$avatar = sp_get_member_item($thisUser, 'avatar');
$avatar['remote'] = $filename;
sp_update_member_item($thisUser, 'avatar', $avatar);
# fire action for plugins
$message = apply_filters('sph_UpdateProfileAvatarRemote', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Remote avatar updated');
}
break;
case 'edit-signature':
# save signature
# Check if maxmium links has been exceeded
$numLinks = substr_count($_POST['postitem'], '</a>');
$spFilters = sp_get_option('sffilters');
if (!sp_get_auth('create_links', 'global', $thisUser) && $numLinks > 0 && !$spThisUser->admin) {
$message['type'] = 'error';
$message['text'] = sp_text('You are not allowed to put links in signatures');
return $message;
}
if (sp_get_auth('create_links', 'global', $thisUser) && $spFilters['sfmaxlinks'] != 0 && $numLinks > $spFilters['sfmaxlinks'] && !$spThisUser->admin) {
$message['type'] = 'error';
$message['text'] = sp_text('Maximum number of allowed links exceeded in signature') . ': ' . $spFilters['sfmaxlinks'] . ' ' . sp_text('allowed');
return $message;
}
// $sig = esc_sql(sp_filter_save_kses(trim($_POST['postitem'])));
$sig = sp_filter_content_save($_POST['postitem'], 'edit');
sp_update_member_item($thisUser, 'signature', $sig);
# fire action for plugins
$message = apply_filters('sph_UpdateProfileSignature', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Signature updated');
}
break;
case 'edit-photos':
# save photos
$photos = array();
$spProfileOptions = sp_get_option('sfprofile');
for ($x = 0; $x < $spProfileOptions['photosmax']; $x++) {
$photos[$x] = sp_filter_url_save($_POST['photo' . $x]);
}
update_user_meta($thisUser, 'photos', $photos);
# fire action for plugins
$message = apply_filters('sph_UpdateProfilePhotos', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Photos updated');
}
break;
case 'edit-global-options':
# save global options
$options = sp_get_member_item($thisUser, 'user_options');
$options['hidestatus'] = isset($_POST['hidestatus']) ? true : false;
$update = apply_filters('sph_ProfileUserSyncNameUpdate', true);
if ($update) {
$options['namesync'] = isset($_POST['namesync']) ? true : false;
}
sp_update_member_item($thisUser, 'user_options', $options);
# fire action for plugins
$message = apply_filters('sph_UpdateProfileGlobalOptions', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Global options updated');
}
break;
case 'edit-posting-options':
# save posting options
$update = apply_filters('sph_ProfileUserEditorUpdate', true);
if ($update) {
$options = sp_get_member_item($thisUser, 'user_options');
if (isset($_POST['editor'])) {
$options['editor'] = sp_esc_int($_POST['editor']);
}
sp_update_member_item($thisUser, 'user_options', $options);
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfilePostingOptions', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Posting options updated');
}
break;
case 'edit-display-options':
# save display options
$options = sp_get_member_item($thisUser, 'user_options');
if (isset($_POST['timezone'])) {
if (preg_match('/^UTC[+-]/', $_POST['timezone'])) {
# correct for manual UTC offets
$userOffset = preg_replace('/UTC\\+?/', '', $_POST['timezone']) * 3600;
} else {
# get timezone offset for user
$date_time_zone_selected = new DateTimeZone(sp_esc_str($_POST['timezone']));
$userOffset = timezone_offset_get($date_time_zone_selected, date_create());
}
# get timezone offset for server based on wp settings
$wptz = get_option('timezone_string');
if (empty($wptz)) {
$serverOffset = get_option('gmt_offset');
} else {
$date_time_zone_selected = new DateTimeZone($wptz);
$serverOffset = timezone_offset_get($date_time_zone_selected, date_create());
}
# calculate time offset between user and server
$options['timezone'] = (int) round(($userOffset - $serverOffset) / 3600, 2);
$options['timezone_string'] = sp_esc_str($_POST['timezone']);
} else {
$options['timezone'] = 0;
$options['timezone_string'] = 'UTC';
}
if (isset($_POST['unreadposts'])) {
$sfcontrols = sp_get_option('sfcontrols');
$options['unreadposts'] = is_numeric($_POST['unreadposts']) ? max(min(sp_esc_int($_POST['unreadposts']), $sfcontrols['sfmaxunreadposts']), 0) : $sfcontrols['sfdefunreadposts'];
}
$options['topicASC'] = isset($_POST['topicASC']);
$options['postDESC'] = isset($_POST['postDESC']);
sp_update_member_item($thisUser, 'user_options', $options);
# fire action for plugins
$message = apply_filters('sph_UpdateProfileDisplayOptions', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Display options updated');
}
break;
default:
break;
}
# let plugins do their thing on success
$message = apply_filters('sph_ProfileFormSave_' . $thisForm, $message, $thisUser, $thisForm);
do_action('sph_UpdateProfile', $thisUser, $thisForm);
# reset the plugin_data just in case
sp_reset_member_plugindata($thisUser);
# done saving - return the messages
return $message;
}
function sp_unapprove_post($postid = 0, $show = true)
{
global $spVars, $spThisUser;
if ($postid == 0) {
return;
}
if (!sp_get_auth('moderate_posts', $spVars['forumid'])) {
if ($show) {
if (!is_user_logged_in()) {
$msg = sp_text('Access denied - are you logged in?');
} else {
$msg = sp_text('Access denied - you do not have permission');
}
sp_notify(SPFAILURE, $msg);
}
return;
}
$success = spdb_query('UPDATE ' . SFPOSTS . " SET post_status=1 WHERE post_id={$postid}");
if ($success == false) {
if ($show) {
sp_notify(SPFAILURE, sp_text('Post unapproval failed'));
}
} else {
if ($show) {
sp_notify(SPSUCCESS, sp_text('Post unapproved'));
}
# add to waiting list
$post = spdb_select('row', 'SELECT * FROM ' . SFPOSTS . " WHERE post_id={$postid}");
$topic = spdb_select('row', 'SELECT * FROM ' . SFTOPICS . " WHERE topic_id={$post->topic_id}");
sp_add_to_waiting($post->topic_id, $post->forum_id, $post->post_id, $post->user_id);
$nData = array();
$nData['user_id'] = $post->user_id;
$nData['guest_email'] = isset($post->guestemail) ? $post->guestemail : '';
$nData['post_id'] = $post->post_id;
$nData['link'] = sp_permalink_from_postid($post->post_id);
$nData['link_text'] = $topic->topic_name;
$nData['message'] = sp_text('Your post is awaiting moderation in the topic');
$nData['expires'] = time() + 30 * 24 * 60 * 60;
# 30 days; 24 hours; 60 mins; 60secs
sp_add_notice($nData);
# flush and rebuild topic cache
sp_rebuild_topic_cache();
sp_build_post_index($post->topic_id);
sp_build_forum_index($post->forum_id);
do_action('sph_post_unapproved', $post->post_id, $spThisUser->ID);
}
}
function sp_render_add_topic_form($args)
{
global $spVars, $spGlobals, $spThisForum, $spThisUser, $spGuestCookie;
include_once SF_PLUGIN_DIR . '/forum/content/forms/sp-form-components.php';
$toolbar = $spGlobals['display']['editor']['toolbar'];
$defs = array('tagClass' => 'spForm', 'hide' => 1, 'controlFieldset' => 'spEditorFieldset', 'controlInput' => 'spControl', 'controlSubmit' => 'spSubmit', 'controlOrder' => 'cancel|save', 'maxTitleLength' => 200, 'labelHeading' => sp_text('Add Topic'), 'labelGuestName' => sp_text('Guest name (required)'), 'labelGuestEmail' => sp_text('Guest email (required)'), 'labelModerateAll' => sp_text('NOTE: new posts are subject to administrator approval before being displayed'), 'labelModerateOnce' => sp_text('NOTE: first posts are subject to administrator approval before being displayed'), 'labelTopicName' => sp_text('Topic name'), 'labelSmileys' => sp_text('Smileys'), 'labelOptions' => sp_text('Options'), 'labelOptionLock' => sp_text('Lock this topic'), 'labelOptionPin' => sp_text('Pin this post'), 'labelOptionTime' => sp_text('Edit post timestamp'), 'labelMath' => sp_text('Math Required'), 'labelMathSum' => sp_text('What is the sum of'), 'labelPostButtonReady' => sp_text('Submit Topic'), 'labelPostButtonMath' => sp_text('Do Math To Save'), 'labelPostCancel' => sp_text('Cancel'), 'tipSmileysButton' => sp_text('Open/Close to Add a Smiley'), 'tipOptionsButton' => sp_text('Open/Close to select Posting Options'), 'tipSubmitButton' => sp_text('Save the New Topic'), 'tipCancelButton' => sp_text('Cancel the New Topic'));
$a = wp_parse_args($args, $defs);
extract($a, EXTR_SKIP);
# sanitize
$tagClass = esc_attr($tagClass);
$hide = (int) $hide;
$controlFieldset = esc_attr($controlFieldset);
$controlInput = esc_attr($controlInput);
$maxTitleLength = (int) $maxTitleLength;
$labelHeading = sp_filter_title_display($labelHeading);
$labelGuestName = sp_filter_title_display($labelGuestName);
$labelGuestEmail = sp_filter_title_display($labelGuestEmail);
$labelModerateAll = sp_filter_title_display($labelModerateAll);
$labelModerateOnce = sp_filter_title_display($labelModerateOnce);
$labelTopicName = sp_filter_title_display($labelTopicName);
# Check for a failure package in case this is a redirect
$f = sp_get_cache('post');
if (isset($f['guestname']) ? $guestnameval = $f['guestname'] : ($guestnameval = $spGuestCookie->guest_name)) {
}
if (isset($f['guestemail']) ? $guestemailval = $f['guestemail'] : ($guestemailval = $spGuestCookie->guest_email)) {
}
if (isset($f['newtopicname']) ? $topicnameval = $f['newtopicname'] : ($topicnameval = '')) {
}
if (isset($f['postitem']) ? $postitemval = $f['postitem'] : ($postitemval = '')) {
}
if (isset($f['message']) ? $failmessage = $f['message'] : ($failmessage = '')) {
}
$captchaValue = sp_get_option('captcha-value');
$out = '';
# Grab above editor message if there is one
$postmsg = sp_get_option('sfpostmsg');
# Grab in-editor message if one
$inEdMsg = sp_filter_text_display(sp_get_option('sfeditormsg'));
if ($hide ? $hide = ' style="display:none;"' : ($hide = '')) {
}
$out .= '<div id="spPostForm"' . $hide . '>' . "\n";
$out .= "<form class='{$tagClass}' action='" . SFHOMEURL . "index.php?sp_ahah=post&sfnonce=" . wp_create_nonce('forum-ahah') . "' method='post' id='addtopic' name='addtopic' onsubmit='return spjValidatePostForm(this, {$spThisUser->guest}, 1, \"" . sp_paint_file_icon(SPTHEMEICONSURL, 'sp_Success.png') . "\");'>\n";
$out .= sp_create_nonce('forum-userform_addtopic');
$out .= '<div class="spEditor">' . "\n";
$out = apply_filters('sph_topic_editor_top', $out, $spThisForum);
$out .= "<fieldset class='{$controlFieldset}'>\n";
$out .= "<legend>{$labelHeading}: " . $spThisForum->forum_name . "</legend>\n";
$out .= "<input type='hidden' name='action' value='topic' />\n";
$out .= "<input type='hidden' name='forumid' value='{$spThisForum->forum_id}' />\n";
$out .= "<input type='hidden' name='forumslug' value='{$spThisForum->forum_slug}' />\n";
$out .= "<input type='hidden' name='captcha' value='{$captchaValue}' />\n";
# input field that plugins can use
$out .= "<input type='hidden' id='spEditorCustomValue' name='spEditorCustomValue' value='' />\n";
# plugins can add before the header
$out = apply_filters('sph_topic_before_editor_header', $out, $spThisForum, $a);
$tout = '';
$tout .= '<div class="spEditorSection">';
# let plugins add stuff at top of editor header
$tout = apply_filters('sph_topic_editor_header_top', $tout, $spThisForum, $a);
if (!empty($postmsg['sfpostmsgtopic'])) {
$tout .= '<div class="spEditorMessage">' . sp_filter_text_display($postmsg['sfpostmsgtext']) . '</div>' . "\n";
}
# create an empty div to allow plugins to add something
$tout .= '<div id="spEditorCustomDiv"></div>';
if ($spThisUser->guest) {
$tout .= '<div class="spEditorSectionLeft">' . "\n";
$tout .= "<div class='spEditorTitle'>{$labelGuestName}:\n";
$tout .= "<input type='text' tabindex='100' class='{$controlInput}' name='guestname' value='{$guestnameval}' /></div>\n";
$tout .= '</div>' . "\n";
$sfguests = sp_get_option('sfguests');
if ($sfguests['reqemail']) {
$tout .= '<div class="spEditorSectionRight">' . "\n";
$tout .= "<div class='spEditorTitle'>{$labelGuestEmail}:\n";
$tout .= "<input type='text' tabindex='101' class='{$controlInput}' name='guestemail' value='{$guestemailval}' /></div>\n";
$tout .= '</div>' . "\n";
}
$tout .= '<div class="spClear"></div>' . "\n";
}
if (!sp_get_auth('bypass_moderation', $spThisForum->forum_id)) {
$tout .= "<p class='spLabelSmall'>{$labelModerateAll}</p>\n";
} elseif (!sp_get_auth('bypass_moderation_once', $spThisForum->forum_id)) {
$tout .= "<p class='spLabelSmall'>{$labelModerateOnce}</p>\n";
}
$tout2 = '';
$tout2 .= "<div class='spEditorTitle'>{$labelTopicName}: \n";
$tout2 .= "<input id='spTopicTitle' type='text' tabindex='102' class='{$controlInput}' maxlength='{$maxTitleLength}' name='newtopicname' value='{$topicnameval}'/>\n";
$tout2 = apply_filters('sph_topic_editor_name', $tout2, $a);
$tout2 .= '</div>' . "\n";
$tout .= apply_filters('sph_topic_editor_title', $tout2, $spThisForum, $a);
# let plugins add stuff at bottom of editor header
$tout = apply_filters('sph_topic_editor_header_bottom', $tout, $spThisForum, $a);
$tout .= '</div>' . "\n";
# allow plugins to filter just the header
$out .= apply_filters('sph_topic_editor_header', $tout, $spThisForum, $a);
# do we have content? Or just add any inline message
if (empty($postitemval)) {
$postitemval = $inEdMsg;
}
# Display the selected editor
$tout = '';
$tout .= '<div id="spEditorContent">' . "\n";
$tout .= sp_setup_editor(103, $postitemval);
$tout .= '</div>' . "\n";
# allow plugins to filter the editor content
$out .= apply_filters('sph_topic_editor_content', $tout, $spThisForum, $a);
# define area above toolbar for plugins to add components
$section = apply_filters('sph_topic_editor_above_toolbar', '', $spThisForum, $a);
if (!empty($section)) {
$tout = '';
$tout .= '<div class="spEditorSection">';
$tout .= $section;
$tout .= '</div>' . "\n";
$out .= apply_filters('sph_topic_editor_above_toolbar_end', $tout, $spThisForum, $a);
}
# DEFINE NEW FAILURE AREA HERE
# define validation failure notice area
$out .= "<div class='spClear'></div>\n";
$out .= "<div id='spPostNotifications'>{$failmessage}</div>\n";
# TOOLBAR
# define toolbar - submit buttons on right, plugin extensions on left
$toolbarRight = apply_filters('sph_topic_editor_toolbar_submit', '', $spThisForum, $a, 'toolbar');
$toolbarLeft = apply_filters('sph_topic_editor_toolbar_buttons', '', $spThisForum, $a, 'toolbar');
if (!empty($toolbarRight) || !empty($toolbarLeft)) {
# Submit section
$tout = '';
$tout .= '<div class="spEditorSection spEditorToolbar">';
$tout .= $toolbarRight;
# toolbar for plugins to add buttons
$tout .= $toolbarLeft;
$out .= apply_filters('sph_topic_editor_toolbar', $tout, $spThisForum, $a, 'toolbar');
$out .= '<div style="clear:both"></div>';
$out .= '</div>' . "\n";
}
# START SMILEYS/OPTIONS
# let plugins add stuff at top of editor footer
$tout = '';
$tout = apply_filters('sph_topic_editor_footer_top', $tout, $spThisForum, $a);
# smileys and options
$tout = apply_filters('sp_topic_editor_inline_footer', $tout, $spThisForum, $a, 'inline');
# let plugins add stuff at end of editor footer
$tout = apply_filters('sph_topic_editor_footer_bottom', $tout, $spThisForum, $a);
# plugins can remove or adjust whole footer
$out .= apply_filters('sph_topic_editor_footer', $tout, $spThisForum, $a);
# allow plugins to insert stuff after editor footer
$out = apply_filters('sph_topic_editor_after_footer', $out, $spThisForum, $a);
# START SUBMIT SECTION
# define submit section of no toolbar in use
if (!$toolbar) {
$out .= '<div class="spEditorSubmit">' . "\n";
$out = apply_filters('sph_topic_editor_submit_top', $out, $spThisForum, $a);
# let plugins add/remove the controls area
$tout = apply_filters('sp_topic_editor_inline_submit', '', $spThisForum, $a, 'inline');
# let plugins add stuff at end of editor submit bottom
$out .= apply_filters('sph_topic_editor_submit_bottom', $tout, $spThisForum, $a);
$out .= '</div>' . "\n";
}
# close it up
$out .= '</fieldset>' . "\n";
$out = apply_filters('sph_topic_editor_bottom', $out, $spThisForum, $a);
$out .= '</div>' . "\n";
$out .= '</form>' . "\n";
$out .= '</div>' . "\n";
# let plugins add stuff beneath the editor
$out = apply_filters('sph_topic_editor_beneath', $out, $spThisForum, $a);
return $out;
}
function sp_postlistview_query($where, $order, $count, $view, $type)
{
global $spGlobals, $spThisUser;
# If no WHERE clause then return empty
if (empty($where)) {
return;
}
# build list of forums user can view
$fids = sp_user_visible_forums($view);
if (!empty($fids)) {
$fids = implode(',', $fids);
$where .= ' AND ' . SFPOSTS . ".forum_id IN ({$fids})";
}
# Check order
if (empty($order)) {
$order = SFPOSTS . '.post_id DESC';
}
$spdb = new spdbComplex();
$spdb->table = SFPOSTS;
$spdb->fields = SFPOSTS . '.post_id, post_content, ' . spdb_zone_datetime('post_date') . ', ' . SFPOSTS . '.topic_id, ' . SFPOSTS . '.forum_id,
' . SFPOSTS . '.user_id, guest_name, post_status, post_index, forum_name, forum_slug, forum_disabled, ' . SFFORUMS . '.group_id, group_name,
topic_name, topic_slug, ' . SFTOPICS . '.post_count, topic_opened, display_name';
$spdb->join = array(SFFORUMS . ' ON ' . SFFORUMS . '.forum_id = ' . SFPOSTS . '.forum_id', SFGROUPS . ' ON ' . SFGROUPS . '.group_id = ' . SFFORUMS . '.group_id', SFTOPICS . ' ON ' . SFTOPICS . '.topic_id = ' . SFPOSTS . '.topic_id');
$spdb->left_join = array(SFMEMBERS . ' ON ' . SFMEMBERS . '.user_id = ' . SFPOSTS . '.user_id');
$spdb->where = $where;
$spdb->orderby = $order;
if ($count) {
$spdb->limits = $count;
}
$spdb = apply_filters('sph_post_list_query', $spdb, $this, $type);
if (!empty($spThisUser->inspect['q_spPostListView'])) {
$spdb->inspect = 'spPostListView';
$spdb->show = true;
}
$records = $spdb->select();
# Now check authorisations and clean up the object
$list = array();
# Some values we need
# How many topics to a page?
$ppaged = $spGlobals['display']['posts']['perpage'];
if (empty($ppaged) || $ppaged == 0) {
$ppaged = 20;
}
# establish topic sort order
$porder = 'ASC';
# default
if ($spGlobals['display']['posts']['sortdesc']) {
$porder = 'DESC';
}
# global override
if ($records) {
$listPos = 1;
foreach ($records as $r) {
if (sp_can_view($r->forum_id, 'forum-title')) {
if ($r->post_status == 0 || sp_get_auth('moderate_posts', $r->forum_id)) {
$p = $r->post_id;
$list[$p] = $r;
# Now apply any necessary filters and data changes
$list[$p]->post_content = sp_filter_content_display($r->post_content);
$list[$p]->post_content_raw = $r->post_content;
$list[$p]->forum_name = sp_filter_title_display($r->forum_name);
$list[$p]->forum_disabled = $r->forum_disabled;
$list[$p]->forum_permalink = sp_build_url($r->forum_slug, '', 1, 0);
$list[$p]->topic_permalink = sp_build_url($r->forum_slug, $r->topic_slug, 1, 0);
$list[$p]->topic_name = sp_filter_title_display($r->topic_name);
$list[$p]->topic_opened = $r->topic_opened;
$list[$p]->group_name = sp_filter_title_display($r->group_name);
if (sp_can_view($r->forum_id, 'post-content', $spThisUser->ID, $r->user_id, $r->topic_id, $r->post_id)) {
$list[$p]->post_tip = $r->post_status ? sp_text('Post awaiting moderation') : sp_filter_tooltip_display($r->post_content, $r->post_status);
} else {
$list[$p]->post_tip = '';
}
# Ensure display name is populated
if (empty($r->display_name)) {
$list[$p]->display_name = $list[$p]->guest_name;
}
$list[$p]->display_name = sp_filter_name_display($list[$p]->display_name);
# determine the page for the post permalink
if ($porder == 'ASC') {
$page = $r->post_index / $ppaged;
if (!is_int($page)) {
$page = intval($page + 1);
}
} else {
$page = $r->post_count - $r->post_index;
$page = $page / $ppaged;
$page = intval($page + 1);
}
$list[$p]->post_permalink = sp_build_url($r->forum_slug, $r->topic_slug, $page, $r->post_id, $r->post_index);
$list[$p]->list_position = $listPos;
$list[$p] = apply_filters('sph_post_list_record', $list[$p], $r, $type);
}
}
$listPos++;
}
}
return $list;
}
function sp_topicview_query($topicid = 0, $cPage = 1, $forumid = 0)
{
global $spGlobals, $spThisUser, $spVars;
# do we have a valid topic id
if ($topicid == 0) {
$this->topicViewStatus = 'no data';
return;
} else {
$WHERE = SFTOPICS . '.topic_id=' . $topicid;
}
# default to no access
$this->topicViewStatus = 'no access';
# some setup vars
$startlimit = 0;
$lastpage = 0;
# how many posts per page?
$ppaged = $spGlobals['display']['posts']['perpage'];
if (!$ppaged) {
$ppaged = 10;
}
# setup where we are in the post list (paging)
if ($cPage != 1) {
$startlimit = ($cPage - 1) * $ppaged;
}
$LIMIT = $startlimit . ', ' . $ppaged;
# Set up order by
$setSort = false;
$reverse = false;
$setSort = $spGlobals['display']['posts']['sortdesc'];
if (isset($spGlobals['sort_order']['topic'])) {
$reverse = array_search($topicid, (array) $spGlobals['sort_order']['topic']) !== false ? true : false;
}
if (isset($spThisUser->postDESC) && $spThisUser->postDESC) {
$reverse = !$reverse;
}
if ($setSort xor $reverse) {
$ORDER = 'post_pinned DESC, ' . SFPOSTS . ".post_id DESC";
} else {
$ORDER = 'post_pinned DESC, ' . SFPOSTS . ".post_id ASC";
}
# add newpost/sfwaiting support for admins
$waitCheck = ', NULL AS new_post';
if ($spThisUser->admin || $spThisUser->moderator) {
$waitCheck = ', ' . SFWAITING . '.post_count AS new_post';
}
# Discover if this topic is in users new post list
$maybeNewPost = false;
if ($spThisUser->member && sp_is_in_users_newposts($topicid)) {
$maybeNewPost = true;
}
# retrieve topic and post records
$spdb = new spdbComplex();
$spdb->table = SFTOPICS;
$spdb->found_rows = true;
$spdb->fields = 'group_id, ' . SFTOPICS . '.topic_id, ' . SFTOPICS . '.forum_id, topic_name, topic_slug, topic_status, topic_pinned, topic_icon, topic_opened, ' . SFTOPICS . '.post_count, forum_name, forum_slug, forum_status,
forum_disabled, forum_rss_private, ' . SFPOSTS . '.post_id, ' . spdb_zone_datetime('post_date') . ', ' . SFPOSTS . '.user_id, ' . SFTOPICS . '.user_id AS topic_starter,
guest_name, guest_email, post_status, post_pinned, post_index, post_edit, poster_ip, source, post_content' . $waitCheck;
$spdb->join = array(SFPOSTS . ' ON ' . SFTOPICS . '.topic_id=' . SFPOSTS . '.topic_id', SFFORUMS . ' ON ' . SFTOPICS . '.forum_id=' . SFFORUMS . '.forum_id');
if ($spThisUser->admin || $spThisUser->moderator) {
$spdb->left_join = array(SFWAITING . ' ON ' . SFPOSTS . '.post_id=' . SFWAITING . '.post_id');
}
$spdb->where = $WHERE;
$spdb->orderby = $ORDER;
$spdb->limits = $LIMIT;
$spdb = apply_filters('sph_topicview_query', $spdb, $this);
if (!empty($spThisUser->inspect['q_spTopicView'])) {
$spdb->inspect = 'spTopicView';
$spdb->show = true;
}
$records = $spdb->select();
$t = array();
if ($records) {
$tidx = $topicid;
$pidx = 0;
$r = current($records);
if (sp_get_auth('view_forum', $r->forum_id)) {
$this->topicViewStatus = 'data';
# construct the parent topic object
$t[$tidx] = new stdClass();
$t[$tidx]->topic_id = $r->topic_id;
$t[$tidx]->forum_id = $r->forum_id;
$t[$tidx]->group_id = $r->group_id;
$t[$tidx]->forum_name = sp_filter_title_display($r->forum_name);
$t[$tidx]->topic_name = sp_filter_title_display($r->topic_name);
$t[$tidx]->topic_slug = $r->topic_slug;
$t[$tidx]->topic_opened = $r->topic_opened;
$t[$tidx]->forum_status = $r->forum_status;
$t[$tidx]->topic_pinned = $r->topic_pinned;
$t[$tidx]->forum_disabled = $r->forum_disabled;
$t[$tidx]->forum_slug = $r->forum_slug;
$t[$tidx]->forum_rss_private = $r->forum_rss_private;
$t[$tidx]->topic_permalink = sp_build_url($r->forum_slug, $r->topic_slug, 1, 0);
$t[$tidx]->topic_status = $r->topic_status;
$t[$tidx]->topic_icon = sanitize_file_name($r->topic_icon);
$t[$tidx]->rss = '';
$t[$tidx]->editmode = 0;
$t[$tidx]->tools_flag = 1;
$t[$tidx]->display_page = $this->topicPage;
$t[$tidx]->posts_per_page = $ppaged;
$t[$tidx]->unread = 0;
# user calc_rows and nor post_count as - for example - some posts may be hiodden by choice.
$t[$tidx]->post_count = spdb_select('var', 'SELECT FOUND_ROWS()');
# Can the user create new topics or should we lock the forum?
$t[$tidx]->start_topics = sp_get_auth('start_topics', $r->forum_id);
$t[$tidx]->reply_topics = sp_get_auth('reply_topics', $r->forum_id);
$t[$tidx]->reply_own_topics = sp_get_auth('reply_own_topics', $r->forum_id);
# grab topic start info
$t[$tidx]->topic_starter = $r->topic_starter;
$totalPages = $r->post_count / $ppaged;
if (!is_int($totalPages)) {
$totalPages = intval($totalPages) + 1;
}
$t[$tidx]->total_pages = $totalPages;
if ($setSort xor $reverse) {
if ($cPage == 1) {
$lastpage = true;
}
} else {
if ($cPage == $totalPages) {
$lastpage = true;
}
}
$t[$tidx]->last_page = $lastpage;
$t[$tidx] = apply_filters('sph_topicview_topic_record', $t[$tidx], $r);
reset($records);
unset($r);
# now loop through the post records
$newPostFlag = false;
$firstPostPage = 1;
$pinned = 0;
# define post id and post user id arrays for plugins to use in combined filter
$p = array();
$u = array();
foreach ($records as $r) {
$pidx = $r->post_id;
$p[] = $pidx;
# prepare for user object
$cUser = $spThisUser->ID == $r->user_id;
$cSmall = !$cUser;
$t[$tidx]->posts[$pidx] = new stdClass();
$t[$tidx]->posts[$pidx]->post_id = $r->post_id;
$t[$tidx]->posts[$pidx]->post_date = $r->post_date;
$t[$tidx]->posts[$pidx]->user_id = $r->user_id;
$t[$tidx]->posts[$pidx]->guest_name = sp_filter_name_display($r->guest_name);
$t[$tidx]->posts[$pidx]->guest_email = sp_filter_email_display($r->guest_email);
$t[$tidx]->posts[$pidx]->post_status = $r->post_status;
$t[$tidx]->posts[$pidx]->post_pinned = $r->post_pinned;
$t[$tidx]->posts[$pidx]->post_index = $r->post_index;
$t[$tidx]->posts[$pidx]->poster_ip = $r->poster_ip;
$t[$tidx]->posts[$pidx]->source = $r->source;
$t[$tidx]->posts[$pidx]->post_permalink = sp_build_url($r->forum_slug, $r->topic_slug, $cPage, $r->post_id);
$t[$tidx]->posts[$pidx]->edits = '';
$t[$tidx]->posts[$pidx]->last_post = 0;
$t[$tidx]->posts[$pidx]->last_post_on_page = 0;
$t[$tidx]->posts[$pidx]->first_post_on_page = $firstPostPage;
$t[$tidx]->posts[$pidx]->editmode = 0;
$t[$tidx]->posts[$pidx]->post_content = sp_filter_content_display($r->post_content);
$t[$tidx]->posts[$pidx]->first_pinned = 0;
$t[$tidx]->posts[$pidx]->last_pinned = 0;
$t[$tidx]->posts[$pidx]->postUser = new stdClass();
$t[$tidx]->posts[$pidx]->postUser = clone sp_get_user($r->user_id, $cUser, $cSmall);
# populate the user guest name and email in case the poster is a guest
if ($r->user_id == 0) {
$t[$tidx]->posts[$pidx]->postUser->guest_name = $t[$tidx]->posts[$pidx]->guest_name;
$t[$tidx]->posts[$pidx]->postUser->guest_email = $t[$tidx]->posts[$pidx]->guest_email;
$t[$tidx]->posts[$pidx]->postUser->display_name = $t[$tidx]->posts[$pidx]->guest_name;
$t[$tidx]->posts[$pidx]->postUser->ip = $t[$tidx]->posts[$pidx]->poster_ip;
}
# pinned status
if ($firstPostPage == 1 && $r->post_pinned) {
$t[$tidx]->posts[$pidx]->first_pinned = true;
$pinned = $pidx;
}
if ($firstPostPage == 0 && $pinned > 0 && $r->post_pinned == false) {
$t[$tidx]->posts[$pinned]->last_pinned = true;
} elseif ($r->post_pinned) {
$pinned = $pidx;
}
$firstPostPage = 0;
# Is this a new post for the current user?
if ($spThisUser->guest) {
$newPostFlag = false;
} else {
if ($maybeNewPost && strtotime($r->post_date) > strtotime($spThisUser->lastvisit)) {
$newPostFlag = true;
}
if (isset($r->new_post)) {
$newPostFlag = true;
}
}
$t[$tidx]->posts[$pidx]->new_post = $newPostFlag;
# do we need to hide an admin post?
if (!sp_get_auth('view_admin_posts', $r->forum_id) && sp_is_forum_admin($r->user_id)) {
$adminview = sp_get_sfmeta('adminview', 'message');
if ($adminview) {
$t[$tidx]->posts[$pidx]->post_content = '<div class="spMessage">';
$t[$tidx]->posts[$pidx]->post_content .= sp_filter_text_display($adminview[0]['meta_value']);
$t[$tidx]->posts[$pidx]->post_content .= '</div>';
} else {
$t[$tidx]->posts[$pidx]->post_content = '';
}
}
# do we need to hide an others posts?
if (sp_get_auth('view_own_admin_posts', $r->forum_id) && !sp_is_forum_admin($r->user_id) && !sp_is_forum_mod($r->user_id) && $spThisUser->ID != $r->user_id) {
$userview = sp_get_sfmeta('userview', 'message');
if ($userview) {
$t[$tidx]->posts[$pidx]->post_content = '<div class="spMessage">';
$t[$tidx]->posts[$pidx]->post_content .= sp_filter_text_display($userview[0]['meta_value']);
$t[$tidx]->posts[$pidx]->post_content .= '</div>';
} else {
$t[$tidx]->posts[$pidx]->post_content = '';
}
}
# Is this post to be edited?
if ($spVars['displaymode'] == 'edit' && $spVars['postedit'] == $r->post_id) {
$t[$tidx]->editmode = 1;
$t[$tidx]->editpost_id = $r->post_id;
$t[$tidx]->editpost_content = sp_filter_content_edit($r->post_content);
$t[$tidx]->posts[$pidx]->editmode = 1;
}
# Add edit history
if (!empty($r->post_edit) && is_serialized($r->post_edit)) {
$edits = unserialize($r->post_edit);
$eidx = 0;
foreach ($edits as $e) {
$t[$tidx]->posts[$pidx]->edits[$eidx] = new stdClass();
$t[$tidx]->posts[$pidx]->edits[$eidx]->by = $e['by'];
$t[$tidx]->posts[$pidx]->edits[$eidx]->at = $e['at'];
$eidx++;
}
}
if (!in_array($r->user_id, $u)) {
$u[] = $r->user_id;
}
$t[$tidx]->posts[$pidx] = apply_filters('sph_topicview_post_records', $t[$tidx]->posts[$pidx], $r);
}
# index of post IDs with position in listing
$t[$tidx]->post_keys = $p;
$t[$tidx]->posts[$pidx]->last_post = $lastpage;
$t[$tidx]->posts[$pidx]->last_post_on_page = 1;
# save last post on page id
$t[$tidx]->last_post_id = $r->post_id;
# allow plugins to add more data to combined topic/post data structure
$t[$tidx] = apply_filters('sph_topicview_combined_data', $t[$tidx], $p, $u);
unset($records);
} else {
# check for view forum lists but not topic lists
if (sp_can_view($r->forum_id, 'forum-title')) {
$this->topicViewStatus = 'sneak peek';
}
}
}
return $t;
}
function sp_order_topic_pins()
{
$topicid = sp_esc_int($_GET['topicid']);
$forumid = sp_esc_int($_GET['forumid']);
if (!sp_get_auth('pin_topics', $forumid)) {
if (!is_user_logged_in()) {
sp_etext('Access denied - are you logged in?');
} else {
sp_etext('Access denied - you do not have permission');
}
die;
}
$thisforum = spdb_table(SFFORUMS, "forum_id={$forumid}", 'row');
$topics = spdb_table(SFTOPICS, "forum_id={$forumid} AND topic_pinned > 0", '', 'topic_pinned DESC');
if (empty($topics) || empty($forumid)) {
die;
}
?>
<div id="spMainContainer" class="spForumToolsPopup">
<div class="spForumToolsHeader">
<div class="spForumToolsHeaderTitle"><?php
sp_etext('Please note: The HIGHER numbered topics will appear at the top of the list');
?>
</div>
</div>
<form action="<?php
echo sp_build_url($thisforum->forum_slug, '', 1, 0);
?>
" method="post" name="ordertopicpinsform">
<input type="hidden" name="orderpinsforumid" value="<?php
echo $forumid;
?>
" />
<table class="spPopupTable">
<?php
foreach ($topics as $topic) {
?>
<tr><td class="spLabel" style="width:85%"><?php
echo sp_filter_title_display($topic->topic_name);
?>
<input type="hidden" name="topicid[]" value="<?php
echo $topic->topic_id;
?>
" /></td>
<td class="spControl">
<input type="text" class="spControl" size="6" name="porder[]" value="<?php
echo $topic->topic_pinned;
?>
" />
</td>
<?php
}
?>
</table>
<div class="spCenter">
<input type="submit" class="spSubmit" name="ordertopicpins" value="<?php
sp_etext('Save Pin Order Changes');
?>
" />
<input type="button" class="spSubmit" name="cancel" value="<?php
sp_etext('Cancel');
?>
" onclick="jQuery('#dialog').dialog('close');" />
</div>
</form>
</div>
<?php
}
function sp_groupview_query($groupids = '', $idOrder = false)
{
global $spThisUser;
# can we get the results from the cache?
$records = array();
if (empty($spThisUser->inspect['q_spGroupView'])) {
$records = sp_get_cache('group');
}
if (!$records) {
$WHERE = '';
if (!empty($groupids)) {
$gcount = count($groupids);
$done = 0;
foreach ($groupids as $id) {
$WHERE .= '(' . SFGROUPS . ".group_id={$id})";
$done++;
if ($done < $gcount) {
$WHERE .= ' OR ';
}
}
}
$this->groupViewStatus = empty($groupids) ? 'no data' : 'no access';
# retrieve group and forum records
$spdb = new spdbComplex();
$spdb->table = SFGROUPS;
$spdb->fields = SFGROUPS . '.group_id, group_name, group_desc, group_rss, group_icon, group_message,
forum_id, forum_name, forum_slug, forum_desc, forum_status, forum_disabled, forum_icon, forum_icon_new, forum_icon_locked, forum_rss_private,
post_id, post_id_held, topic_count, post_count, post_count_held, parent, children';
$spdb->join = array(SFFORUMS . ' ON ' . SFGROUPS . '.group_id = ' . SFFORUMS . '.group_id');
$spdb->where = $WHERE;
$spdb->orderby = 'group_seq, forum_seq';
$spdb = apply_filters('sph_groupview_query', $spdb, $this);
if (!empty($spThisUser->inspect['q_spGroupView'])) {
$spdb->inspect = 'spGroupView';
$spdb->show = true;
$spThisUser->inspect['q_spGroupView'] = false;
}
$records = $spdb->select();
if ($records) {
sp_add_cache('group', $records);
}
}
$g = '';
if ($records) {
# Set status initially to 'no access' in case current user can view no forums
$this->groupViewStatus = 'no access';
$gidx = 0;
$fidx = 0;
$sidx = 0;
$cparent = 0;
$subPostId = 0;
# define array to collect data
$p = array();
$g = array();
foreach ($records as $r) {
$groupid = $r->group_id;
$forumid = $r->forum_id;
if (sp_can_view($forumid, 'forum-title')) {
if ($gidx == 0 || $g[$gidx]->group_id != $groupid) {
# reset status to 'data'
$this->groupViewStatus = 'data';
$gidx = $groupid;
$fidx = 0;
$g[$gidx] = new stdClass();
$g[$gidx]->group_id = $r->group_id;
$g[$gidx]->group_name = sp_filter_title_display($r->group_name);
$g[$gidx]->group_desc = sp_filter_title_display($r->group_desc);
$g[$gidx]->group_rss = esc_url($r->group_rss);
$g[$gidx]->group_icon = sanitize_file_name($r->group_icon);
$g[$gidx]->group_message = sp_filter_text_display($r->group_message);
$g[$gidx]->group_rss_active = 0;
$g[$gidx] = apply_filters('sph_groupview_group_records', $g[$gidx], $r);
}
if (isset($r->forum_id)) {
# Is this a subform?
if ($r->parent != 0) {
$sidx = $r->forum_id;
$g[$gidx]->forums[$cparent]->subforums[$sidx] = new stdClass();
$g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_id = $r->forum_id;
$g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_name = sp_filter_title_display($r->forum_name);
$g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_slug = $r->forum_slug;
$g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_icon = sanitize_file_name($r->forum_icon);
$g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_icon_new = sanitize_file_name($r->forum_icon_new);
$g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_icon_locked = sanitize_file_name($r->forum_icon_locked);
$g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_disabled = $r->forum_disabled;
$g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_permalink = sp_build_url($r->forum_slug, '', 1, 0);
$g[$gidx]->forums[$cparent]->subforums[$sidx]->topic_count = $r->topic_count;
$g[$gidx]->forums[$cparent]->subforums[$sidx]->post_count = $r->post_count;
$g[$gidx]->forums[$cparent]->subforums[$sidx]->parent = $r->parent;
$g[$gidx]->forums[$cparent]->subforums[$sidx]->children = $r->children;
$g[$gidx]->forums[$cparent]->subforums[$sidx]->post_id = $r->post_id;
$g[$gidx]->forums[$cparent]->subforums[$sidx]->unread = 0;
# check if we can look at posts in moderation - if not swap for 'held' values
if (!sp_get_auth('moderate_posts', $r->forum_id)) {
$g[$gidx]->forums[$cparent]->subforums[$sidx]->post_count = $r->post_count_held;
$g[$gidx]->forums[$cparent]->subforums[$sidx]->post_id = $r->post_id_held;
}
# See if any forums are in the current users newpost list
if ($spThisUser->member && isset($spThisUser->newposts['forums'])) {
$c = 0;
if ($spThisUser->newposts['forums']) {
foreach ($spThisUser->newposts['forums'] as $fnp) {
if ($fnp == $sidx) {
$c++;
}
}
}
# set the subforum unread count
$g[$gidx]->forums[$cparent]->subforums[$sidx]->unread = $c;
}
# Update top parent counts with subforum counts
$g[$gidx]->forums[$cparent]->topic_count_sub += $g[$gidx]->forums[$cparent]->subforums[$sidx]->topic_count;
$g[$gidx]->forums[$cparent]->post_count_sub += $g[$gidx]->forums[$cparent]->subforums[$sidx]->post_count;
# and what about the most recent post? Is this in a subforum?
if ($g[$gidx]->forums[$cparent]->subforums[$sidx]->post_id > $g[$gidx]->forums[$cparent]->post_id && $g[$gidx]->forums[$cparent]->subforums[$sidx]->post_id > $subPostId) {
# store the alternative forum id in case we need to display the topic data for this one if inc. subs
$g[$gidx]->forums[$cparent]->forum_id_sub = $r->forum_id;
# add the last post in subforum to the list for stats retrieval
$subPostId = $g[$gidx]->forums[$cparent]->subforums[$sidx]->post_id;
$p[$r->forum_id] = $subPostId;
}
} else {
# it's a top level forum
$subPostId = 0;
$fidx = $forumid;
$g[$gidx]->forums[$fidx] = new stdClass();
$g[$gidx]->forums[$fidx]->forum_id = $r->forum_id;
$g[$gidx]->forums[$fidx]->forum_id_sub = 0;
$g[$gidx]->forums[$fidx]->forum_name = sp_filter_title_display($r->forum_name);
$g[$gidx]->forums[$fidx]->forum_slug = $r->forum_slug;
$g[$gidx]->forums[$fidx]->forum_permalink = sp_build_url($r->forum_slug, '', 1, 0);
$g[$gidx]->forums[$fidx]->forum_desc = sp_filter_title_display($r->forum_desc);
$g[$gidx]->forums[$fidx]->forum_status = $r->forum_status;
$g[$gidx]->forums[$fidx]->forum_disabled = $r->forum_disabled;
$g[$gidx]->forums[$fidx]->forum_icon = sanitize_file_name($r->forum_icon);
$g[$gidx]->forums[$fidx]->forum_icon_new = sanitize_file_name($r->forum_icon_new);
$g[$gidx]->forums[$fidx]->forum_icon_locked = sanitize_file_name($r->forum_icon_locked);
$g[$gidx]->forums[$fidx]->forum_rss_private = $r->forum_rss_private;
$g[$gidx]->forums[$fidx]->post_id = $r->post_id;
$g[$gidx]->forums[$fidx]->topic_count = $r->topic_count;
$g[$gidx]->forums[$fidx]->topic_count_sub = $r->topic_count;
$g[$gidx]->forums[$fidx]->post_count = $r->post_count;
$g[$gidx]->forums[$fidx]->post_count_sub = $r->post_count;
$g[$gidx]->forums[$fidx]->parent = $r->parent;
$g[$gidx]->forums[$fidx]->children = $r->children;
$g[$gidx]->forums[$fidx]->unread = 0;
if (empty($g[$gidx]->forums[$fidx]->post_id)) {
$g[$gidx]->forums[$fidx]->post_id = 0;
}
# Can the user create new topics or should we lock the forum?
$g[$gidx]->forums[$fidx]->start_topics = sp_get_auth('start_topics', $r->forum_id);
# check if we can look at posts in moderation - if not swap for 'held' values
if (!sp_get_auth('moderate_posts', $r->forum_id)) {
$g[$gidx]->forums[$fidx]->post_id = $r->post_id_held;
$g[$gidx]->forums[$fidx]->post_count = $r->post_count_held;
$g[$gidx]->forums[$fidx]->post_count_sub = $r->post_count_held;
$thisPostid = $r->post_id_held;
} else {
$thisPostid = $r->post_id;
}
# See if any forums are in the current users newpost list
if ($spThisUser->member && isset($spThisUser->newposts['forums'])) {
$c = 0;
if ($spThisUser->newposts['forums']) {
foreach ($spThisUser->newposts['forums'] as $fnp) {
if ($fnp == $fidx) {
$c++;
}
}
}
$g[$gidx]->forums[$fidx]->unread = $c;
}
if (empty($r->children)) {
$cparent = 0;
} else {
$cparent = $fidx;
$sidx = 0;
}
# Build post id array for collecting stats at the end
if (!empty($thisPostid)) {
$p[$fidx] = $thisPostid;
}
$g[$gidx]->forums[$fidx] = apply_filters('sph_groupview_forum_records', $g[$gidx]->forums[$fidx], $r);
}
# Build special Group level flag on whether to show group RSS button or not (based on any forum in group having RSS access
if (sp_get_auth('view_forum', $r->forum_id) && !$r->forum_rss_private) {
$g[$gidx]->group_rss_active = 1;
}
}
}
}
}
if ($this->includeStats == true) {
# Go grab the forum stats and data
if (!empty($p)) {
$stats = $this->sp_groupview_stats_query($p);
if ($stats) {
foreach ($g as $gr) {
foreach ($gr->forums as $f) {
if (!empty($stats[$f->forum_id])) {
$s = $stats[$f->forum_id];
$f->topic_id = $s->topic_id;
$f->topic_name = sp_filter_title_display($s->topic_name);
$f->topic_slug = $s->topic_slug;
$f->post_id = $s->post_id;
$f->post_permalink = sp_build_url($f->forum_slug, $s->topic_slug, 0, $s->post_id, $s->post_index);
$f->post_date = $s->post_date;
$f->post_status = $s->post_status;
$f->post_index = $s->post_index;
# see if we can display the tooltip
if (sp_can_view($f->forum_id, 'post-content', $spThisUser->ID, $s->user_id, $s->topic_id, $s->post_id)) {
$f->post_tip = $s->post_status ? sp_text('Post awaiting moderation') : sp_filter_tooltip_display($s->post_content, $s->post_status);
} else {
$f->post_tip = '';
}
$f->user_id = $s->user_id;
$f->display_name = sp_filter_name_display($s->display_name);
$f->guest_name = sp_filter_name_display($s->guest_name);
}
# do we need to record a possible subforum substitute topic?
$fsub = $f->forum_id_sub;
if ($fsub != 0 && !empty($stats[$fsub])) {
$s = $stats[$fsub];
$f->topic_id_sub = $s->topic_id;
$f->topic_name_sub = sp_filter_title_display($s->topic_name);
$f->topic_slug_sub = $s->topic_slug;
$f->post_id_sub = $s->post_id;
$f->post_permalink_sub = sp_build_url($f->subforums[$fsub]->forum_slug, $s->topic_slug, 0, $s->post_id, $s->post_index);
$f->post_date_sub = $s->post_date;
$f->post_status_sub = $s->post_status;
$f->post_index_sub = $s->post_index;
# see if we can display the tooltip
if (sp_can_view($fsub, 'post-content', $spThisUser->ID, $s->user_id, $s->topic_id, $s->post_id)) {
$f->post_tip_sub = $s->post_status ? sp_text('Post awaiting moderation') : sp_filter_tooltip_display($s->post_content, $s->post_status);
} else {
$f->post_tip_sub = '';
}
$f->user_id_sub = $s->user_id;
$f->display_name_sub = sp_filter_name_display($s->display_name);
$f->guest_name_sub = sp_filter_name_display($s->guest_name);
}
$f = apply_filters('sph_groupview_stats_records', $f, $s);
}
}
unset($stats);
}
}
}
# Do we need to re-order IDs based on passed in IDs
if ($groupids && $idOrder) {
$n = array();
foreach ($groupids as $gid) {
if (array_key_exists($gid, $g)) {
$n[$gid] = $g[$gid];
}
}
$g = $n;
unset($n);
}
return $g;
}
# Author : Simple:Press
#
# The 'default' template is used to display generic or unknown pages
#
# --------------------------------------------------------------------------------------
global $spDevice;
# Load the forum header template - normally first thing
# ----------------------------------------------------------------------
sp_SectionStart('tagClass=spHeadContainer', 'head');
sp_load_template('spHead.php');
sp_SectionEnd('', 'head');
sp_SectionStart('tagClass=spBodyContainer', 'body');
# lets see if we can figure out why we got here and output some useful info
# ----------------------------------------------------------------------
sp_SectionStart('tagClass=spMessage');
if ($spVars['profile'] == 'show') {
if (!sp_get_auth('view_profiles')) {
echo __sp('Access denied - you do not have permission to view this page');
} else {
echo __sp('The requested member does not exist');
}
} else {
echo __sp('The requested page does not exist');
}
sp_SectionEnd();
sp_SectionEnd('', 'body');
# Load the forum footer template - normally last thing
# ----------------------------------------------------------------------
sp_SectionStart('tagClass=spFootContainer', 'foot');
sp_load_template('spFoot.php');
sp_SectionEnd('', 'foot');
function sp_can_view($forumid, $view, $userid = 0, $posterid = 0, $topicid = 0, $postid = 0)
{
global $spGlobals, $spThisUser, $spStatus;
# bail if awaiting upgrade since no forums are visible
if (!isset($spStatus) || isset($spStatus) && $spStatus != 'ok') {
return;
}
# return false for any disabled forums since they are not shown on front end
if (in_array($forumid, $spGlobals['disabled_forums'])) {
return false;
}
# make sure we at least use the current user
if (empty($userid)) {
$userid = $spThisUser->ID;
}
$auth = false;
switch ($view) {
case 'forum-title':
$auth = sp_get_auth('view_forum', $forumid, $userid) || sp_get_auth('view_forum_lists', $forumid, $userid) || sp_get_auth('view_forum_topic_lists', $forumid, $userid);
$auth = apply_filters('sph_auth_view_forum_title', $auth, $forumid, $view, $userid, $posterid);
break;
case 'topic-title':
$auth = sp_get_auth('view_forum', $forumid, $userid) || sp_get_auth('view_forum_topic_lists', $forumid, $userid);
$auth = apply_filters('sph_auth_view_topic_title', $auth, $forumid, $view, $userid, $posterid);
break;
case 'post-content':
$auth = sp_get_auth('view_forum', $forumid, $userid) && (!sp_is_forum_admin($posterid) || sp_get_auth('view_admin_posts', $forumid, $userid)) && (sp_is_forum_admin($posterid) || sp_is_forum_mod($posterid) || $userid == $posterid || !sp_get_auth('view_own_admin_posts', $forumid, $userid));
$auth = apply_filters('sph_auth_view_post_content', $auth, $forumid, $view, $userid, $posterid, $topicid, $postid);
break;
default:
$auth = apply_filters('sph_auth_view_' . $view, $auth, $forumid, $view, $userid, $posterid, $topicid, $postid);
break;
}
$auth = apply_filters('sph_auth_view', $auth, $forumid, $view, $userid, $posterid);
return $auth;
}
function sp_PostForumToolButton($args = '', $label = '', $toolTip = '')
{
global $spThisTopic, $spThisPost, $spThisPostUser, $spThisUser, $spGuestCookie, $spGlobals;
if ($spGlobals['lockdown'] == true && $spThisUser->admin == false) {
return;
}
$show = false;
if ($spThisUser->admin || $spThisUser->moderator) {
$show = true;
} else {
$edit_days = sp_get_option('editpostdays');
$post_date = strtotime(sp_date('d', $spThisPost->post_date));
$date_diff = floor((time() - $post_date) / (60 * 60 * 24));
if (sp_get_auth('view_email', $spThisTopic->forum_id) || sp_get_auth('pin_posts', $spThisTopic->forum_id) || sp_get_auth('edit_any_post', $spThisTopic->forum_id) || sp_get_auth('edit_own_posts_forever', $spThisTopic->forum_id) && $spThisUser->member && $spThisPostUser->ID == $spThisUser->ID || sp_get_auth('edit_own_posts_forever', $spThisTopic->forum_id) && $spThisUser->guest && $spThisPost->guest_email == $spGuestCookie->guest_email || sp_get_auth('edit_own_posts_reply', $spThisTopic->forum_id) && $spThisUser->member && $spThisPostUser->ID == $spThisUser->ID && $spThisPost->last_post || sp_get_auth('edit_own_posts_reply', $spThisTopic->forum_id) && $spThisUser->guest && $spThisPost->guest_email == $spGuestCookie->guest_email && $spThisPost->last_post || sp_get_auth('edit_own_posts_for_time', $spThisTopic->forum_id) && $spThisUser->member && $spThisPostUser->ID == $spThisUser->ID && $date_diff <= $edit_days || sp_get_auth('move_posts', $spThisTopic->forum_id) || sp_get_auth('reassign_posts', $spThisTopic->forum_id) || sp_get_auth('delete_any_post', $spThisTopic->forum_id) || sp_get_auth('delete_own_posts', $spThisTopic->forum_id) && $spThisPostUser->user_id == $spThisUser->ID || sp_get_auth('moderate_posts', $spThisTopic->forum_id) && $spThisPost->post_status != 0) {
$show = true;
}
}
$show = apply_filters('sph_forum_tools_topic_show', $show);
if (!$show) {
return;
}
$defs = array('tagId' => 'spForumToolButton%ID%', 'tagClass' => 'spToolsButton', 'icon' => 'sp_ForumTools.png', 'iconClass' => 'spIcon', 'hide' => 1, 'containerClass' => 'spTopicPostSection');
$a = wp_parse_args($args, $defs);
$a = apply_filters('sph_PostForumToolButton_args', $a);
extract($a, EXTR_SKIP);
# sanitize before use
$tagId = esc_attr($tagId);
$tagClass = esc_attr($tagClass);
$icon = sanitize_file_name($icon);
$iconClass = esc_attr($iconClass);
$containerClass = esc_attr($containerClass);
$hide = (int) $hide;
$toolTip = esc_attr($toolTip);
$label = sp_filter_title_display($label);
$tagId = str_ireplace('%ID%', $spThisPost->post_id, $tagId);
$addStyle = '';
if ($hide) {
$addStyle = " style='display: none;' ";
}
$last = $spThisPost->last_post ? 1 : 0;
$site = SFHOMEURL . 'index.php?sp_ahah=admintoollinks&sfnonce=' . wp_create_nonce('forum-ahah') . "&action=posttools&post={$spThisPost->post_id}&page={$spThisTopic->display_page}&postnum={$spThisPost->post_index}&name=" . urlencode($spThisPostUser->display_name) . "&forum={$spThisTopic->forum_id}&last={$last}";
$out = "<a class='{$tagClass}' id='{$tagId}' title='{$toolTip}' rel='nofollow' href='javascript:void(null)' {$addStyle} ";
$title = esc_js(sp_text('Forum Tools'));
$out .= "onclick='spjDialogAjax(this, \"" . $site . "\", \"" . $title . "\", 350, 0, 0);' >";
if (!empty($icon)) {
$out .= sp_paint_icon($iconClass, SPTHEMEICONSURL, $icon);
}
if (!empty($label)) {
$out .= $label;
}
$out .= "</a>\n";
$out = apply_filters('sph_PostForumToolButton', $out, $a);
echo $out;
# Add script to hover admin buttons - just once
if ($spThisTopic->tools_flag && $hide) {
?>
<script type='text/javascript'>
/* <![CDATA[ */
var sptb = {
toolclass : '.<?php
echo $containerClass;
?>
'
};
/* ]]> */
</script>
<?php
add_action('wp_footer', 'spjs_AddPostToolsHover');
$spThisTopic->tools_flag = false;
}
}
function sp_TopicEditorWindow($addTopicForm)
{
global $spThisUser, $spThisForum, $spGlobals;
if (sp_get_auth('start_topics', $spThisForum->forum_id) && !$spThisForum->forum_status && !$spGlobals['lockdown'] || $spThisUser->admin) {
$out = '<a id="dataform"></a>' . "\n";
$out .= sp_add_topic($addTopicForm);
echo $out;
# inline js to open topic form if from the topic view (script below)
if ($addTopicForm['hide'] == 0 || isset($_GET['new']) && $_GET['new'] == 'topic') {
add_action('wp_footer', 'spjs_OpenTopicForm');
}
}
}
function sp_MemberListUsergroupSelect($args = '')
{
global $spMembersList;
if (empty($spMembersList->userGroups)) {
return;
}
if (!sp_get_auth('view_members_list')) {
return;
}
global $spMembersList;
$defs = array('tagId' => 'spUsergroupSelect', 'tagClass' => 'spUsergroupSelect', 'selectClass' => 'spControl', 'echo' => 1);
$a = wp_parse_args($args, $defs);
$a = apply_filters('sph_MemberListUsergroupSelect_args', $a);
extract($a, EXTR_SKIP);
# sanitize before use
$tagId = esc_attr($tagId);
$tagClass = esc_attr($tagClass);
$selectClass = esc_attr($selectClass);
$echo = (int) $echo;
$search = !empty($_POST['msearch']) && !isset($_POST['allmembers']) ? '&msearch=' . sp_esc_str($_POST['msearch']) : '';
$search = !empty($_GET['msearch']) ? '&msearch=' . sp_esc_str($_GET['msearch']) : $search;
$ug = !empty($_POST['ug']) && !isset($_POST['allmembers']) ? sp_esc_int($_POST['ug']) : '';
$ug = !empty($_GET['ug']) ? sp_esc_int($_GET['ug']) : $ug;
$out = "<div id='{$tagId}' class='{$tagClass}'>";
$out .= "<select class='{$selectClass}' name='sp_usergroup_select' onchange='javascript:spjChangeURL(this)'>";
$out .= "<option value='#'>" . sp_text('Select Specific Usergroup') . "</option>";
foreach ($spMembersList->userGroups as $usergroup) {
$selected = $usergroup['usergroup_id'] == $ug ? "selected='selected'" : '';
$out .= "<option {$selected} value='" . sp_get_sfqurl(sp_url('members')) . 'ug=' . $usergroup['usergroup_id'] . $search . "'>" . sp_filter_title_display($usergroup['usergroup_name']) . '</option>';
}
if (!empty($ug)) {
$out .= "<option value='" . sp_get_sfqurl(sp_url('members')) . $search . "'>" . sp_text('Reset to Default Usergroups') . "</option>";
}
$out .= '</select>';
$out .= "</div>\n";
$out = apply_filters('sph_MemberListUsergroupSelect', $out, $a);
if ($echo) {
echo $out;
} else {
return $out;
}
}
