function sp_construct_database_error($sql, $sqlerror)
{
global $spStatus, $spGlobals, $wpdb;
if ($spGlobals['record-errors'] == false) {
return;
}
if (spdb_connection() == false) {
return;
}
$mess = '';
$trace = debug_backtrace();
$traceitem = $trace[2];
$mess .= 'file: ' . $traceitem['file'] . '<br />';
$mess .= 'line: ' . $traceitem['line'] . '<br />';
$mess .= 'function: ' . $traceitem['function'] . '<br />';
$mess .= "error: {$sqlerror}<br /><br />";
$mess .= $sql;
$keyCheck = substr(E_ERROR . $traceitem['line'] . substr($traceitem['file'], -30, 30), 0, 45);
# write out error to our toolbox log if it doesn't exist already
$e = spdb_table(SFERRORLOG, 'keycheck="' . $keyCheck . '" AND error_type="database"', 'error_count');
if (empty($e) || $e == 0) {
@sp_write_error('database', $mess, E_ERROR, $keyCheck);
} else {
@sp_update_error($keyCheck, $e);
}
# create display message
include_once SPAPI . 'sp-api-cache.php';
sp_notify(SPFAILURE, sp_text('Invalid database query'));
}
function sp_email_notifications($newpost)
{
global $spGlobals, $spThisUser, $spVars;
$out = '';
$email_status = array();
$eol = "\r\n";
$tab = "\t";
# create the email address list for admin nptifications
$admins_email = array();
$admins = spdb_table(SFMEMBERS, 'admin = 1 OR moderator = 1');
if ($admins) {
foreach ($admins as $admin) {
if ($admin->user_id != $newpost['userid']) {
$admin_opts = unserialize($admin->admin_options);
if ($admin_opts['sfnotify'] && sp_get_auth('moderate_posts', $newpost['forumid'], $admin->user_id)) {
$email = spdb_table(SFUSERS, "ID = " . $admin->user_id, 'user_email');
$admins_email[$admin->user_id] = $email;
}
}
}
}
$admins_email = apply_filters('sph_admin_email_addresses', $admins_email);
# send the emails
if (!empty($admins_email)) {
# clean up the content for the plain text email - go get it from database so not in 'save' mode
$post_content = spdb_table(SFPOSTS, 'post_id=' . $newpost['postid'], 'post_content');
$post_content = sp_filter_email_content($post_content);
# create message body
$msg = sp_text('New forum post on your site') . ': ' . get_option('blogname') . $eol . $eol;
$msg .= sp_text('From') . ': ' . $tab . $newpost['postername'] . ' [' . $newpost['posteremail'] . ']' . ', ' . sp_text('Poster IP') . ': ' . $newpost['posterip'] . $eol . $eol;
$msg .= sp_text('Group') . ':' . $tab . sp_filter_title_display($newpost['groupname']) . $eol;
$msg .= sp_text('Forum') . ':' . $tab . sp_filter_title_display($newpost['forumname']) . $eol;
$msg .= sp_text('Topic') . ':' . $tab . sp_filter_title_display($newpost['topicname']) . $eol;
$msg .= urldecode($newpost['url']) . $eol;
$msg .= sp_text('Post') . ':' . $eol . $post_content . $eol . $eol;
foreach ($admins_email as $id => $email) {
$newmsg = apply_filters('sph_admin_email', $msg, $newpost, $id, 'admin');
$replyto = apply_filters('sph_email_replyto', '', $newpost);
$subject = sp_text('Forum Post') . ' - ' . get_option('blogname') . ': [' . sp_filter_title_display($newpost['topicname']) . ']';
$subject = apply_filters('sph_email_subject', $subject, $newpost);
sp_send_email($email, $subject, $newmsg, $replyto);
}
$out = '- ' . sp_text('Notified: Administrators/Moderators');
}
$out = apply_filters('sph_new_post_notifications', $out, $newpost);
return $out;
}
function sp_ProfilePermissionsForum($thisForum, $userid)
{
global $thisAlt;
# Start the 'forum' section
$out = "<div class='spGroupForumSection {$thisAlt}'>";
# Column 1 of the forum row
$out .= '<div class="spColumnSection spProfilePermissionIcon">';
$icon = !empty($thisForum->forum_icon) ? sp_paint_custom_icon('spRowIcon', SFCUSTOMURL . $thisForum->forum_icon) : sp_paint_icon('spRowIcon', SPTHEMEICONSURL, 'sp_ForumIcon.png');
$out .= $icon;
$out .= '</div>';
# Column 2 of the forum row
$out .= '<div class="spColumnSection spProfilePermissionForum">';
$out .= "<div class='spRowName'>" . $thisForum->forum_name . "</div>";
$desc = !empty($thisForum->forum_desc) ? $thisForum->forum_desc : '';
$out .= "<div class='spRowName'>" . $desc . "</div>";
$out .= '</div>';
# Column 3 of the forum row
$site = SFHOMEURL . "index.php?sp_ahah=permissions&sfnonce=" . wp_create_nonce('forum-ahah') . "&forum=" . $thisForum->forum_id . '&userid=' . $userid;
$img = SFCOMMONIMAGES . '/working.gif';
$out .= '<div class="spColumnSection spProfilePermissionButton">';
$out .= '<a rel="nofollow" href="javascript:void(null)" onclick="spjLoadTool(\'' . $site . '\', \'perm' . $thisForum->forum_id . '\', \'' . $img . '\');">';
$out .= '<input type="submit" class="spSubmit" value="' . sp_text('View') . '" />';
$out .= '</a>';
$out .= '</div>';
$out .= sp_InsertBreak('echo=0');
$out .= '</div>';
# hidden area for the permissions for this forum
$out .= '<div id="perm' . $thisForum->forum_id . '" class="spHiddenSection spProfilePermission"></div>';
$thisAlt = $thisAlt == 'spOdd' ? 'spEven' : 'spOdd';
return $out;
}
Ahah call for acknowledgements
$LastChangedDate: 2014-06-14 17:34:16 -0700 (Sat, 14 Jun 2014) $
$Rev: 11559 $
*/
if (preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) {
die('Access denied - you cannot directly call this file');
}
sp_forum_api_support();
$theme = sp_get_current_sp_theme();
$out = '';
$out .= '<div id="spAbout">';
$out .= '<img src="' . SFCOMMONIMAGES . 'sp-small-logo.png" alt="" title="" /><br />';
$out .= '<p>© 2006-' . date('Y') . ' ' . sp_text('by') . ' <a href="http://www.yellowswordfish.com"><b>Andy Staines</b></a> ' . sp_text('and') . ' <a href="http://cruisetalk.org/"><b>Steve Klasen</b></a></p>';
$out .= '<p><a href="http://twitter.com/simpleforum">' . sp_text('Follow us On Twitter') . '</a></p>';
$out .= '<hr />';
$out .= '<p>';
$ack = array(sp_text('printThis by Jason Day') . ': <a href="https://github.com/jasonday/printThis">printThis</a>', sp_text('Math Spam Protection based on code by Michael Woehrer') . ': <a href="http://sw-guide.de/">Software Guide</a>', sp_text('Calendar Date Picker by TengYong Ng') . ': <a href="http://www.rainforestnet.com">Rain Forest Net</a>', sp_text('Image Uploader by Andrew Valums') . ': <a href="http://valums.com/ajax-upload/">Ajax upload</a>', sp_text('Checkbox and Radio Button transformations by') . ': <a href="http://www.no-margin-for-errors.com/">Stephane Caron</a>', sp_text('SPF RPX implementation uses code and ideas from RPX') . ': <a href="http://rpxwiki.com/WordpressPlugin">Brian Ellin</a>', sp_text('Popup Tooltips by the Vertigo Project') . ': <a href="http://www.vertigo-project.com/">Vertigo Project</a>', sp_text('Table Drag and Drop') . ': <a href="http://www.isocra.com/2008/02/table-drag-and-drop-jquery-plugin/">Isocra Consulting</a>', sp_text('Mobile Device Detection based on code by Brett Jankord') . ': <a href="http://www.brettjankord.com/2012/01/16/categorizr-a-modern-device-detection-script/">Categorizr</a>', sp_text('CSS and JS Concatenation based on code by Ronen Yacobi') . ': <a href="http://http://yacobi.info/">CSS And Script File Aggregation</a>');
$ack = apply_filters('sph_acknowledgements', $ack);
foreach ($ack as $a) {
$out .= $a . '<br />';
}
$out .= '</p>';
$out .= '<hr />';
$out .= '<p>' . sp_text('Our thanks to all the people who have aided, abetted, coded, suggested and helped test this plugin') . '</p><br />';
$out .= sp_text('This forum is using the') . ' <strong>' . $theme['theme'] . '</strong> ' . sp_text('theme') . '<br />';
if (!empty($theme['parent'])) {
$out .= sp_text('a child theme of the') . ' <strong>' . $theme['parent'] . '</strong> ' . sp_text('theme') . '<br />';
}
$out .= '</div>';
echo $out;
die;
function sp_groupview_query($groupids = '', $idOrder = false)
{
global $spThisUser;
# can we get the results from the cache?
$records = array();
if (empty($spThisUser->inspect['q_spGroupView'])) {
$records = sp_get_cache('group');
}
if (!$records) {
$WHERE = '';
if (!empty($groupids)) {
$gcount = count($groupids);
$done = 0;
foreach ($groupids as $id) {
$WHERE .= '(' . SFGROUPS . ".group_id={$id})";
$done++;
if ($done < $gcount) {
$WHERE .= ' OR ';
}
}
}
$this->groupViewStatus = empty($groupids) ? 'no data' : 'no access';
# retrieve group and forum records
$spdb = new spdbComplex();
$spdb->table = SFGROUPS;
$spdb->fields = SFGROUPS . '.group_id, group_name, group_desc, group_rss, group_icon, group_message,
forum_id, forum_name, forum_slug, forum_desc, forum_status, forum_disabled, forum_icon, forum_icon_new, forum_icon_locked, forum_rss_private,
post_id, post_id_held, topic_count, post_count, post_count_held, parent, children';
$spdb->join = array(SFFORUMS . ' ON ' . SFGROUPS . '.group_id = ' . SFFORUMS . '.group_id');
$spdb->where = $WHERE;
$spdb->orderby = 'group_seq, forum_seq';
$spdb = apply_filters('sph_groupview_query', $spdb, $this);
if (!empty($spThisUser->inspect['q_spGroupView'])) {
$spdb->inspect = 'spGroupView';
$spdb->show = true;
$spThisUser->inspect['q_spGroupView'] = false;
}
$records = $spdb->select();
if ($records) {
sp_add_cache('group', $records);
}
}
$g = '';
if ($records) {
# Set status initially to 'no access' in case current user can view no forums
$this->groupViewStatus = 'no access';
$gidx = 0;
$fidx = 0;
$sidx = 0;
$cparent = 0;
$subPostId = 0;
# define array to collect data
$p = array();
$g = array();
foreach ($records as $r) {
$groupid = $r->group_id;
$forumid = $r->forum_id;
if (sp_can_view($forumid, 'forum-title')) {
if ($gidx == 0 || $g[$gidx]->group_id != $groupid) {
# reset status to 'data'
$this->groupViewStatus = 'data';
$gidx = $groupid;
$fidx = 0;
$g[$gidx] = new stdClass();
$g[$gidx]->group_id = $r->group_id;
$g[$gidx]->group_name = sp_filter_title_display($r->group_name);
$g[$gidx]->group_desc = sp_filter_title_display($r->group_desc);
$g[$gidx]->group_rss = esc_url($r->group_rss);
$g[$gidx]->group_icon = sanitize_file_name($r->group_icon);
$g[$gidx]->group_message = sp_filter_text_display($r->group_message);
$g[$gidx]->group_rss_active = 0;
$g[$gidx] = apply_filters('sph_groupview_group_records', $g[$gidx], $r);
}
if (isset($r->forum_id)) {
# Is this a subform?
if ($r->parent != 0) {
$sidx = $r->forum_id;
$g[$gidx]->forums[$cparent]->subforums[$sidx] = new stdClass();
$g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_id = $r->forum_id;
$g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_name = sp_filter_title_display($r->forum_name);
$g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_slug = $r->forum_slug;
$g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_icon = sanitize_file_name($r->forum_icon);
$g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_icon_new = sanitize_file_name($r->forum_icon_new);
$g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_icon_locked = sanitize_file_name($r->forum_icon_locked);
$g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_disabled = $r->forum_disabled;
$g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_permalink = sp_build_url($r->forum_slug, '', 1, 0);
$g[$gidx]->forums[$cparent]->subforums[$sidx]->topic_count = $r->topic_count;
$g[$gidx]->forums[$cparent]->subforums[$sidx]->post_count = $r->post_count;
$g[$gidx]->forums[$cparent]->subforums[$sidx]->parent = $r->parent;
$g[$gidx]->forums[$cparent]->subforums[$sidx]->children = $r->children;
$g[$gidx]->forums[$cparent]->subforums[$sidx]->post_id = $r->post_id;
$g[$gidx]->forums[$cparent]->subforums[$sidx]->unread = 0;
# check if we can look at posts in moderation - if not swap for 'held' values
if (!sp_get_auth('moderate_posts', $r->forum_id)) {
$g[$gidx]->forums[$cparent]->subforums[$sidx]->post_count = $r->post_count_held;
$g[$gidx]->forums[$cparent]->subforums[$sidx]->post_id = $r->post_id_held;
}
# See if any forums are in the current users newpost list
if ($spThisUser->member && isset($spThisUser->newposts['forums'])) {
$c = 0;
if ($spThisUser->newposts['forums']) {
foreach ($spThisUser->newposts['forums'] as $fnp) {
if ($fnp == $sidx) {
$c++;
}
}
}
# set the subforum unread count
$g[$gidx]->forums[$cparent]->subforums[$sidx]->unread = $c;
}
# Update top parent counts with subforum counts
$g[$gidx]->forums[$cparent]->topic_count_sub += $g[$gidx]->forums[$cparent]->subforums[$sidx]->topic_count;
$g[$gidx]->forums[$cparent]->post_count_sub += $g[$gidx]->forums[$cparent]->subforums[$sidx]->post_count;
# and what about the most recent post? Is this in a subforum?
if ($g[$gidx]->forums[$cparent]->subforums[$sidx]->post_id > $g[$gidx]->forums[$cparent]->post_id && $g[$gidx]->forums[$cparent]->subforums[$sidx]->post_id > $subPostId) {
# store the alternative forum id in case we need to display the topic data for this one if inc. subs
$g[$gidx]->forums[$cparent]->forum_id_sub = $r->forum_id;
# add the last post in subforum to the list for stats retrieval
$subPostId = $g[$gidx]->forums[$cparent]->subforums[$sidx]->post_id;
$p[$r->forum_id] = $subPostId;
}
} else {
# it's a top level forum
$subPostId = 0;
$fidx = $forumid;
$g[$gidx]->forums[$fidx] = new stdClass();
$g[$gidx]->forums[$fidx]->forum_id = $r->forum_id;
$g[$gidx]->forums[$fidx]->forum_id_sub = 0;
$g[$gidx]->forums[$fidx]->forum_name = sp_filter_title_display($r->forum_name);
$g[$gidx]->forums[$fidx]->forum_slug = $r->forum_slug;
$g[$gidx]->forums[$fidx]->forum_permalink = sp_build_url($r->forum_slug, '', 1, 0);
$g[$gidx]->forums[$fidx]->forum_desc = sp_filter_title_display($r->forum_desc);
$g[$gidx]->forums[$fidx]->forum_status = $r->forum_status;
$g[$gidx]->forums[$fidx]->forum_disabled = $r->forum_disabled;
$g[$gidx]->forums[$fidx]->forum_icon = sanitize_file_name($r->forum_icon);
$g[$gidx]->forums[$fidx]->forum_icon_new = sanitize_file_name($r->forum_icon_new);
$g[$gidx]->forums[$fidx]->forum_icon_locked = sanitize_file_name($r->forum_icon_locked);
$g[$gidx]->forums[$fidx]->forum_rss_private = $r->forum_rss_private;
$g[$gidx]->forums[$fidx]->post_id = $r->post_id;
$g[$gidx]->forums[$fidx]->topic_count = $r->topic_count;
$g[$gidx]->forums[$fidx]->topic_count_sub = $r->topic_count;
$g[$gidx]->forums[$fidx]->post_count = $r->post_count;
$g[$gidx]->forums[$fidx]->post_count_sub = $r->post_count;
$g[$gidx]->forums[$fidx]->parent = $r->parent;
$g[$gidx]->forums[$fidx]->children = $r->children;
$g[$gidx]->forums[$fidx]->unread = 0;
if (empty($g[$gidx]->forums[$fidx]->post_id)) {
$g[$gidx]->forums[$fidx]->post_id = 0;
}
# Can the user create new topics or should we lock the forum?
$g[$gidx]->forums[$fidx]->start_topics = sp_get_auth('start_topics', $r->forum_id);
# check if we can look at posts in moderation - if not swap for 'held' values
if (!sp_get_auth('moderate_posts', $r->forum_id)) {
$g[$gidx]->forums[$fidx]->post_id = $r->post_id_held;
$g[$gidx]->forums[$fidx]->post_count = $r->post_count_held;
$g[$gidx]->forums[$fidx]->post_count_sub = $r->post_count_held;
$thisPostid = $r->post_id_held;
} else {
$thisPostid = $r->post_id;
}
# See if any forums are in the current users newpost list
if ($spThisUser->member && isset($spThisUser->newposts['forums'])) {
$c = 0;
if ($spThisUser->newposts['forums']) {
foreach ($spThisUser->newposts['forums'] as $fnp) {
if ($fnp == $fidx) {
$c++;
}
}
}
$g[$gidx]->forums[$fidx]->unread = $c;
}
if (empty($r->children)) {
$cparent = 0;
} else {
$cparent = $fidx;
$sidx = 0;
}
# Build post id array for collecting stats at the end
if (!empty($thisPostid)) {
$p[$fidx] = $thisPostid;
}
$g[$gidx]->forums[$fidx] = apply_filters('sph_groupview_forum_records', $g[$gidx]->forums[$fidx], $r);
}
# Build special Group level flag on whether to show group RSS button or not (based on any forum in group having RSS access
if (sp_get_auth('view_forum', $r->forum_id) && !$r->forum_rss_private) {
$g[$gidx]->group_rss_active = 1;
}
}
}
}
}
if ($this->includeStats == true) {
# Go grab the forum stats and data
if (!empty($p)) {
$stats = $this->sp_groupview_stats_query($p);
if ($stats) {
foreach ($g as $gr) {
foreach ($gr->forums as $f) {
if (!empty($stats[$f->forum_id])) {
$s = $stats[$f->forum_id];
$f->topic_id = $s->topic_id;
$f->topic_name = sp_filter_title_display($s->topic_name);
$f->topic_slug = $s->topic_slug;
$f->post_id = $s->post_id;
$f->post_permalink = sp_build_url($f->forum_slug, $s->topic_slug, 0, $s->post_id, $s->post_index);
$f->post_date = $s->post_date;
$f->post_status = $s->post_status;
$f->post_index = $s->post_index;
# see if we can display the tooltip
if (sp_can_view($f->forum_id, 'post-content', $spThisUser->ID, $s->user_id, $s->topic_id, $s->post_id)) {
$f->post_tip = $s->post_status ? sp_text('Post awaiting moderation') : sp_filter_tooltip_display($s->post_content, $s->post_status);
} else {
$f->post_tip = '';
}
$f->user_id = $s->user_id;
$f->display_name = sp_filter_name_display($s->display_name);
$f->guest_name = sp_filter_name_display($s->guest_name);
}
# do we need to record a possible subforum substitute topic?
$fsub = $f->forum_id_sub;
if ($fsub != 0 && !empty($stats[$fsub])) {
$s = $stats[$fsub];
$f->topic_id_sub = $s->topic_id;
$f->topic_name_sub = sp_filter_title_display($s->topic_name);
$f->topic_slug_sub = $s->topic_slug;
$f->post_id_sub = $s->post_id;
$f->post_permalink_sub = sp_build_url($f->subforums[$fsub]->forum_slug, $s->topic_slug, 0, $s->post_id, $s->post_index);
$f->post_date_sub = $s->post_date;
$f->post_status_sub = $s->post_status;
$f->post_index_sub = $s->post_index;
# see if we can display the tooltip
if (sp_can_view($fsub, 'post-content', $spThisUser->ID, $s->user_id, $s->topic_id, $s->post_id)) {
$f->post_tip_sub = $s->post_status ? sp_text('Post awaiting moderation') : sp_filter_tooltip_display($s->post_content, $s->post_status);
} else {
$f->post_tip_sub = '';
}
$f->user_id_sub = $s->user_id;
$f->display_name_sub = sp_filter_name_display($s->display_name);
$f->guest_name_sub = sp_filter_name_display($s->guest_name);
}
$f = apply_filters('sph_groupview_stats_records', $f, $s);
}
}
unset($stats);
}
}
}
# Do we need to re-order IDs based on passed in IDs
if ($groupids && $idOrder) {
$n = array();
foreach ($groupids as $gid) {
if (array_key_exists($gid, $g)) {
$n[$gid] = $g[$gid];
}
}
$g = $n;
unset($n);
}
return $g;
}
while (false !== ($file = readdir($dlist))) {
if ($file != "." && $file != "..") {
echo '<img class="spAvatarPool" src="' . esc_url(SFAVATARPOOLURL . '/' . $file) . '" alt="" onclick="spjSelAvatar(\'' . $file . '\', \'' . esc_js("<p class=\\'spCenter\\'>" . sp_text('Avatar selected. Please save pool avatar') . "</p>") . '\'); return jQuery(\'#dialog\').dialog(\'close\');" /> ';
}
}
echo '</p>';
closedir($dlist);
die;
}
if (isset($_GET['poolremove']) && ($spThisUser->ID == $userid || $spThisUser->admin)) {
if (empty($userid)) {
die;
}
$avatar = sp_get_member_item($userid, 'avatar');
$avatar['pool'] = '';
sp_update_member_item($userid, 'avatar', $avatar);
echo '<strong>' . sp_text('No pool avatar currently selected') . '</strong>';
$ahahURL = SFHOMEURL . 'index.php?sp_ahah=profile&sfnonce=' . wp_create_nonce('forum-ahah') . "&action=update-display-avatar&user={$userid}";
?>
<script type="text/javascript">
jQuery(document).ready(function() {
jQuery('#spProfileDisplayAvatar').load('<?php
echo $ahahURL;
?>
');
})
</script>
<?php
die;
}
die;
function sp_forumview_build_subforums($forumid, $f, $fidx, $subs)
{
global $spThisUser;
ksort($subs);
foreach ($subs as $sub) {
if (sp_can_view($sub->forum_id, 'topic-title')) {
$f[$fidx]->subforums[$sub->forum_id] = new stdClass();
$f[$fidx]->subforums[$sub->forum_id]->top_parent = $fidx;
$f[$fidx]->subforums[$sub->forum_id]->top_sub_parent = $sub->topSubParent;
$f[$fidx]->subforums[$sub->forum_id]->forum_id = $sub->forum_id;
$f[$fidx]->subforums[$sub->forum_id]->forum_id_sub = 0;
$f[$fidx]->subforums[$sub->forum_id]->forum_name = sp_filter_title_display($sub->forum_name);
$f[$fidx]->subforums[$sub->forum_id]->forum_permalink = sp_build_url($sub->forum_slug, '', 1, 0);
$f[$fidx]->subforums[$sub->forum_id]->forum_slug = $sub->forum_slug;
$f[$fidx]->subforums[$sub->forum_id]->forum_desc = sp_filter_title_display($sub->forum_desc);
$f[$fidx]->subforums[$sub->forum_id]->forum_status = $sub->forum_status;
$f[$fidx]->subforums[$sub->forum_id]->forum_disabled = $sub->forum_disabled;
$f[$fidx]->subforums[$sub->forum_id]->forum_icon = sanitize_file_name($sub->forum_icon);
$f[$fidx]->subforums[$sub->forum_id]->forum_icon_new = sanitize_file_name($sub->forum_icon_new);
$f[$fidx]->subforums[$sub->forum_id]->topic_icon = sanitize_file_name($sub->topic_icon);
$f[$fidx]->subforums[$sub->forum_id]->topic_icon_new = sanitize_file_name($sub->topic_icon_new);
$f[$fidx]->subforums[$sub->forum_id]->topic_icon_locked = sanitize_file_name($sub->topic_icon_locked);
$f[$fidx]->subforums[$sub->forum_id]->topic_icon_pinned = sanitize_file_name($sub->topic_icon_pinned);
$f[$fidx]->subforums[$sub->forum_id]->forum_rss_private = $sub->forum_rss_private;
$f[$fidx]->subforums[$sub->forum_id]->post_id = $sub->post_id;
$f[$fidx]->subforums[$sub->forum_id]->post_id_held = $sub->post_id_held;
$f[$fidx]->subforums[$sub->forum_id]->topic_count = $sub->topic_count;
$f[$fidx]->subforums[$sub->forum_id]->topic_count_sub = $sub->topic_count;
$f[$fidx]->subforums[$sub->forum_id]->post_count = $sub->post_count;
$f[$fidx]->subforums[$sub->forum_id]->post_count_sub = $sub->post_count;
$f[$fidx]->subforums[$sub->forum_id]->post_count_held = $sub->post_count_held;
$f[$fidx]->subforums[$sub->forum_id]->parent = $sub->parent;
$f[$fidx]->subforums[$sub->forum_id]->children = $sub->children;
$f[$fidx]->subforums[$sub->forum_id]->unread = 0;
# Can the user create new topics or should we lock the forum?
$f[$fidx]->subforums[$sub->forum_id]->start_topics = sp_get_auth('start_topics', $sub->forum_id);
# See if any forums are in the current users newpost list
if ($spThisUser->member) {
$c = 0;
if ($spThisUser->newposts && $spThisUser->newposts['forums']) {
foreach ($spThisUser->newposts['forums'] as $fnp) {
if ($fnp == $sub->forum_id) {
$c++;
}
}
}
$f[$fidx]->subforums[$sub->forum_id]->unread = $c;
}
# check if we can look at posts in moderation - if not swap for 'held' values
if (!sp_get_auth('moderate_posts', $sub->forum_id)) {
$f[$fidx]->subforums[$sub->forum_id]->post_id = $sub->post_id_held;
$f[$fidx]->subforums[$sub->forum_id]->post_count = $sub->post_count_held;
$f[$fidx]->subforums[$sub->forum_id]->post_count_sub = $sub->post_count_held;
$thisPostid = $sub->post_id_held;
} else {
$thisPostid = $sub->post_id;
}
# Build post id array for collecting stats at the end
if (!empty($thisPostid)) {
$p[$sub->forum_id] = $thisPostid;
}
# if this subforum has a parent that is differemt to the main forum being dislayed in the view
# then it has to be a nested subforum so do we need to merge the numbers?
if ($sub->parent != $forumid) {
$f[$fidx]->subforums[$sub->parent]->topic_count_sub += $f[$fidx]->subforums[$sub->forum_id]->topic_count;
$f[$fidx]->subforums[$sub->parent]->post_count_sub += $f[$fidx]->subforums[$sub->forum_id]->post_count;
# and what about the most recent post? Is this in a nested subforum?
if ($f[$fidx]->subforums[$sub->forum_id]->post_id > $f[$fidx]->subforums[$sub->parent]->post_id) {
# store the alternative forum id in case we need to display the topic data for this one if inc. subs
$f[$fidx]->subforums[$sub->parent]->forum_id_sub = $sub->forum_id;
}
}
}
}
# Go grab the sub forum stats and data
if (!empty($p)) {
$stats = $this->sp_subforumview_stats_query($p);
if ($stats) {
$s = '';
foreach ($subs as $sub) {
if (!empty($stats[$sub->forum_id])) {
$s = $stats[$sub->forum_id];
$f[$fidx]->subforums[$sub->forum_id]->topic_id = $s->topic_id;
$f[$fidx]->subforums[$sub->forum_id]->topic_name = sp_filter_title_display($s->topic_name);
$f[$fidx]->subforums[$sub->forum_id]->topic_slug = $s->topic_slug;
$f[$fidx]->subforums[$sub->forum_id]->post_id = $s->post_id;
$f[$fidx]->subforums[$sub->forum_id]->post_permalink = sp_build_url($f[$fidx]->subforums[$sub->forum_id]->forum_slug, $s->topic_slug, 0, $s->post_id, $s->post_index);
$f[$fidx]->subforums[$sub->forum_id]->post_date = $s->post_date;
$f[$fidx]->subforums[$sub->forum_id]->post_status = $s->post_status;
$f[$fidx]->subforums[$sub->forum_id]->post_index = $s->post_index;
# see if we can display the tooltip
if (sp_can_view($sub->forum_id, 'post-content', $spThisUser->ID, $s->user_id, $s->topic_id, $s->post_id)) {
$f[$fidx]->subforums[$sub->forum_id]->post_tip = $s->post_status ? sp_text('Post awaiting moderation') : sp_filter_tooltip_display($s->post_content, $s->post_status);
} else {
$f[$fidx]->subforums[$sub->forum_id]->post_tip = '';
}
$f[$fidx]->subforums[$sub->forum_id]->user_id = $s->user_id;
$f[$fidx]->subforums[$sub->forum_id]->display_name = sp_filter_name_display($s->display_name);
$f[$fidx]->subforums[$sub->forum_id]->guest_name = sp_filter_name_display($s->guest_name);
}
# do we need to record a possible subforum substitute topic?
$fsub = isset($f[$fidx]->subforums[$sub->forum_id]->forum_id_sub) ? $f[$fidx]->subforums[$sub->forum_id]->forum_id_sub : 0;
if ($fsub != 0 && !empty($stats[$fsub])) {
$s = $stats[$fsub];
$f[$fidx]->subforums[$sub->forum_id]->topic_id_sub = $s->topic_id;
$f[$fidx]->subforums[$sub->forum_id]->topic_name_sub = sp_filter_title_display($s->topic_name);
$f[$fidx]->subforums[$sub->forum_id]->topic_slug_sub = $s->topic_slug;
$f[$fidx]->subforums[$sub->forum_id]->post_id_sub = $s->post_id;
$f[$fidx]->subforums[$sub->forum_id]->post_permalink_sub = sp_build_url($f[$fidx]->subforums[$fsub]->forum_slug, $s->topic_slug, 0, $s->post_id, $s->post_index);
$f[$fidx]->subforums[$sub->forum_id]->post_date_sub = $s->post_date;
$f[$fidx]->subforums[$sub->forum_id]->post_status_sub = $s->post_status;
$f[$fidx]->subforums[$sub->forum_id]->post_index_sub = $s->post_index;
# see if we can display the tooltip
if (sp_can_view($fsub, 'post-content', $spThisUser->ID, $s->user_id, $s->topic_id, $s->post_id)) {
$f[$fidx]->subforums[$sub->forum_id]->post_tip_sub = $s->post_status ? sp_text('Post awaiting moderation') : sp_filter_tooltip_display($s->post_content, $s->post_status);
} else {
$f[$fidx]->subforums[$sub->forum_id]->post_tip_sub = '';
}
$f[$fidx]->subforums[$sub->forum_id]->user_id_sub = $s->user_id;
$f[$fidx]->subforums[$sub->forum_id]->display_name_sub = sp_filter_name_display($s->display_name);
$f[$fidx]->subforums[$sub->forum_id]->guest_name_sub = sp_filter_name_display($s->guest_name);
}
# allow plugins to add more data to combined subforum/post data structure
$f[$fidx]->subforums[$sub->forum_id] = apply_filters('sph_forumview_subforum_records', $f[$fidx]->subforums[$sub->forum_id], $s);
}
}
unset($subs);
unset($stats);
}
return $f;
}
function spdb_show_result($sql, $inspect)
{
spdebug_styles(true);
echo '<div class="spdebug">';
echo sp_text('Inspect Query') . ': <strong>' . $inspect . '</strong><br><hr>';
echo '<pre><code>';
$k = array("\t", "\n", 'SELECT ', ' DISTINCT ', 'FROM ', 'LEFT JOIN ', 'RIGHT JOIN ', ' JOIN ', 'WHERE ', 'ORDER BY ', 'LIMIT ', ' ON ', ' IN ', ' DESC ', ' ASC ', ' DESC, ', ' ASC, ', ' AS ', ' OR ', ' AND ', ' LIKE ');
$r = array('', '', "\n<b>SELECT</b> ", ' <b>DISTINCT</b> ', "\n<b>FROM</b> ", "\n<b>LEFT JOIN</b> ", "\n<b>RIGHT JOIN</b> ", " \n<b>JOIN</b> ", "\n<b>WHERE</b> ", "\n<b>ORDER BY</b> ", "\n<b>LIMIT</b> ", ' <b>ON</b> ', ' <b>IN</b> ', ' <b>DESC</b> ', ' <b>ASC</b> ', ' <b>DESC</b>, ', ' <b>ASC</b>, ', ' <b>AS</b> ', ' <b>OR</b> ', ' <b>AND</b> ', ' <b>LIKE</b> ');
$sql = str_replace($k, $r, $sql);
echo $sql;
echo '</code></pre>';
echo '</div>';
}
$tout = '';
$tout .= '<div class="spColumnSection spProfileLeftCol">';
$tout .= '<p class="spProfileLabel">' . sp_text('Your Timezone') . ': </p>';
$tout .= '</div>';
$tout .= '<div class="spColumnSection spProfileSpacerCol"></div>';
$tout .= '<div class="spColumnSection spProfileRightCol">';
$tout .= '<p class="spProfileLabel">' . $spProfileUser->timezone_string . '</p>';
$tout .= '<p><small>' . sp_text('Local Time') . ': ' . sp_date('d', date(SFDATES)) . ' ' . sp_date('t', date(SFTIMES)) . '</small></p>';
$tout .= '<p><small>' . sp_text('Change your timezone on options - display') . '</small></p>';
$tout .= '</div>';
$out .= apply_filters('sph_ProfileUserTimezone', $tout, $userid, $thisSlug);
$out = apply_filters('sph_ProfileOverviewFormBottom', $out, $userid);
$out = apply_filters('sph_ProfileFormBottom', $out, $userid, $thisSlug);
$tout = '';
$tout .= '<div class="spColumnSection spProfileLeftCol"></div>';
$tout .= '<div class="spColumnSection spProfileSpacerCol"></div>';
$tout .= '<div class="spColumnSection spProfileRightCol">';
$tout .= '<form action="' . SFHOMEURL . 'index.php?sp_ahah=search&sfnonce=' . wp_create_nonce('forum-ahah') . '" method="post" id="searchposts" name="searchposts">';
$tout .= '<input type="hidden" class="sfhiddeninput" name="searchoption" id="searchoption" value="2" />';
$tout .= '<input type="hidden" class="sfhiddeninput" name="userid" id="userid" value="' . $userid . '" />';
$tout .= '<div class="spProfileFormSubmit">';
$tout .= '<input type="submit" class="spSubmit" name="membersearch" value="' . sp_text('List Topics You Have Posted To') . '" />';
$tout .= '<input type="submit" class="spSubmit" name="memberstarted" value="' . sp_text('List Topics You Started') . '" />';
$tout .= '</div>';
$tout .= '</form>';
$tout .= '</div>';
$out .= apply_filters('sph_ProfileUserTopicsPosted', $tout, $userid, $thisSlug);
$out .= "</div>\n";
$out = apply_filters('sph_ProfileOverviewForm', $out, $userid);
$out .= sp_InsertBreak('echo=0');
echo $out;
function sp_PostForumToolButton($args = '', $label = '', $toolTip = '')
{
global $spThisTopic, $spThisPost, $spThisPostUser, $spThisUser, $spGuestCookie, $spGlobals;
if ($spGlobals['lockdown'] == true && $spThisUser->admin == false) {
return;
}
$show = false;
if ($spThisUser->admin || $spThisUser->moderator) {
$show = true;
} else {
$edit_days = sp_get_option('editpostdays');
$post_date = strtotime(sp_date('d', $spThisPost->post_date));
$date_diff = floor((time() - $post_date) / (60 * 60 * 24));
if (sp_get_auth('view_email', $spThisTopic->forum_id) || sp_get_auth('pin_posts', $spThisTopic->forum_id) || sp_get_auth('edit_any_post', $spThisTopic->forum_id) || sp_get_auth('edit_own_posts_forever', $spThisTopic->forum_id) && $spThisUser->member && $spThisPostUser->ID == $spThisUser->ID || sp_get_auth('edit_own_posts_forever', $spThisTopic->forum_id) && $spThisUser->guest && $spThisPost->guest_email == $spGuestCookie->guest_email || sp_get_auth('edit_own_posts_reply', $spThisTopic->forum_id) && $spThisUser->member && $spThisPostUser->ID == $spThisUser->ID && $spThisPost->last_post || sp_get_auth('edit_own_posts_reply', $spThisTopic->forum_id) && $spThisUser->guest && $spThisPost->guest_email == $spGuestCookie->guest_email && $spThisPost->last_post || sp_get_auth('edit_own_posts_for_time', $spThisTopic->forum_id) && $spThisUser->member && $spThisPostUser->ID == $spThisUser->ID && $date_diff <= $edit_days || sp_get_auth('move_posts', $spThisTopic->forum_id) || sp_get_auth('reassign_posts', $spThisTopic->forum_id) || sp_get_auth('delete_any_post', $spThisTopic->forum_id) || sp_get_auth('delete_own_posts', $spThisTopic->forum_id) && $spThisPostUser->user_id == $spThisUser->ID || sp_get_auth('moderate_posts', $spThisTopic->forum_id) && $spThisPost->post_status != 0) {
$show = true;
}
}
$show = apply_filters('sph_forum_tools_topic_show', $show);
if (!$show) {
return;
}
$defs = array('tagId' => 'spForumToolButton%ID%', 'tagClass' => 'spToolsButton', 'icon' => 'sp_ForumTools.png', 'iconClass' => 'spIcon', 'hide' => 1, 'containerClass' => 'spTopicPostSection');
$a = wp_parse_args($args, $defs);
$a = apply_filters('sph_PostForumToolButton_args', $a);
extract($a, EXTR_SKIP);
# sanitize before use
$tagId = esc_attr($tagId);
$tagClass = esc_attr($tagClass);
$icon = sanitize_file_name($icon);
$iconClass = esc_attr($iconClass);
$containerClass = esc_attr($containerClass);
$hide = (int) $hide;
$toolTip = esc_attr($toolTip);
$label = sp_filter_title_display($label);
$tagId = str_ireplace('%ID%', $spThisPost->post_id, $tagId);
$addStyle = '';
if ($hide) {
$addStyle = " style='display: none;' ";
}
$last = $spThisPost->last_post ? 1 : 0;
$site = SFHOMEURL . 'index.php?sp_ahah=admintoollinks&sfnonce=' . wp_create_nonce('forum-ahah') . "&action=posttools&post={$spThisPost->post_id}&page={$spThisTopic->display_page}&postnum={$spThisPost->post_index}&name=" . urlencode($spThisPostUser->display_name) . "&forum={$spThisTopic->forum_id}&last={$last}";
$out = "<a class='{$tagClass}' id='{$tagId}' title='{$toolTip}' rel='nofollow' href='javascript:void(null)' {$addStyle} ";
$title = esc_js(sp_text('Forum Tools'));
$out .= "onclick='spjDialogAjax(this, \"" . $site . "\", \"" . $title . "\", 350, 0, 0);' >";
if (!empty($icon)) {
$out .= sp_paint_icon($iconClass, SPTHEMEICONSURL, $icon);
}
if (!empty($label)) {
$out .= $label;
}
$out .= "</a>\n";
$out = apply_filters('sph_PostForumToolButton', $out, $a);
echo $out;
# Add script to hover admin buttons - just once
if ($spThisTopic->tools_flag && $hide) {
?>
<script type='text/javascript'>
/* <![CDATA[ */
var sptb = {
toolclass : '.<?php
echo $containerClass;
?>
'
};
/* ]]> */
</script>
<?php
add_action('wp_footer', 'spjs_AddPostToolsHover');
$spThisTopic->tools_flag = false;
}
}
/*
Simple:Press
general ahah routines
$LastChangedDate: 2015-08-12 07:21:39 -0700 (Wed, 12 Aug 2015) $
$Rev: 13286 $
*/
if (preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) {
die('Access denied - you cannot directly call this file');
}
sp_forum_api_support();
# get out of here if no action specified
if (empty($_GET['action'])) {
die;
}
$action = sp_esc_str($_GET['action']);
if ($action == 'page-popup') {
sp_text('Jump to page:');
$permalink = trailingslashit(sp_esc_str($_GET['url']));
$max = sp_esc_str($_GET['max']);
$out = '<div id="spMainContainer">';
$out .= '<form action="' . sp_url() . '" method="post" id ="pagejump" name="pagejump">' . "\n";
$out .= '<input type="hidden" id="url" name="url" value="' . $permalink . '" />' . "\n";
$out .= '<input type="hidden" id="max" name="max" value="' . $max . '" />' . "\n";
$out .= '<label>' . sp_text('Enter page you want to go to:') . '</label>';
$out .= '<input class="spSubmit" type="text" id="page" name="page" value="" />' . "\n";
$out .= '<div style="text-align:center"><p><input type="submit" class="spButton" name="pagejump" value="' . sp_text('Go') . '" onclick="spjPageJump(); return false;" /></p></div>';
$out .= '</form></div>' . "\n";
echo apply_filters('sph_jump_page', $out);
}
die;
function sp_notify_user()
{
global $spThisUser;
$thisPost = sp_esc_int($_GET['pid']);
if (empty($thisPost)) {
die;
}
if (!$spThisUser->admin && !$spThisUser->moderator) {
if (!is_user_logged_in()) {
sp_etext('Access denied - are you logged in?');
} else {
sp_etext('Access denied - you do not have permission');
}
die;
}
$site = SFHOMEURL . 'index.php?sp_ahah=admintools&sfnonce=' . wp_create_nonce('forum-ahah') . '&action=notify-search&rand=' . rand();
?>
<script type="text/javascript">
jQuery(document).ready(function() {
jQuery('#sp_notify_user').autocomplete({
source : '<?php
echo $site;
?>
',
disabled : false,
delay : 200,
minLength: 1,
});
});
</script>
<div id="spMainContainer" class="spForumToolsPopup">
<div class="spForumToolsHeader">
<div class="spForumToolsHeaderTitle"><?php
echo sp_text('Notify user of this post');
?>
</div>
</div>
<form action="<?php
echo sp_permalink_from_postid($thisPost);
?>
" method="post" name="notifyuserform">
<div class="spCenter">
<input type="hidden" name="postid" value="<?php
echo $thisPost;
?>
" />
<label class='spLabel' for='sp_notify_user'><?php
sp_etext('User to notify');
?>
: </label>
<input type='text' id='sp_notify_user' class='spControl' name='sp_notify_user' />
<p class="spLabelSmall"><?php
sp_etext("Start typing a member's name above and it will auto-complete");
?>
</p>
<label class='spLabel' for='sp_notify_user'><?php
sp_etext('Message');
?>
: </label>
<input type='text' id='message' class='spControl' name='message' />
<input type="submit" class="spSubmit" name="notifyuser" value="<?php
sp_etext('Notify');
?>
" />
<input type="button" class="spSubmit" name="cancel" value="<?php
sp_etext('Cancel');
?>
" onclick="jQuery('#dialog').dialog('close');" />
</div>
</form>
</div>
<?php
}
function sp_postlistview_query($where, $order, $count, $view, $type)
{
global $spGlobals, $spThisUser;
# If no WHERE clause then return empty
if (empty($where)) {
return;
}
# build list of forums user can view
$fids = sp_user_visible_forums($view);
if (!empty($fids)) {
$fids = implode(',', $fids);
$where .= ' AND ' . SFPOSTS . ".forum_id IN ({$fids})";
}
# Check order
if (empty($order)) {
$order = SFPOSTS . '.post_id DESC';
}
$spdb = new spdbComplex();
$spdb->table = SFPOSTS;
$spdb->fields = SFPOSTS . '.post_id, post_content, ' . spdb_zone_datetime('post_date') . ', ' . SFPOSTS . '.topic_id, ' . SFPOSTS . '.forum_id,
' . SFPOSTS . '.user_id, guest_name, post_status, post_index, forum_name, forum_slug, forum_disabled, ' . SFFORUMS . '.group_id, group_name,
topic_name, topic_slug, ' . SFTOPICS . '.post_count, topic_opened, display_name';
$spdb->join = array(SFFORUMS . ' ON ' . SFFORUMS . '.forum_id = ' . SFPOSTS . '.forum_id', SFGROUPS . ' ON ' . SFGROUPS . '.group_id = ' . SFFORUMS . '.group_id', SFTOPICS . ' ON ' . SFTOPICS . '.topic_id = ' . SFPOSTS . '.topic_id');
$spdb->left_join = array(SFMEMBERS . ' ON ' . SFMEMBERS . '.user_id = ' . SFPOSTS . '.user_id');
$spdb->where = $where;
$spdb->orderby = $order;
if ($count) {
$spdb->limits = $count;
}
$spdb = apply_filters('sph_post_list_query', $spdb, $this, $type);
if (!empty($spThisUser->inspect['q_spPostListView'])) {
$spdb->inspect = 'spPostListView';
$spdb->show = true;
}
$records = $spdb->select();
# Now check authorisations and clean up the object
$list = array();
# Some values we need
# How many topics to a page?
$ppaged = $spGlobals['display']['posts']['perpage'];
if (empty($ppaged) || $ppaged == 0) {
$ppaged = 20;
}
# establish topic sort order
$porder = 'ASC';
# default
if ($spGlobals['display']['posts']['sortdesc']) {
$porder = 'DESC';
}
# global override
if ($records) {
$listPos = 1;
foreach ($records as $r) {
if (sp_can_view($r->forum_id, 'forum-title')) {
if ($r->post_status == 0 || sp_get_auth('moderate_posts', $r->forum_id)) {
$p = $r->post_id;
$list[$p] = $r;
# Now apply any necessary filters and data changes
$list[$p]->post_content = sp_filter_content_display($r->post_content);
$list[$p]->post_content_raw = $r->post_content;
$list[$p]->forum_name = sp_filter_title_display($r->forum_name);
$list[$p]->forum_disabled = $r->forum_disabled;
$list[$p]->forum_permalink = sp_build_url($r->forum_slug, '', 1, 0);
$list[$p]->topic_permalink = sp_build_url($r->forum_slug, $r->topic_slug, 1, 0);
$list[$p]->topic_name = sp_filter_title_display($r->topic_name);
$list[$p]->topic_opened = $r->topic_opened;
$list[$p]->group_name = sp_filter_title_display($r->group_name);
if (sp_can_view($r->forum_id, 'post-content', $spThisUser->ID, $r->user_id, $r->topic_id, $r->post_id)) {
$list[$p]->post_tip = $r->post_status ? sp_text('Post awaiting moderation') : sp_filter_tooltip_display($r->post_content, $r->post_status);
} else {
$list[$p]->post_tip = '';
}
# Ensure display name is populated
if (empty($r->display_name)) {
$list[$p]->display_name = $list[$p]->guest_name;
}
$list[$p]->display_name = sp_filter_name_display($list[$p]->display_name);
# determine the page for the post permalink
if ($porder == 'ASC') {
$page = $r->post_index / $ppaged;
if (!is_int($page)) {
$page = intval($page + 1);
}
} else {
$page = $r->post_count - $r->post_index;
$page = $page / $ppaged;
$page = intval($page + 1);
}
$list[$p]->post_permalink = sp_build_url($r->forum_slug, $r->topic_slug, $page, $r->post_id, $r->post_index);
$list[$p]->list_position = $listPos;
$list[$p] = apply_filters('sph_post_list_record', $list[$p], $r, $type);
}
}
$listPos++;
}
}
return $list;
}
function sp_build_forum_index($forumid, $returnmsg = false)
{
if (!$forumid) {
return '';
}
# get the topic count for this forum
$topiccount = spdb_count(SFTOPICS, "forum_id={$forumid}");
# get the post count and post count held
$postcount = spdb_sum(SFTOPICS, 'post_count', "forum_id={$forumid}");
$postcountheld = spdb_sum(SFTOPICS, 'post_count_held', "forum_id={$forumid}");
# get the last post id and last post held id that appeared in a topic within this forum
$postid = spdb_table(SFPOSTS, "forum_id={$forumid}", 'post_id', 'post_id DESC', '1');
$postidheld = spdb_table(SFPOSTS, "forum_id={$forumid} AND post_status=0", 'post_id', 'post_id DESC', '1');
if (!$topiccount) {
$topiccount = 0;
}
if (!$postcount) {
$postcount = 0;
}
if (!isset($postid)) {
$postid = 'NULL';
}
if (!$postcountheld) {
$postcountheld = 0;
}
if (!isset($postidheld)) {
$postidheld = 'NULL';
}
# update forum record
spdb_query('UPDATE ' . SFFORUMS . " SET\n\t\t\t\tpost_id={$postid},\n\t\t\t\tpost_id_held={$postidheld},\n\t\t\t\tpost_count={$postcount},\n\t\t\t\tpost_count_held={$postcountheld},\n\t\t\t\ttopic_count={$topiccount}\n\t\t\t\tWHERE forum_id={$forumid}");
if ($returnmsg) {
sp_notify(SPSUCCESS, sp_text('Verification complete'));
}
}
function sp_render_forum($content)
{
global $spIsForum, $spContentLoaded, $spVars, $spGlobals, $spThisUser, $spStatus;
# make sure we are at least in the html body before outputting any content
if (!sp_get_option('sfwpheadbypass') && !did_action('wp_head')) {
return '';
}
if ($spIsForum && !post_password_required(get_post(sp_get_option('sfpage')))) {
# Limit forum display to within the wp loop?
if (sp_get_option('sfinloop') && !in_the_loop()) {
return $content;
}
# Has forum content already been loaded and are we limiting?
if (!sp_get_option('sfmultiplecontent') && $spContentLoaded) {
return $content;
}
$spContentLoaded = true;
sp_set_server_timezone();
# offer a way for forum display to be short circuited but always show for admins unless an upgrade
$message = sp_abort_display_forum();
$content .= $message;
if (!empty($message) && (!$spThisUser->admin || $spStatus != 'ok')) {
return $content;
}
# process query arg actions
# check for edit operation. Need tp check for '_x' in case using mobile as buttin is an image
if (isset($_POST['editpost']) || isset($_POST['editpost_x'])) {
sp_save_edited_post();
}
if (isset($_POST['edittopic'])) {
sp_save_edited_topic();
}
if (isset($_POST['ordertopicpins'])) {
sp_promote_pinned_topic();
}
if (isset($_POST['makepostreassign'])) {
sp_reassign_post();
}
if (isset($_POST['approvepost'])) {
sp_approve_post(false, sp_esc_int($_POST['approvepost']), $spVars['topicid']);
}
if (isset($_POST['unapprovepost'])) {
sp_unapprove_post(sp_esc_int($_POST['unapprovepost']));
}
if (isset($_POST['doqueue'])) {
sp_remove_waiting_queue();
}
if (isset($_POST['notifyuser'])) {
sp_post_notification(sp_esc_str($_POST['sp_notify_user']), sp_esc_str($_POST['message']), sp_esc_int($_POST['postid']));
}
# move a topic and redirect to that topic
if (isset($_POST['maketopicmove'])) {
if (empty($_POST['forumid'])) {
sp_notify(1, sp_text('Destination forum not selected'));
return;
}
sp_move_topic();
$forumslug = spdb_table(SFFORUMS, 'forum_id=' . sp_esc_int(sp_esc_int($_POST['forumid'])), 'forum_slug');
$topicslug = spdb_table(SFTOPICS, 'topic_id=' . sp_esc_int(sp_esc_int($_POST['currenttopicid'])), 'topic_slug');
$returnURL = sp_build_url($forumslug, $topicslug, 0);
sp_redirect($returnURL);
}
# move a post and redirect to the post
if (isset($_POST['makepostmove1']) || isset($_POST['makepostmove2']) || isset($_POST['makepostmove3'])) {
sp_move_post();
if (isset($_POST['makepostmove1'])) {
$returnURL = sp_permalink_from_postid(sp_esc_int($_POST['postid']));
sp_redirect($returnURL);
}
}
# cancel a post move
if (isset($_POST['cancelpostmove'])) {
$meta = sp_get_sfmeta('post_move', 'post_move');
if ($meta) {
$id = $meta[0]['meta_id'];
sp_delete_sfmeta($id);
unset($spGlobals['post_move']);
}
}
# rebuild the forum and post indexes
if (isset($_POST['rebuildforum']) || isset($_POST['rebuildtopic'])) {
sp_build_post_index(sp_esc_int($_POST['topicid']), true);
sp_build_forum_index(sp_esc_int($_POST['forumid']), false);
}
# Set display mode if topic view (for editing posts)
if ($spVars['pageview'] == 'topic' && isset($_POST['postedit'])) {
$spVars['displaymode'] = 'edit';
$spVars['postedit'] = $_POST['postedit'];
} else {
$spVars['displaymode'] = 'posts';
}
# clean cache of timed our records
sp_clean_cache();
#--Scratch Pad Area---Please Leave Here---------
#--End Scratch Pad Area-------------------------
# let other plugins check for posted actions
do_action('sph_setup_forum');
# do we use output buffering?
$ob = sp_get_option('sfuseob');
if ($ob) {
ob_start();
}
# set up some stuff before wp page content
$content .= sp_display_banner();
$content = apply_filters('sph_before_wp_page_content', $content);
# run any other wp filters on page content but exclude ours
if (!$ob) {
remove_filter('the_content', 'sp_render_forum', 1);
$content = apply_filters('the_content', $content);
$content = wpautop($content);
add_filter('the_content', 'sp_render_forum', 1);
}
# set up some stuff after wp page content
$content = apply_filters('sph_after_wp_page_content', $content);
$content .= '<div id="dialogcontainer" style="display:none;"></div>';
$content .= sp_js_check();
# echo any wp page content
echo $content;
# now add our content
do_action('sph_before_template_processing');
sp_process_template();
do_action('sph_after_template_processing');
# Return if using output buffering
if ($ob) {
$forum = ob_get_contents();
ob_end_clean();
return $forum;
}
}
# not returning any content since we output it already unless password needed
if (post_password_required(get_post(sp_get_option('sfpage')))) {
return $content;
}
}
$out .= '<div class="spColumnSection">';
$out .= '<div class="spHeaderName">' . $userGroup['usergroup_name'] . '</div>';
$out .= '<div class="spHeaderDescription">' . $userGroup['usergroup_desc'] . '</div>';
$out .= '</div>';
$out .= '<div class="spColumnSection spProfileMembershipsJoin">';
$out .= '<div class="spInRowLabel">';
$out .= '<label for="sfusergroup_join_' . $userGroup['usergroup_id'] . '">' . sp_text('Join Usergroup') . '</label>';
$out .= '<input type="checkbox" name="usergroup_join[]" id="sfusergroup_join_' . $userGroup['usergroup_id'] . '" value="' . $userGroup['usergroup_id'] . '" />';
$out .= '</div>';
$out .= '</div>';
$out .= '<div class="spClear"></div>';
$out .= '</div>';
$alt = $alt == 'spOdd' ? 'spEven' : 'spOdd';
}
}
if (!$first) {
$out .= '</div>';
}
}
$out .= '</div>';
# any changes allowed?
if ($submit) {
$out .= '<div class="spProfileFormSubmit">';
$out .= '<input type="submit" class="spSubmit" name="formsubmit" value="' . sp_text('Update Memberships') . '" />';
$out .= '</div>';
}
$out = apply_filters('sph_ProfileUsergroupsMembershipsFormBottom', $out, $userid);
$out = apply_filters('sph_ProfileFormBottom', $out, $userid, $thisSlug);
$out .= '</form>';
$out = apply_filters('sph_ProfileUsergroupsMemberships', $out, $userid);
echo $out;
function sp_UpdateProfile()
{
global $spGlobals, $spThisUser;
# make sure nonce is there
check_admin_referer('forum-profile', 'forum-profile');
$message = array();
# dont update forum if its locked down
if ($spGlobals['lockdown']) {
$message['type'] = 'error';
$message['text'] = sp_text('This forum is currently locked - access is read only - profile not updated');
return $message;
}
# do we have a form to update?
if (isset($_GET['form'])) {
$thisForm = sp_esc_str($_GET['form']);
} else {
$message['type'] = 'error';
$message['text'] = sp_text('Profile update aborted - no valid form');
return $message;
}
# do we have an actual user to update?
if (isset($_GET['userid'])) {
$thisUser = sp_esc_int($_GET['userid']);
} else {
$message['type'] = 'error';
$message['text'] = sp_text('Profile update aborted - no valid user');
return $message;
}
# Check the user ID for current user of admin edit
if ($thisUser != $spThisUser->ID && !$spThisUser->admin) {
$message['type'] = 'error';
$message['text'] = sp_text('Profile update aborted - no valid user');
return $message;
}
if (isset($spThisUser->sp_change_pw) && $spThisUser->sp_change_pw) {
$pass1 = $pass2 = '';
if (isset($_POST['pass1'])) {
$pass1 = $_POST['pass1'];
}
if (isset($_POST['pass2'])) {
$pass2 = $_POST['pass2'];
}
if (empty($pass1) || empty($pass2) || $pass1 != $pass2) {
$message['type'] = 'error';
$message['text'] = sp_text('Cannot save profile until password has been changed');
return $message;
}
}
# form save filter
$thisForm = apply_filters('sph_profile_save_thisForm', $thisForm);
# valid save attempt, so lets process the save
switch ($thisForm) {
case 'show-memberships':
# update memberships
# any usergroup removals?
if (isset($_POST['usergroup_leave'])) {
foreach ($_POST['usergroup_leave'] as $membership) {
sp_remove_membership(sp_esc_str($membership), $thisUser);
}
}
# any usergroup joins?
if (isset($_POST['usergroup_join'])) {
foreach ($_POST['usergroup_join'] as $membership) {
sp_add_membership(sp_esc_int($membership), $thisUser);
}
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfileMemberships', $message, $thisUser);
# output update message
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Memberships updated');
}
break;
case 'account-settings':
# update account settings
# check for password update
$pass1 = $pass2 = '';
if (isset($_POST['pass1'])) {
$pass1 = $_POST['pass1'];
}
if (isset($_POST['pass2'])) {
$pass2 = $_POST['pass2'];
}
if (!empty($pass1) || !empty($pass2)) {
if ($pass1 != $pass2) {
$message['type'] = 'error';
$message['text'] = sp_text('Please enter the same password in the two password fields');
return $message;
} else {
# update the password
$user = new stdClass();
$user->ID = (int) $thisUser;
$user->user_pass = $pass1;
wp_update_user(get_object_vars($user));
if (isset($spThisUser->sp_change_pw) && $spThisUser->sp_change_pw) {
delete_user_meta($spThisUser->ID, 'sp_change_pw');
}
}
}
# now check the email is valid and unique
$update = apply_filters('sph_ProfileUserEmailUpdate', true);
if ($update) {
$curEmail = sp_filter_email_save($_POST['curemail']);
$email = sp_filter_email_save($_POST['email']);
if ($email != $curEmail) {
if (empty($email)) {
$message['type'] = 'error';
$message['text'] = sp_text('Please enter a valid email address');
return $message;
} elseif (($owner_id = email_exists($email)) && $owner_id != $thisUser) {
$message['type'] = 'error';
$message['text'] = sp_text('The email address is already registered. Please choose another one');
return $message;
}
# save new email address
$sql = 'UPDATE ' . SFUSERS . " SET user_email='{$email}' WHERE ID=" . $thisUser;
spdb_query($sql);
}
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfileSettings', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Account settings updated');
}
break;
case 'edit-profile':
# update profile settings
# validate any username change
$update = apply_filters('sph_ProfileUserDisplayNameUpdate', true);
if ($update) {
$spProfile = sp_get_option('sfprofile');
if ($spProfile['nameformat'] || $spThisUser->admin) {
$display_name = !empty($_POST['display_name']) ? trim($_POST['display_name']) : spdb_table(SFUSERS, "ID={$thisUser}", 'user_login');
$display_name = sp_filter_name_save($display_name);
# make sure display name isnt already used
if ($_POST['oldname'] != $display_name) {
$records = spdb_table(SFMEMBERS, "display_name='{$display_name}'");
if ($records) {
foreach ($records as $record) {
if ($record->user_id != $thisUser) {
$message['type'] = 'error';
$message['text'] = $display_name . ' ' . sp_text('is already in use - please choose a different display name');
return $message;
}
}
}
# validate display name
$errors = new WP_Error();
$user = new stdClass();
$user->display_name = $display_name;
sp_validate_display_name($errors, true, $user);
if ($errors->get_error_codes()) {
$message['type'] = 'error';
$message['text'] = sp_text('The display name you have chosen is not allowed on this site');
return $message;
}
# now save the display name
sp_update_member_item($thisUser, 'display_name', $display_name);
# Update new users list with changed display name
sp_update_newuser_name(sp_filter_name_save($_POST['oldname']), $display_name);
# do we need to sync display name with wp?
$options = sp_get_member_item($thisUser, 'user_options');
if ($options['namesync']) {
spdb_query('UPDATE ' . SFUSERS . ' SET display_name="' . $display_name . '" WHERE ID=' . $thisUser);
}
}
}
}
# save the url
$update = apply_filters('sph_ProfileUserWebsiteUpdate', true);
if ($update) {
$url = sp_filter_url_save($_POST['website']);
$sql = 'UPDATE ' . SFUSERS . ' SET user_url="' . $url . '" WHERE ID=' . $thisUser;
spdb_query($sql);
}
# update first name, last name, location and biorgraphy
$update = apply_filters('sph_ProfileUserFirstNameUpdate', true);
if ($update) {
update_user_meta($thisUser, 'first_name', sp_filter_name_save(trim($_POST['first_name'])));
}
$update = apply_filters('sph_ProfileUserLastNameUpdate', true);
if ($update) {
update_user_meta($thisUser, 'last_name', sp_filter_name_save(trim($_POST['last_name'])));
}
$update = apply_filters('sph_ProfileUserLocationUpdate', true);
if ($update) {
update_user_meta($thisUser, 'location', sp_filter_title_save(trim($_POST['location'])));
}
$update = apply_filters('sph_ProfileUserBiographyUpdate', true);
if ($update) {
update_user_meta($thisUser, 'description', sp_filter_save_kses($_POST['description']));
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfileProfile', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Profile settings updated');
}
break;
case 'edit-identities':
# update identity settings
# update the user identities
$update = apply_filters('sph_ProfileUserAIMUpdate', true);
if ($update) {
update_user_meta($thisUser, 'aim', sp_filter_title_save(trim($_POST['aim'])));
}
$update = apply_filters('sph_ProfileUserYahooUpdate', true);
if ($update) {
update_user_meta($thisUser, 'yim', sp_filter_title_save(trim($_POST['yim'])));
}
$update = apply_filters('sph_ProfileUserGoogleUpdate', true);
if ($update) {
update_user_meta($thisUser, 'jabber', sp_filter_title_save(trim($_POST['jabber'])));
}
$update = apply_filters('sph_ProfileUserMSNUpdate', true);
if ($update) {
update_user_meta($thisUser, 'msn', sp_filter_title_save(trim($_POST['msn'])));
}
$update = apply_filters('sph_ProfileUserICQUpdate', true);
if ($update) {
update_user_meta($thisUser, 'icq', sp_filter_title_save(trim($_POST['icq'])));
}
$update = apply_filters('sph_ProfileUserSkypeUpdate', true);
if ($update) {
update_user_meta($thisUser, 'skype', sp_filter_title_save(trim($_POST['skype'])));
}
$update = apply_filters('sph_ProfileUserFacebookUpdate', true);
if ($update) {
update_user_meta($thisUser, 'facebook', sp_filter_title_save(trim($_POST['facebook'])));
}
$update = apply_filters('sph_ProfileUserMySpaceUpdate', true);
if ($update) {
update_user_meta($thisUser, 'myspace', sp_filter_title_save(trim($_POST['myspace'])));
}
$update = apply_filters('sph_ProfileUserTwitterUpdate', true);
if ($update) {
update_user_meta($thisUser, 'twitter', sp_filter_title_save(trim($_POST['twitter'])));
}
$update = apply_filters('sph_ProfileUserLinkedInUpdate', true);
if ($update) {
update_user_meta($thisUser, 'linkedin', sp_filter_title_save(trim($_POST['linkedin'])));
}
$update = apply_filters('sph_ProfileUserYouTubeUpdate', true);
if ($update) {
update_user_meta($thisUser, 'youtube', sp_filter_title_save(trim($_POST['youtube'])));
}
$update = apply_filters('sph_ProfileUserGooglePlusUpdate', true);
if ($update) {
update_user_meta($thisUser, 'googleplus', sp_filter_title_save(trim($_POST['googleplus'])));
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfileIdentities', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Identities updated');
}
break;
case 'avatar-upload':
# upload avatar
# did we get an avatar to upload?
if (empty($_FILES['avatar-upload']['name'])) {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the avatar filename was empty');
return $message;
}
# Verify the file extension
global $spPaths;
$uploaddir = SF_STORE_DIR . '/' . $spPaths['avatars'] . '/';
$filename = basename($_FILES['avatar-upload']['name']);
$path = pathinfo($filename);
$ext = strtolower($path['extension']);
if ($ext != 'jpg' && $ext != 'jpeg' && $ext != 'gif' && $ext != 'png') {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, only JPG, JPEG, PNG, or GIF files are allowed');
return $message;
}
# check image file mimetype
$mimetype = 0;
$mimetype = exif_imagetype($_FILES['avatar-upload']['tmp_name']);
if (empty($mimetype) || $mimetype == 0 || $mimetype > 3) {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the avatar file is an invalid format');
return $message;
}
# make sure file extension and mime type actually match
if ($mimetype == 1 && $ext != 'gif' || $mimetype == 2 && ($ext != 'jpg' && $ext != 'jpeg') || $mimetype == 3 && $ext != 'png') {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the file mime type does not match file extension');
return $message;
}
# Clean up file name just in case
$filename = date('U') . sp_filter_filename_save(basename($_FILES['avatar-upload']['name']));
$uploadfile = $uploaddir . $filename;
# check for existence
if (file_exists($uploadfile)) {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the avatar file already exists');
return $message;
}
# check file size against limit if provided
$spAvatars = sp_get_option('sfavatars');
if ($_FILES['avatar-upload']['size'] > $spAvatars['sfavatarfilesize']) {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the avatar file exceeds the maximum allowed size');
return $message;
}
# valid avatar, so try moving the uploaded file to the avatar storage directory
if (move_uploaded_file($_FILES['avatar-upload']['tmp_name'], $uploadfile)) {
@chmod("{$uploadfile}", 0644);
# do we need to resize?
$sfavatars = sp_get_option('sfavatars');
if ($sfavatars['sfavatarresize']) {
$editor = wp_get_image_editor($uploadfile);
if (is_wp_error($editor)) {
@unlink($uploadfile);
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, there was a problem resizing the avatar');
return $message;
} else {
$editor->resize($sfavatars['sfavatarsize'], $sfavatars['sfavatarsize'], true);
$imageinfo = $editor->save($uploadfile);
$filename = $imageinfo['file'];
}
}
# update member avatar data
$avatar = sp_get_member_item($thisUser, 'avatar');
$avatar['uploaded'] = $filename;
sp_update_member_item($thisUser, 'avatar', $avatar);
} else {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the avatar file could not be moved to the avatar storage location');
return $message;
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfileAvatarUpload', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Uploaded avatar updated');
}
break;
case 'avatar-pool':
# pool avatar
# get pool avatar name
$filename = sp_filter_filename_save($_POST['spPoolAvatar']);
# error if no pool avatar provided
if (empty($filename)) {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, you must select a pool avatar before trying to save it');
return $message;
}
# save the pool avatar
$avatar = sp_get_member_item($thisUser, 'avatar');
$avatar['pool'] = $filename;
sp_update_member_item($thisUser, 'avatar', $avatar);
# fire action for plugins
$message = apply_filters('sph_UpdateProfileAvatarPool', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Pool avatar updated');
}
break;
case 'avatar-remote':
# remote avatar
# get remote avatar name
$filename = sp_filter_url_save($_POST['spAvatarRemote']);
$avatar = sp_get_member_item($thisUser, 'avatar');
$avatar['remote'] = $filename;
sp_update_member_item($thisUser, 'avatar', $avatar);
# fire action for plugins
$message = apply_filters('sph_UpdateProfileAvatarRemote', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Remote avatar updated');
}
break;
case 'edit-signature':
# save signature
# Check if maxmium links has been exceeded
$numLinks = substr_count($_POST['postitem'], '</a>');
$spFilters = sp_get_option('sffilters');
if (!sp_get_auth('create_links', 'global', $thisUser) && $numLinks > 0 && !$spThisUser->admin) {
$message['type'] = 'error';
$message['text'] = sp_text('You are not allowed to put links in signatures');
return $message;
}
if (sp_get_auth('create_links', 'global', $thisUser) && $spFilters['sfmaxlinks'] != 0 && $numLinks > $spFilters['sfmaxlinks'] && !$spThisUser->admin) {
$message['type'] = 'error';
$message['text'] = sp_text('Maximum number of allowed links exceeded in signature') . ': ' . $spFilters['sfmaxlinks'] . ' ' . sp_text('allowed');
return $message;
}
// $sig = esc_sql(sp_filter_save_kses(trim($_POST['postitem'])));
$sig = sp_filter_content_save($_POST['postitem'], 'edit');
sp_update_member_item($thisUser, 'signature', $sig);
# fire action for plugins
$message = apply_filters('sph_UpdateProfileSignature', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Signature updated');
}
break;
case 'edit-photos':
# save photos
$photos = array();
$spProfileOptions = sp_get_option('sfprofile');
for ($x = 0; $x < $spProfileOptions['photosmax']; $x++) {
$photos[$x] = sp_filter_url_save($_POST['photo' . $x]);
}
update_user_meta($thisUser, 'photos', $photos);
# fire action for plugins
$message = apply_filters('sph_UpdateProfilePhotos', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Photos updated');
}
break;
case 'edit-global-options':
# save global options
$options = sp_get_member_item($thisUser, 'user_options');
$options['hidestatus'] = isset($_POST['hidestatus']) ? true : false;
$update = apply_filters('sph_ProfileUserSyncNameUpdate', true);
if ($update) {
$options['namesync'] = isset($_POST['namesync']) ? true : false;
}
sp_update_member_item($thisUser, 'user_options', $options);
# fire action for plugins
$message = apply_filters('sph_UpdateProfileGlobalOptions', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Global options updated');
}
break;
case 'edit-posting-options':
# save posting options
$update = apply_filters('sph_ProfileUserEditorUpdate', true);
if ($update) {
$options = sp_get_member_item($thisUser, 'user_options');
if (isset($_POST['editor'])) {
$options['editor'] = sp_esc_int($_POST['editor']);
}
sp_update_member_item($thisUser, 'user_options', $options);
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfilePostingOptions', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Posting options updated');
}
break;
case 'edit-display-options':
# save display options
$options = sp_get_member_item($thisUser, 'user_options');
if (isset($_POST['timezone'])) {
if (preg_match('/^UTC[+-]/', $_POST['timezone'])) {
# correct for manual UTC offets
$userOffset = preg_replace('/UTC\\+?/', '', $_POST['timezone']) * 3600;
} else {
# get timezone offset for user
$date_time_zone_selected = new DateTimeZone(sp_esc_str($_POST['timezone']));
$userOffset = timezone_offset_get($date_time_zone_selected, date_create());
}
# get timezone offset for server based on wp settings
$wptz = get_option('timezone_string');
if (empty($wptz)) {
$serverOffset = get_option('gmt_offset');
} else {
$date_time_zone_selected = new DateTimeZone($wptz);
$serverOffset = timezone_offset_get($date_time_zone_selected, date_create());
}
# calculate time offset between user and server
$options['timezone'] = (int) round(($userOffset - $serverOffset) / 3600, 2);
$options['timezone_string'] = sp_esc_str($_POST['timezone']);
} else {
$options['timezone'] = 0;
$options['timezone_string'] = 'UTC';
}
if (isset($_POST['unreadposts'])) {
$sfcontrols = sp_get_option('sfcontrols');
$options['unreadposts'] = is_numeric($_POST['unreadposts']) ? max(min(sp_esc_int($_POST['unreadposts']), $sfcontrols['sfmaxunreadposts']), 0) : $sfcontrols['sfdefunreadposts'];
}
$options['topicASC'] = isset($_POST['topicASC']);
$options['postDESC'] = isset($_POST['postDESC']);
sp_update_member_item($thisUser, 'user_options', $options);
# fire action for plugins
$message = apply_filters('sph_UpdateProfileDisplayOptions', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Display options updated');
}
break;
default:
break;
}
# let plugins do their thing on success
$message = apply_filters('sph_ProfileFormSave_' . $thisForm, $message, $thisUser, $thisForm);
do_action('sph_UpdateProfile', $thisUser, $thisForm);
# reset the plugin_data just in case
sp_reset_member_plugindata($thisUser);
# done saving - return the messages
return $message;
}
function sp_js_check()
{
return '<noscript><div><pre><code>' . sp_text('This forum requires Javascript to be enabled for posting content') . '</code></pre></div></noscript>' . "\n";
}
function sp_render_add_topic_form($args)
{
global $spVars, $spGlobals, $spThisForum, $spThisUser, $spGuestCookie;
include_once SF_PLUGIN_DIR . '/forum/content/forms/sp-form-components.php';
$toolbar = $spGlobals['display']['editor']['toolbar'];
$defs = array('tagClass' => 'spForm', 'hide' => 1, 'controlFieldset' => 'spEditorFieldset', 'controlInput' => 'spControl', 'controlSubmit' => 'spSubmit', 'controlOrder' => 'cancel|save', 'maxTitleLength' => 200, 'labelHeading' => sp_text('Add Topic'), 'labelGuestName' => sp_text('Guest name (required)'), 'labelGuestEmail' => sp_text('Guest email (required)'), 'labelModerateAll' => sp_text('NOTE: new posts are subject to administrator approval before being displayed'), 'labelModerateOnce' => sp_text('NOTE: first posts are subject to administrator approval before being displayed'), 'labelTopicName' => sp_text('Topic name'), 'labelSmileys' => sp_text('Smileys'), 'labelOptions' => sp_text('Options'), 'labelOptionLock' => sp_text('Lock this topic'), 'labelOptionPin' => sp_text('Pin this post'), 'labelOptionTime' => sp_text('Edit post timestamp'), 'labelMath' => sp_text('Math Required'), 'labelMathSum' => sp_text('What is the sum of'), 'labelPostButtonReady' => sp_text('Submit Topic'), 'labelPostButtonMath' => sp_text('Do Math To Save'), 'labelPostCancel' => sp_text('Cancel'), 'tipSmileysButton' => sp_text('Open/Close to Add a Smiley'), 'tipOptionsButton' => sp_text('Open/Close to select Posting Options'), 'tipSubmitButton' => sp_text('Save the New Topic'), 'tipCancelButton' => sp_text('Cancel the New Topic'));
$a = wp_parse_args($args, $defs);
extract($a, EXTR_SKIP);
# sanitize
$tagClass = esc_attr($tagClass);
$hide = (int) $hide;
$controlFieldset = esc_attr($controlFieldset);
$controlInput = esc_attr($controlInput);
$maxTitleLength = (int) $maxTitleLength;
$labelHeading = sp_filter_title_display($labelHeading);
$labelGuestName = sp_filter_title_display($labelGuestName);
$labelGuestEmail = sp_filter_title_display($labelGuestEmail);
$labelModerateAll = sp_filter_title_display($labelModerateAll);
$labelModerateOnce = sp_filter_title_display($labelModerateOnce);
$labelTopicName = sp_filter_title_display($labelTopicName);
# Check for a failure package in case this is a redirect
$f = sp_get_cache('post');
if (isset($f['guestname']) ? $guestnameval = $f['guestname'] : ($guestnameval = $spGuestCookie->guest_name)) {
}
if (isset($f['guestemail']) ? $guestemailval = $f['guestemail'] : ($guestemailval = $spGuestCookie->guest_email)) {
}
if (isset($f['newtopicname']) ? $topicnameval = $f['newtopicname'] : ($topicnameval = '')) {
}
if (isset($f['postitem']) ? $postitemval = $f['postitem'] : ($postitemval = '')) {
}
if (isset($f['message']) ? $failmessage = $f['message'] : ($failmessage = '')) {
}
$captchaValue = sp_get_option('captcha-value');
$out = '';
# Grab above editor message if there is one
$postmsg = sp_get_option('sfpostmsg');
# Grab in-editor message if one
$inEdMsg = sp_filter_text_display(sp_get_option('sfeditormsg'));
if ($hide ? $hide = ' style="display:none;"' : ($hide = '')) {
}
$out .= '<div id="spPostForm"' . $hide . '>' . "\n";
$out .= "<form class='{$tagClass}' action='" . SFHOMEURL . "index.php?sp_ahah=post&sfnonce=" . wp_create_nonce('forum-ahah') . "' method='post' id='addtopic' name='addtopic' onsubmit='return spjValidatePostForm(this, {$spThisUser->guest}, 1, \"" . sp_paint_file_icon(SPTHEMEICONSURL, 'sp_Success.png') . "\");'>\n";
$out .= sp_create_nonce('forum-userform_addtopic');
$out .= '<div class="spEditor">' . "\n";
$out = apply_filters('sph_topic_editor_top', $out, $spThisForum);
$out .= "<fieldset class='{$controlFieldset}'>\n";
$out .= "<legend>{$labelHeading}: " . $spThisForum->forum_name . "</legend>\n";
$out .= "<input type='hidden' name='action' value='topic' />\n";
$out .= "<input type='hidden' name='forumid' value='{$spThisForum->forum_id}' />\n";
$out .= "<input type='hidden' name='forumslug' value='{$spThisForum->forum_slug}' />\n";
$out .= "<input type='hidden' name='captcha' value='{$captchaValue}' />\n";
# input field that plugins can use
$out .= "<input type='hidden' id='spEditorCustomValue' name='spEditorCustomValue' value='' />\n";
# plugins can add before the header
$out = apply_filters('sph_topic_before_editor_header', $out, $spThisForum, $a);
$tout = '';
$tout .= '<div class="spEditorSection">';
# let plugins add stuff at top of editor header
$tout = apply_filters('sph_topic_editor_header_top', $tout, $spThisForum, $a);
if (!empty($postmsg['sfpostmsgtopic'])) {
$tout .= '<div class="spEditorMessage">' . sp_filter_text_display($postmsg['sfpostmsgtext']) . '</div>' . "\n";
}
# create an empty div to allow plugins to add something
$tout .= '<div id="spEditorCustomDiv"></div>';
if ($spThisUser->guest) {
$tout .= '<div class="spEditorSectionLeft">' . "\n";
$tout .= "<div class='spEditorTitle'>{$labelGuestName}:\n";
$tout .= "<input type='text' tabindex='100' class='{$controlInput}' name='guestname' value='{$guestnameval}' /></div>\n";
$tout .= '</div>' . "\n";
$sfguests = sp_get_option('sfguests');
if ($sfguests['reqemail']) {
$tout .= '<div class="spEditorSectionRight">' . "\n";
$tout .= "<div class='spEditorTitle'>{$labelGuestEmail}:\n";
$tout .= "<input type='text' tabindex='101' class='{$controlInput}' name='guestemail' value='{$guestemailval}' /></div>\n";
$tout .= '</div>' . "\n";
}
$tout .= '<div class="spClear"></div>' . "\n";
}
if (!sp_get_auth('bypass_moderation', $spThisForum->forum_id)) {
$tout .= "<p class='spLabelSmall'>{$labelModerateAll}</p>\n";
} elseif (!sp_get_auth('bypass_moderation_once', $spThisForum->forum_id)) {
$tout .= "<p class='spLabelSmall'>{$labelModerateOnce}</p>\n";
}
$tout2 = '';
$tout2 .= "<div class='spEditorTitle'>{$labelTopicName}: \n";
$tout2 .= "<input id='spTopicTitle' type='text' tabindex='102' class='{$controlInput}' maxlength='{$maxTitleLength}' name='newtopicname' value='{$topicnameval}'/>\n";
$tout2 = apply_filters('sph_topic_editor_name', $tout2, $a);
$tout2 .= '</div>' . "\n";
$tout .= apply_filters('sph_topic_editor_title', $tout2, $spThisForum, $a);
# let plugins add stuff at bottom of editor header
$tout = apply_filters('sph_topic_editor_header_bottom', $tout, $spThisForum, $a);
$tout .= '</div>' . "\n";
# allow plugins to filter just the header
$out .= apply_filters('sph_topic_editor_header', $tout, $spThisForum, $a);
# do we have content? Or just add any inline message
if (empty($postitemval)) {
$postitemval = $inEdMsg;
}
# Display the selected editor
$tout = '';
$tout .= '<div id="spEditorContent">' . "\n";
$tout .= sp_setup_editor(103, $postitemval);
$tout .= '</div>' . "\n";
# allow plugins to filter the editor content
$out .= apply_filters('sph_topic_editor_content', $tout, $spThisForum, $a);
# define area above toolbar for plugins to add components
$section = apply_filters('sph_topic_editor_above_toolbar', '', $spThisForum, $a);
if (!empty($section)) {
$tout = '';
$tout .= '<div class="spEditorSection">';
$tout .= $section;
$tout .= '</div>' . "\n";
$out .= apply_filters('sph_topic_editor_above_toolbar_end', $tout, $spThisForum, $a);
}
# DEFINE NEW FAILURE AREA HERE
# define validation failure notice area
$out .= "<div class='spClear'></div>\n";
$out .= "<div id='spPostNotifications'>{$failmessage}</div>\n";
# TOOLBAR
# define toolbar - submit buttons on right, plugin extensions on left
$toolbarRight = apply_filters('sph_topic_editor_toolbar_submit', '', $spThisForum, $a, 'toolbar');
$toolbarLeft = apply_filters('sph_topic_editor_toolbar_buttons', '', $spThisForum, $a, 'toolbar');
if (!empty($toolbarRight) || !empty($toolbarLeft)) {
# Submit section
$tout = '';
$tout .= '<div class="spEditorSection spEditorToolbar">';
$tout .= $toolbarRight;
# toolbar for plugins to add buttons
$tout .= $toolbarLeft;
$out .= apply_filters('sph_topic_editor_toolbar', $tout, $spThisForum, $a, 'toolbar');
$out .= '<div style="clear:both"></div>';
$out .= '</div>' . "\n";
}
# START SMILEYS/OPTIONS
# let plugins add stuff at top of editor footer
$tout = '';
$tout = apply_filters('sph_topic_editor_footer_top', $tout, $spThisForum, $a);
# smileys and options
$tout = apply_filters('sp_topic_editor_inline_footer', $tout, $spThisForum, $a, 'inline');
# let plugins add stuff at end of editor footer
$tout = apply_filters('sph_topic_editor_footer_bottom', $tout, $spThisForum, $a);
# plugins can remove or adjust whole footer
$out .= apply_filters('sph_topic_editor_footer', $tout, $spThisForum, $a);
# allow plugins to insert stuff after editor footer
$out = apply_filters('sph_topic_editor_after_footer', $out, $spThisForum, $a);
# START SUBMIT SECTION
# define submit section of no toolbar in use
if (!$toolbar) {
$out .= '<div class="spEditorSubmit">' . "\n";
$out = apply_filters('sph_topic_editor_submit_top', $out, $spThisForum, $a);
# let plugins add/remove the controls area
$tout = apply_filters('sp_topic_editor_inline_submit', '', $spThisForum, $a, 'inline');
# let plugins add stuff at end of editor submit bottom
$out .= apply_filters('sph_topic_editor_submit_bottom', $tout, $spThisForum, $a);
$out .= '</div>' . "\n";
}
# close it up
$out .= '</fieldset>' . "\n";
$out = apply_filters('sph_topic_editor_bottom', $out, $spThisForum, $a);
$out .= '</div>' . "\n";
$out .= '</form>' . "\n";
$out .= '</div>' . "\n";
# let plugins add stuff beneath the editor
$out = apply_filters('sph_topic_editor_beneath', $out, $spThisForum, $a);
return $out;
}
function ashow($what, $user = -1, $title = '')
{
global $spThisUser;
if ($user == -1 || $user == $spThisUser->ID) {
spdebug_styles(true);
echo '<div class="spdebug">';
if ($title) {
echo sp_text('Inspect') . ': <strong>' . $title . '</strong><hr>';
}
echo '<pre><code>';
if (is_string($what)) {
$what = htmlentities($what);
}
print_r($what);
echo '</code></pre>';
echo '</div>';
}
}
function spa_forums_edit_forum_form($forum_id)
{
?>
<script type="text/javascript">
jQuery(document).ready(function() {
jQuery('#forumrow-<?php
echo $forum_id;
?>
').addClass('inForm');
spjAjaxForm('sfforumedit<?php
echo $forum_id;
?>
', 'sfreloadfb');
});
</script>
<?php
global $spPaths, $tab;
$forum = spdb_table(SFFORUMS, "forum_id={$forum_id}", 'row');
spa_paint_options_init();
$ahahURL = SFHOMEURL . 'index.php?sp_ahah=forums-loader&sfnonce=' . wp_create_nonce('forum-ahah') . '&saveform=editforum';
?>
<form action="<?php
echo $ahahURL;
?>
" method="post" id="sfforumedit<?php
echo $forum->forum_id;
?>
" name="sfforumedit<?php
echo $forum->forum_id;
?>
">
<?php
echo sp_create_nonce('forum-adminform_forumedit');
spa_paint_open_tab(spa_text('Forums') . ' - ' . spa_text('Manage Groups and Forums'), true);
spa_paint_open_panel();
spa_paint_open_fieldset(spa_text('Forum Details'), false);
$subforum = $forum->parent ? true : false;
echo "<input type='hidden' name='cgroup_id' value='{$forum->group_id}' />";
echo "<input type='hidden' name='cparent' value='{$forum->parent}' />";
echo "<input type='hidden' name='cchildren' value='{$forum->children}' />";
if (!$subforum && empty($forum->children)) {
$mess = sp_text('This is a top-level forum with no sub-forums and on this panel you can change the forum Group it is a member of. If changed it will be moved to the target Forum Group.');
} elseif (!$subforum && !empty($forum->children)) {
$mess = sp_text('This is a top level forum with designated sub-forums and on this panel you can change the forum Group it is a member of. If changed it will be moved, along with the sub-forums, to the target Forum Group.');
} elseif ($subforum && empty($forum->children)) {
$mess = sp_text('This is a sub-forum and on this panel you can change the forum parent it belongs to. If changed it will be moved to become a sub-forum of the target Forum.');
} else {
$mess = sp_text('This is a sub-forum and also a parent to other sub-forums and on this panel you can change the forum parent it belongs to. If changed it will be moved, along with the sub-forums, to the target Forum.');
}
echo '<div class="sfoptionerror spaceabove">';
echo "<p><b>{$mess}</b></br>";
echo sp_text('For more flexible Group/Forum ordering and sub-forum promotion and demotion, please use the drag and drop interface on the Order Groups and Forums admin panel from the Forums Menu - or the Order Forums panel at Group level.') . '</p>';
echo '</div>';
# Top level forum...
$style = $subforum ? ' style="display:none"' : ' style="display:block"';
echo "<div {$style}>";
spa_paint_select_start(spa_text('The group this forum belongs to'), 'group_id', '');
echo spa_create_group_select($forum->group_id);
spa_paint_select_end();
echo '</div>';
# sub-forum...
$style = $subforum ? ' style="display:block"' : ' style="display:none"';
echo "<div {$style}>";
spa_paint_select_start(spa_text('Parent forum this subforum belongs to'), 'parent', '');
echo spa_create_forum_select($forum->parent);
spa_paint_select_end();
echo '</div>';
spa_paint_input(spa_text('Forum name'), 'forum_name', sp_filter_title_display($forum->forum_name), false, true);
echo '<input type="hidden" name="forum_id" value="' . $forum->forum_id . '" />';
$target = 'cforum_slug';
$ahahURL = SFHOMEURL . 'index.php?sp_ahah=forums&sfnonce=' . wp_create_nonce('forum-ahah');
echo "<div class='sp-form-row'>\n";
echo "<div class='wp-core-ui sflabel sp-label-40'>" . spa_text('Forum slug') . ':</div>';
echo '<input type="text" class="wp-core-ui sp-input-60" tabindex="' . $tab . '" name="cforum_slug" id="cforum_slug" value="' . esc_attr($forum->forum_slug) . '" onchange="spjSetForumSlug(this, \'' . $ahahURL . '\', \'' . $target . '\', \'edit\');" />';
echo '<div class="clearboth"></div>';
echo '</div>';
$tab++;
spa_paint_input(spa_text('Description'), 'forum_desc', sp_filter_text_edit($forum->forum_desc), false, true);
spa_paint_close_fieldset();
spa_paint_close_panel();
spa_paint_open_panel();
spa_paint_open_fieldset(spa_text('Forum Options'), false);
$target = 'cforum_slug';
$ahahURL = SFHOMEURL . 'index.php?sp_ahah=forums&sfnonce=' . wp_create_nonce('forum-ahah');
spa_paint_checkbox(spa_text('Locked'), 'forum_status', $forum->forum_status);
spa_paint_checkbox(spa_text('Disable forum RSS feed so feed will not be generated'), 'forum_private', $forum->forum_rss_private);
spa_paint_select_start(sprintf(spa_text('Featured Image for this forum %s(200px x 200px recommended)'), '<br>'), 'feature_image', '');
spa_select_icon_dropdown('feature_image', spa_text('Select Feature Image'), SF_STORE_DIR . '/' . $spPaths['forum-images'] . '/', $forum->feature_image, false);
spa_paint_select_end();
echo '<div class="sfoptionerror spaceabove">';
echo '<p><b>' . sp_text('Custom Icon Ordering') . '</b></br>';
echo sp_text('When using custom forum or topic icons and multiple conditions exist, the following precedence is used:') . '</p>';
echo sp_text('Locked') . '<br />';
echo sp_text('Pinned') . '<br />';
echo sp_text('Unread') . '<br />';
echo sp_text('Custom') . '<br />';
echo sp_text('Theme Default') . '<br />';
echo '</div>';
spa_paint_select_start(spa_text('Custom forum icon'), 'forum_icon', '');
spa_select_icon_dropdown('forum_icon', spa_text('Select Custom Icon'), SF_STORE_DIR . '/' . $spPaths['custom-icons'] . '/', $forum->forum_icon, false);
spa_paint_select_end();
spa_paint_select_start(spa_text('Custom forum icon when new posts'), 'forum_icon_new', '');
spa_select_icon_dropdown('forum_icon_new', spa_text('Select Custom Icon'), SF_STORE_DIR . '/' . $spPaths['custom-icons'] . '/', $forum->forum_icon_new, false);
spa_paint_select_end();
spa_paint_select_start(spa_text('Custom forum icon when locked'), 'forum_icon_locked', '');
spa_select_icon_dropdown('forum_icon_locked', spa_text('Select Custom Icon'), SF_STORE_DIR . '/' . $spPaths['custom-icons'] . '/', $forum->forum_icon_locked, false);
spa_paint_select_end();
spa_paint_select_start(spa_text('Custom topic icon'), 'topic_icon', '');
spa_select_icon_dropdown('topic_icon', spa_text('Select Custom Icon'), SF_STORE_DIR . '/' . $spPaths['custom-icons'] . '/', $forum->topic_icon, false);
spa_paint_select_end();
spa_paint_select_start(spa_text('Custom topic icon when new posts'), 'topic_icon_new', '');
spa_select_icon_dropdown('topic_icon_new', spa_text('Select Custom Icon'), SF_STORE_DIR . '/' . $spPaths['custom-icons'] . '/', $forum->topic_icon_new, false);
spa_paint_select_end();
spa_paint_select_start(spa_text('Custom topic icon when locked'), 'topic_icon_locked', '');
spa_select_icon_dropdown('topic_icon_locked', spa_text('Select Custom Icon'), SF_STORE_DIR . '/' . $spPaths['custom-icons'] . '/', $forum->topic_icon_locked, false);
spa_paint_select_end();
spa_paint_select_start(spa_text('Custom topic icon when pinned'), 'topic_icon_pinned', '');
spa_select_icon_dropdown('topic_icon_pinned', spa_text('Select Custom Icon'), SF_STORE_DIR . '/' . $spPaths['custom-icons'] . '/', $forum->topic_icon_pinned, false);
spa_paint_select_end();
spa_paint_input(spa_text('Replacement external RSS URL') . '<br />' . spa_text('Default') . ': <strong>' . sp_build_url($forum->forum_slug, '', 0, 0, 0, 1) . '</strong>', 'forum_rss', sp_filter_url_display($forum->forum_rss), false, true);
spa_paint_input(spa_text('Custom meta keywords (SEO option must be enabled)'), 'forum_keywords', '', false, true);
spa_paint_wide_textarea('Special forum message to be displayed above forums', 'forum_message', sp_filter_text_edit($forum->forum_message));
spa_paint_close_fieldset();
spa_paint_close_panel();
spa_paint_open_panel();
spa_paint_open_fieldset(spa_text('Extended Forum Options'), false);
# As added by plugins
do_action('sph_forum_edit_forum_options', $forum);
spa_paint_close_fieldset();
spa_paint_close_panel();
spa_paint_close_container();
?>
<div class="sfform-submit-bar">
<input type="submit" class="button-primary" id="sfforumedit<?php
echo $forum->forum_id;
?>
" name="sfforumedit<?php
echo $forum->forum_id;
?>
" value="<?php
spa_etext('Update Forum');
?>
" />
<input type="button" class="button-primary" onclick="javascript:jQuery('#forum-<?php
echo $forum->forum_id;
?>
').html('');jQuery('#forumrow-<?php
echo $forum_id;
?>
').removeClass('inForm');" id="sfforumedit<?php
echo $forum->forum_id;
?>
" name="editforumcancel<?php
echo $forum->forum_id;
?>
" value="<?php
spa_etext('Cancel');
?>
" />
</div>
<?php
spa_paint_close_tab();
?>
</form>
<div class="sfform-panel-spacer"></div>
<?php
}
function sp_MemberListUsergroupSelect($args = '')
{
global $spMembersList;
if (empty($spMembersList->userGroups)) {
return;
}
if (!sp_get_auth('view_members_list')) {
return;
}
global $spMembersList;
$defs = array('tagId' => 'spUsergroupSelect', 'tagClass' => 'spUsergroupSelect', 'selectClass' => 'spControl', 'echo' => 1);
$a = wp_parse_args($args, $defs);
$a = apply_filters('sph_MemberListUsergroupSelect_args', $a);
extract($a, EXTR_SKIP);
# sanitize before use
$tagId = esc_attr($tagId);
$tagClass = esc_attr($tagClass);
$selectClass = esc_attr($selectClass);
$echo = (int) $echo;
$search = !empty($_POST['msearch']) && !isset($_POST['allmembers']) ? '&msearch=' . sp_esc_str($_POST['msearch']) : '';
$search = !empty($_GET['msearch']) ? '&msearch=' . sp_esc_str($_GET['msearch']) : $search;
$ug = !empty($_POST['ug']) && !isset($_POST['allmembers']) ? sp_esc_int($_POST['ug']) : '';
$ug = !empty($_GET['ug']) ? sp_esc_int($_GET['ug']) : $ug;
$out = "<div id='{$tagId}' class='{$tagClass}'>";
$out .= "<select class='{$selectClass}' name='sp_usergroup_select' onchange='javascript:spjChangeURL(this)'>";
$out .= "<option value='#'>" . sp_text('Select Specific Usergroup') . "</option>";
foreach ($spMembersList->userGroups as $usergroup) {
$selected = $usergroup['usergroup_id'] == $ug ? "selected='selected'" : '';
$out .= "<option {$selected} value='" . sp_get_sfqurl(sp_url('members')) . 'ug=' . $usergroup['usergroup_id'] . $search . "'>" . sp_filter_title_display($usergroup['usergroup_name']) . '</option>';
}
if (!empty($ug)) {
$out .= "<option value='" . sp_get_sfqurl(sp_url('members')) . $search . "'>" . sp_text('Reset to Default Usergroups') . "</option>";
}
$out .= '</select>';
$out .= "</div>\n";
$out = apply_filters('sph_MemberListUsergroupSelect', $out, $a);
if ($echo) {
echo $out;
} else {
return $out;
}
}
}
sp_forum_api_support();
$theme = sp_get_current_sp_theme();
$ack = array('<a href="https://github.com/jasonday/printThis">' . sp_text('printThis by Jason Day') . '</a>', '<a href="http://sw-guide.de/">' . sp_text('Math Spam Protection based on code by Michael Woehrer') . '</a>', '<a href="http://www.rainforestnet.com">' . sp_text('Calendar Date Picker by TengYong Ng') . '</a>', '<a href="http://valums.com/ajax-upload/">' . sp_text('Image Uploader by Andrew Valums') . '</a>', '<a href="http://rpxwiki.com/WordpressPlugin">' . sp_text('SPF RPX implementation uses code and ideas from Brian Ellin') . '</a>', '<a href="http://www.isocra.com/2008/02/table-drag-and-drop-jquery-plugin/">' . sp_text('Table Drag and Drop by Isocra Consulting') . '</a>', '<a href="http://www.brettjankord.com/2012/01/16/categorizr-a-modern-device-detection-script/">' . sp_text('Mobile Device Detection based on code by Brett Jankord') . '</a>', '<a href="http://http://yacobi.info/">' . sp_text('CSS and JS Concatenation based on code by Ronen Yacobi') . '</a>');
$ack = apply_filters('sph_acknowledgements', $ack);
$out = '<style type="text/css">#spAbout p a {padding:0 !important;}</style>';
$out .= '<div id="spAbout" style="padding: 0 20px;">';
$out .= '<img src="' . SFCOMMONIMAGES . 'sp-small-logo.png" alt="" title="" /><br />';
$out .= '<p>© 2006-' . date('Y') . ' ' . sp_text('by') . ' <a href="http://www.yellowswordfish.com"><b>Andy Staines</b></a> ' . sp_text('and') . ' <a href="http://cruisetalk.org/"><b>Steve Klasen</b></a></p>';
$out .= '<p><a href="http://twitter.com/simpleforum">' . sp_text('Follow us On Twitter') . '</a></p>';
$out .= '<hr />';
$out .= '<p>';
$i = '';
$s = ' — ';
foreach ($ack as $a) {
$i .= $a . $s;
}
$out .= rtrim($i, $s);
$out .= '</p>';
$out .= '<hr />';
$out .= '<p>' . sp_text('Our thanks to all the people who have aided, abetted, coded, suggested and helped test this plugin') . '</p>';
$out .= '<p>';
if (empty($theme['parent'])) {
$out .= sp_text('This forum is using the') . ' <strong>' . $theme['theme'] . '</strong> ' . sp_text('theme');
} else {
$out .= sp_text('This forum is using') . ' <strong>' . $theme['theme'] . '</strong><br>' . sp_text('a child theme of') . ' <strong>' . $theme['parent'] . '</strong> ';
}
$out .= '</p>';
$out .= '</div>';
echo $out;
die;
$checked = $spProfileUser->postDESC ? $checked = 'checked="checked" ' : '';
}
if ('' == $checked) {
$checked = $spGlobals['display']['posts']['sortdesc'] ? $checked = 'checked="checked" ' : '';
}
$tout .= '<p class="spProfileLabel"><input type="checkbox" ' . $checked . 'name="postDESC" id="sf-postDESC" /><label for="sf-postDESC"></label></p>';
$tout .= '</div>';
$out .= apply_filters('sph_ProfileUserPostDESC', $tout, $userid, $thisSlug);
# unread post count
$sfcontrols = sp_get_option('sfcontrols');
if (isset($sfcontrols['sfusersunread']) && $sfcontrols['sfusersunread']) {
$tout = '';
$tout .= '<div class="spColumnSection spProfileLeftCol">';
$tout .= '<p class="spProfileLabel">' . sp_text('Max number of unread posts to display') . ' (' . sp_text('max allowed is') . ' ' . $sfcontrols['sfmaxunreadposts'] . ')' . ':</p>';
$tout .= '</div>';
$tout .= '<div class="spColumnSection spProfileSpacerCol"></div>';
$tout .= '<div class="spColumnSection spProfileRightCol">';
$number = is_numeric($spProfileUser->unreadposts) ? $spProfileUser->unreadposts : $sfcontrols['sfdefunreadposts'];
$tout .= '<p class="spProfileLabel"><input class="spControl" type="text" name="unreadposts" id="unreadposts" value="' . $number . '" /></p>';
$tout .= '</div>';
$out .= apply_filters('sph_ProfileUserUnread', $tout);
}
$out = apply_filters('sph_ProfileDisplayOptionsFormBottom', $out, $userid);
$out = apply_filters('sph_ProfileFormBottom', $out, $userid, $thisSlug);
$out .= '<div class="spProfileFormSubmit">';
$out .= '<input type="submit" class="spSubmit" name="formsubmit" value="' . sp_text('Update Display Options') . '" />';
$out .= '</div>';
$out .= '</form>';
$out .= "</div>\n";
$out = apply_filters('sph_ProfileDisplayOptionsForm', $out, $userid);
echo $out;
function sp_post_editor_edit_submit_buttons($out, $spThisTopic, $a, $toolbar)
{
global $spDevice;
extract($a, EXTR_SKIP);
# sanitize
$controlSubmit = esc_attr($controlSubmit);
$controlOrder = esc_attr($controlOrder);
$labelPostButton = sp_filter_title_display($labelPostButton);
$labelPostCancel = sp_filter_title_display($labelPostCancel);
$tipSubmitButton = esc_attr($tipSubmitButton);
$tipCancelButton = esc_attr($tipCancelButton);
$cOrder = isset($controlOrder) ? explode('|', $controlOrder) : array('save', 'cancel');
if ($toolbar == 'toolbar' ? $class = ' spRight' : ($class = '')) {
}
if ($toolbar == 'inline') {
$out .= '<div class="spEditorSubmit">' . "\n";
}
$out .= "<div class='spEditorSubmitButton{$class}'>\n";
# let plugins add stuff to editor controls
$out = apply_filters('sph_post_editor_controls', $out, $spThisTopic, $a, $toolbar);
foreach ($cOrder as $c) {
switch ($c) {
case 'save':
if ($spDevice == 'mobile' && array_key_exists('iconMobileSubmit', $a) && !empty($a['iconMobileSubmit'])) {
# display mobile icon
$out .= "<input type='image' src='" . sp_paint_file_icon(SPTHEMEICONSURL, "{$iconMobileSubmit}") . "' class='spIcon' name='editpost' id='sfsave' />";
} else {
# display default button
$out .= "<input type='submit' tabindex='106' class='{$controlSubmit}' title='{$tipSubmitButton}' name='editpost' id='sfsave' value='{$labelPostButton}' />\n";
}
break;
case 'cancel':
$msg = esc_js(sp_text('Are you sure you want to cancel?'));
if ($spDevice == 'mobile' && array_key_exists('iconMobileCancel', $a) && !empty($a['iconMobileCancel'])) {
# display mobile icon
$out .= "<input type='image' src='" . sp_paint_file_icon(SPTHEMEICONSURL, "{$iconMobileCancel}") . "' class='spIcon' name='cancel' id='sfcancel' onclick='if (confirm(\"" . $msg . "\")) {document.editpostform.submit();}' />";
} else {
# display default button
$out .= "<input type='button' tabindex='107' class='{$controlSubmit}' title='{$tipCancelButton}' id='sfcancel' name='cancel' value='{$labelPostCancel}' onclick='spjSetProcessFlag(this); if (confirm(\"" . $msg . "\")) {document.editpostform.submit();}' />\n";
}
}
}
$out .= '</div>' . "\n";
if ($toolbar == 'inline') {
$out .= '</div>' . "\n";
}
return $out;
}
function sp_load_template($tempName)
{
# set up some globals for theme template files to use directly
global $spGroupView, $spThisGroup, $spForumView, $spThisForum, $spThisSubForum, $spThisForumSubs, $spTopicView, $spThisTopic, $spThisPost, $spThisPostUser, $spListView, $spThisListTopic, $spThisUser, $spProfileUser, $spMembersList, $spThisMemberGroup, $spThisMember, $spGlobals, $spVars, $spDevice, $spMobile;
# some beginning hooks
$tempName = apply_filters('sph_template_load_name', $tempName);
do_action('sph_template_load_begin', $tempName);
do_action('sph_template_load_begin_' . $tempName);
# find the template
$curTheme = $spGlobals['theme'];
if (!empty($tempName) && file_exists($tempName)) {
include $tempName;
} else {
if (!empty($tempName) && file_exists(SPTEMPLATES . $tempName)) {
include SPTEMPLATES . $tempName;
} else {
if (!empty($tempName) && !empty($curTheme['parent']) && file_exists(SPTHEMEBASEDIR . $curTheme['parent'] . '/templates/' . $tempName)) {
include SPTHEMEBASEDIR . $curTheme['parent'] . '/templates/' . $tempName;
} else {
$tempName = explode('/', $tempName);
echo '<p class="spCenter spHeaderName">[' . $tempName[count($tempName) - 1] . '] - ' . sp_text('Template File Not Found') . '</p>';
echo '<div class="spHeaderMessage">';
echo '<p>' . spa_text('Sorry, but the required template file could not be found or could not be opened.') . '</p>';
echo '<br/><p>';
spa_etext('This can be caused by a missing/corrupt theme or theme file. Please check the Simple:Press Theme List admin panel and make sure a valid theme is selected. Or please check the location of the selected theme on your server and make sure the theme and the required template file exist.');
echo '</p>';
echo '</div>';
}
}
}
# some ending hooks
do_action('sph_template_load_end', $tempName);
do_action('sph_template_load_end_' . $tempName);
}
function sp_validate_plugin($plugin)
{
if (validate_file($plugin)) {
return new WP_Error('plugin_invalid', sp_text('Invalid plugin path'));
}
if (!file_exists(SFPLUGINDIR . $plugin)) {
return new WP_Error('plugin_not_found', sp_text('Plugin file does not exist'));
}
$installed_plugins = sp_get_plugins();
if (!isset($installed_plugins[$plugin])) {
return new WP_Error('no_plugin_header', sp_text('The plugin does not have a valid header'));
}
return 0;
}
function sp_listview_query($topicIds, $count, $group, $forumIds, $firstPost, $popup)
{
global $spThisUser, $spGlobals;
# If no topic ids and no count then nothjing to do - return empty
if (empty($topicIds) && $count == 0) {
return;
}
# set popup flag for new posts
$this->popup = $popup;
# Do we have enough topic ids to satisfy count?
if (empty($topicIds) || $count != 0 && count($topicIds) < $count) {
$topicIds = $this->sp_listview_populate_topicids($topicIds, $forumIds, $count);
}
# Do we havwe too many topic ids?
if ($topicIds && ($count != 0 && count($topicIds) > $count)) {
$topicIds = array_slice($topicIds, 0, $count, true);
}
if (empty($topicIds)) {
return;
}
# Construct the main WHERE clause and then main query
$where = SFTOPICS . '.topic_id IN (' . implode(',', $topicIds) . ')';
if ($group) {
$orderby = 'group_seq, forum_seq, ' . SFTOPICS . '.post_id DESC';
} else {
$orderby = SFTOPICS . '.post_id DESC';
}
$spdb = new spdbComplex();
$spdb->table = SFTOPICS;
$spdb->fields = SFTOPICS . '.forum_id, forum_name, forum_slug, forum_disabled, ' . SFTOPICS . '.topic_id, topic_name, topic_slug, topic_icon, topic_icon_new, ' . SFTOPICS . '.post_count,
' . SFTOPICS . '.post_id, post_status, post_index, ' . spdb_zone_datetime('post_date') . ',
guest_name, ' . SFPOSTS . '.user_id, post_content, display_name';
$spdb->join = array(SFFORUMS . ' ON ' . SFFORUMS . '.forum_id = ' . SFTOPICS . '.forum_id', SFGROUPS . ' ON ' . SFGROUPS . '.group_id = ' . SFFORUMS . '.group_id', SFPOSTS . ' ON ' . SFPOSTS . '.post_id = ' . SFTOPICS . '.post_id');
$spdb->left_join = array(SFMEMBERS . ' ON ' . SFMEMBERS . '.user_id = ' . SFPOSTS . '.user_id');
$spdb->where = $where;
$spdb->orderby = $orderby;
$spdb = apply_filters('sph_topic_list_query', $spdb, $this);
$records = $spdb->select();
# add filters where required plus extra data
# And the new array
$list = array();
if ($records) {
# check if all forum ids are the same
$x = current($records);
$f = $x->forum_id;
$single = 1;
foreach ($records as $r) {
if ($r->forum_id != $f) {
$single = 0;
}
}
reset($records);
$new = '';
$first = '';
# Now we can grab the supplementary post records where there may be new posts...
if ($spThisUser->member) {
$new = $this->sp_listview_populate_newposts($topicIds);
}
# go and grab the first post info if desired
if ($firstPost) {
$first = $this->sp_listview_populate_firstposts($topicIds);
}
# Some values we need
# How many topics to a page?
$ppaged = $spGlobals['display']['posts']['perpage'];
if (empty($ppaged) || $ppaged == 0) {
$ppaged = 20;
}
# establish topic sort order
$order = 'ASC';
# default
if ($spGlobals['display']['posts']['sortdesc']) {
$order = 'DESC';
}
# global override
$listPos = 1;
foreach ($records as $r) {
$show = true;
# can the user see this forum?
if (!sp_can_view($r->forum_id, 'topic-title')) {
$show = false;
}
# if in moderattion can this user approve posts?
if ($r->post_status != 0 && !sp_get_auth('moderate_posts', $r->forum_id)) {
$show = false;
}
if ($show) {
$t = $r->topic_id;
$list[$t] = new stdClass();
$list[$t]->forum_id = $r->forum_id;
$list[$t]->forum_name = sp_filter_title_display($r->forum_name);
$list[$t]->forum_disabled = $r->forum_disabled;
$list[$t]->forum_permalink = sp_build_url($r->forum_slug, '', 1, 0);
$list[$t]->topic_id = $r->topic_id;
$list[$t]->topic_name = sp_filter_title_display($r->topic_name);
$list[$t]->topic_permalink = sp_build_url($r->forum_slug, $r->topic_slug, 1, 0);
$list[$t]->topic_icon = sanitize_file_name($r->topic_icon);
$list[$t]->topic_icon_new = sanitize_file_name($r->topic_icon_new);
$list[$t]->post_count = $r->post_count;
$list[$t]->post_id = $r->post_id;
$list[$t]->post_status = $r->post_status;
$list[$t]->post_date = $r->post_date;
$list[$t]->user_id = $r->user_id;
$list[$t]->guest_name = sp_filter_name_display($r->guest_name);
$list[$t]->display_name = sp_filter_name_display($r->display_name);
if (sp_can_view($r->forum_id, 'post-content', $spThisUser->ID, $r->user_id)) {
$list[$t]->post_tip = $r->post_status ? sp_text('Post awaiting moderation') : sp_filter_tooltip_display($r->post_content, $r->post_status);
} else {
$list[$t]->post_tip = '';
}
$list[$t]->list_position = $listPos;
if (empty($r->display_name)) {
$list[$t]->display_name = $list[$t]->guest_name;
}
# Lastly determine the page for the post permalink
if ($order == 'ASC') {
$page = $r->post_index / $ppaged;
if (!is_int($page)) {
$page = intval($page + 1);
}
} else {
$page = $r->post_count - $r->post_index;
$page = $page / $ppaged;
$page = intval($page + 1);
}
$r->page = $page;
$list[$t]->post_permalink = sp_build_url($r->forum_slug, $r->topic_slug, $r->page, $r->post_id, $r->post_index);
$list[$t]->single_forum = $single;
# add in any new post details if they exist
if (!empty($new) && array_key_exists($t, $new)) {
$list[$t]->new_post_count = $new[$t]->new_post_count;
$list[$t]->new_post_post_id = $new[$t]->new_post_post_id;
$list[$t]->new_post_post_index = $new[$t]->new_post_post_index;
$list[$t]->new_post_post_date = $new[$t]->new_post_post_date;
$list[$t]->new_post_user_id = $new[$t]->new_post_user_id;
$list[$t]->new_post_display_name = $new[$t]->new_post_display_name;
$list[$t]->new_post_guest_name = $new[$t]->new_post_guest_name;
$list[$t]->new_post_permalink = sp_build_url($r->forum_slug, $r->topic_slug, 0, $new[$t]->new_post_post_id, $new[$t]->new_post_post_index);
if (empty($new[$t]->new_post_display_name)) {
$list[$t]->new_post_display_name = $new[$t]->new_post_guest_name;
}
}
# add the first post info if desired
if ($firstPost) {
$list[$t]->first_post_permalink = sp_build_url($r->forum_slug, $r->topic_slug, 0, $first[$t]->post_id, 1);
$list[$t]->first_post_date = $first[$t]->post_date;
$list[$t]->first_user_id = $first[$t]->user_id;
$list[$t]->first_guest_name = sp_filter_name_display($first[$t]->guest_name);
$list[$t]->first_display_name = sp_filter_name_display($first[$t]->display_name);
if (sp_can_view($r->forum_id, 'post-content', $spThisUser->ID, $first[$t]->user_id)) {
$list[$t]->first_post_tip = $first[$t]->post_status ? sp_text('Post awaiting moderation') : sp_filter_tooltip_display($first[$t]->post_content, $first[$t]->post_status);
} else {
$list[$t]->first_post_tip = '';
}
if (empty($list[$t]->first_display_name)) {
$list[$t]->first_display_name = $list[$t]->first_guest_name;
}
}
$list[$t] = apply_filters('sph_topic_list_record', $list[$t], $r);
$listPos++;
}
}
unset($records);
unset($new);
unset($first);
}
return $list;
}
function sp_TopicForumToolButton($args = '', $label = '', $toolTip = '')
{
global $spThisForum, $spThisTopic, $spThisUser, $spGlobals;
if ($spGlobals['lockdown'] == true && $spThisUser->admin == false) {
return;
}
$show = false;
if ($spThisUser->admin || $spThisUser->moderator) {
$show = true;
} else {
if (sp_get_auth('lock_topics', $spThisForum->forum_id) || sp_get_auth('pin_topics', $spThisForum->forum_id) || sp_get_auth('edit_any_topic_titles', $spThisForum->forum_id) || sp_get_auth('delete_topics', $spThisForum->forum_id) || sp_get_auth('move_topics', $spThisForum->forum_id) || sp_get_auth('edit_own_topic_titles', $spThisForum->forum_id) && $spThisTopic->first_user_id == $spThisUser->ID) {
$show = true;
}
}
$show = apply_filters('sph_forum_tools_forum_show', $show);
if (!$show) {
return;
}
$defs = array('tagId' => 'spForumToolButton%ID%', 'tagClass' => 'spToolsButton', 'icon' => 'sp_ForumTools.png', 'iconClass' => 'spIcon', 'hide' => 1, 'containerClass' => 'spForumTopicSection');
$a = wp_parse_args($args, $defs);
$a = apply_filters('sph_TopicForumToolButton_args', $a);
extract($a, EXTR_SKIP);
# sanitize before use
$tagId = esc_attr($tagId);
$tagClass = esc_attr($tagClass);
$icon = sanitize_file_name($icon);
$iconClass = esc_attr($iconClass);
$containerClass = esc_attr($containerClass);
$hide = (int) $hide;
$toolTip = esc_attr($toolTip);
$label = sp_filter_title_display($label);
$tagId = str_ireplace('%ID%', $spThisTopic->topic_id, $tagId);
$addStyle = '';
if ($hide) {
$addStyle = " style='display:none;' ";
}
$site = SFHOMEURL . 'index.php?sp_ahah=admintoollinks&sfnonce=' . wp_create_nonce('forum-ahah') . "&action=topictools&topic={$spThisTopic->topic_id}&forum={$spThisForum->forum_id}&page={$spThisForum->display_page}";
$out = "<a class='{$tagClass} vtip' id='{$tagId}' title='{$toolTip}' rel='nofollow' href='javascript:void(null)' {$addStyle} ";
$title = esc_js(sp_text('Forum Tools'));
$out .= "onclick='spjDialogAjax(this, \"{$site}\", \"{$title}\", 250, 0, 0);' >";
if (!empty($icon)) {
$out .= "<img class='{$iconClass}' src='" . sp_find_icon(SPTHEMEICONSURL, $icon) . "' alt=''/>";
}
if (!empty($label)) {
$out .= $label;
}
$out .= "</a>\n";
$out = apply_filters('sph_TopicForumToolButton', $out, $a);
echo $out;
# Add script to hover admin buttons - just once
if ($spThisForum->tools_flag && $hide) {
?>
<script type='text/javascript'>
/* <![CDATA[ */
var sptb = {
toolclass : '.<?php
echo $containerClass;
?>
'
};
/* ]]> */
</script>
<?php
add_action('wp_footer', 'spjs_AddTopicToolsHover');
$spThisForum->tools_flag = false;
}
}
function sp_ProfileShowSearchPosts($args = '', $label = '', $labelStarted = '', $labelPosted = '', $labelYouStarted = '', $labelYouPosted = '')
{
global $spProfileUser, $spThisUser;
if (!sp_get_auth('view_profiles')) {
return;
}
$defs = array('tagClass' => 'spProfileSearchPosts', 'leftClass' => 'spColumnSection spProfileLeftCol', 'middleClass' => 'spColumnSection spProfileSpacerCol', 'rightClass' => 'spColumnSection spProfileRightCol', 'linkClass' => 'spButton spLeft', 'echo' => 1);
$a = wp_parse_args($args, $defs);
$a = apply_filters('sph_ProfileShowSearchPosts_args', $a);
extract($a, EXTR_SKIP);
# sanitize before use
$tagClass = esc_attr($tagClass);
$leftClass = esc_attr($leftClass);
$middleClass = esc_attr($middleClass);
$rightClass = esc_attr($rightClass);
$linkClass = esc_attr($linkClass);
$label = sp_filter_title_display($label);
$echo = (int) $echo;
if ($spProfileUser->ID == $spThisUser->ID) {
if (empty($labelYouStarted)) {
$labelYouStarted = sp_text('List Topics You Started');
}
if (empty($labelYouPosted)) {
$labelYouPosted = sp_text('List Topics You Have Posted To');
}
$labelYouStarted = sp_filter_title_display($labelYouStarted);
$labelYouPosted = sp_filter_title_display($labelYouPosted);
} else {
if (!empty($labelStarted)) {
$labelStarted = str_replace('%USERNAME%', $spProfileUser->display_name, $labelStarted);
} else {
$labelStarted = sprintf(sp_text('List Topics %1$s Has Started'), $spProfileUser->display_name);
}
if (!empty($labelPosted)) {
$labelPosted = str_replace('%USERNAME%', $spProfileUser->display_name, $labelPosted);
} else {
$labelPosted = sprintf(sp_text('List Topics %1$s Has Posted To'), $spProfileUser->display_name);
}
$labelStarted = sp_filter_title_display($labelStarted);
$labelPosted = sp_filter_title_display($labelPosted);
}
# output first name
$out = '';
$out .= "<div class='{$leftClass}'>";
$out .= "<p class='{$tagClass}'>{$label}:</p>";
$out .= '</div>';
$out .= "<div class='{$middleClass}'></div>";
$out .= "<div class='{$rightClass}'>";
$out .= '<form action="' . SFHOMEURL . 'index.php?sp_ahah=search&sfnonce=' . wp_create_nonce('forum-ahah') . '" method="post" id="searchposts" name="searchposts">';
$out .= '<input type="hidden" class="sfhiddeninput" name="searchoption" id="searchoption" value="2" />';
$out .= '<input type="hidden" class="sfhiddeninput" name="userid" id="userid" value="' . $spProfileUser->ID . '" />';
if ($spProfileUser->ID == $spThisUser->ID) {
$text1 = $labelYouPosted;
$text2 = $labelYouStarted;
} else {
$text1 = $labelPosted;
$text2 = $labelStarted;
}
$out .= '<input type="submit" class="spSubmit" name="membersearch" value="' . $text1 . '" />';
$out .= '<input type="submit" class="spSubmit" name="memberstarted" value="' . $text2 . '" />';
$out .= '</form>';
$out .= "</div>\n";
$out = apply_filters('sph_ProfileShowSearchPosts', $out, $spProfileUser, $a);
if ($echo) {
echo $out;
} else {
return $out;
}
}
