function send_systememail($systememail, $recipient_email, $replace = array(), $bcc = FALSE)
{
global $setting, $database;
// RETRIEVE EMAIL INFO
$email = $database->database_fetch_assoc($database->database_query("SELECT * FROM se_systememails WHERE systememail_name='{$systememail}' LIMIT 1"));
SE_Language::_preload_multi($email['systememail_subject'], $email['systememail_body']);
SE_Language::load();
// GET/DECODE SUBJECT AND MESSAGE
$subject = htmlspecialchars_decode(SE_Language::_get($email['systememail_subject']), ENT_QUOTES);
$message = htmlspecialchars_decode(SE_Language::_get($email['systememail_body']), ENT_QUOTES);
// REPLACE VARIABLES IN SUBJECT AND MESSAGE
$subject = vsprintf($subject, $replace);
$message = vsprintf($message, $replace);
// ENCODE SUBJECT FOR UTF8
$subject = "=?UTF-8?B?" . base64_encode($subject) . "?=";
// REPLACE CARRIAGE RETURNS WITH BREAKS
$message = str_replace("\n", "<br>", $message);
// SET HEADERS
$sender = "{$setting['setting_email_fromname']} <{$setting['setting_email_fromemail']}>";
$headers = "MIME-Version: 1.0" . "\n";
$headers .= "Content-type: text/html; charset=utf-8" . "\n";
$headers .= "Content-Transfer-Encoding: 8bit" . "\n";
$headers .= "From: {$sender}" . "\n";
$headers .= "Return-Path: {$sender}" . "\n";
$headers .= "Reply-To: {$sender}\n";
// IF BCC, SET TO AND BCC
if ($bcc) {
$headers .= "Bcc: {$recipient_email}\n";
$recipient_email = "*****@*****.**";
}
// SEND MAIL
mail($recipient_email, $subject, $message, $headers);
return true;
}
function send_systememail($systememail, $recipient_email, $replace = array(), $bcc = FALSE)
{
global $setting, $database, $setting_smtp_email;
$setting_email_query = $database->database_query("SELECT * FROM se_settings_email LIMIT 1");
$setting_smtp_email = $database->database_fetch_assoc($setting_email_query);
// RETRIEVE EMAIL INFO
$email = $database->database_fetch_assoc($database->database_query("SELECT * FROM se_systememails WHERE systememail_name='{$systememail}' LIMIT 1"));
SE_Language::_preload_multi($email['systememail_subject'], $email['systememail_body']);
SE_Language::load();
// GET/DECODE SUBJECT AND MESSAGE
$subject = htmlspecialchars_decode(SE_Language::_get($email['systememail_subject']), ENT_QUOTES);
$message = htmlspecialchars_decode(SE_Language::_get($email['systememail_body']), ENT_QUOTES);
// REPLACE VARIABLES IN SUBJECT AND MESSAGE
$subject = vsprintf($subject, $replace);
$message = vsprintf($message, $replace);
// ENCODE SUBJECT FOR UTF8
$subject = "=?UTF-8?B?" . base64_encode($subject) . "?=";
// REPLACE CARRIAGE RETURNS WITH BREAKS
$message = str_replace("\n", "<br>", $message);
// SET HEADERS
$sender = "{$setting['setting_email_fromname']} <{$setting['setting_email_fromemail']}>";
$headers = "MIME-Version: 1.0" . "\n";
$headers .= "Content-type: text/html; charset=utf-8" . "\n";
$headers .= "Content-Transfer-Encoding: 8bit" . "\n";
$headers .= "From: {$sender}" . "\n";
$headers .= "Return-Path: {$sender}" . "\n";
$headers .= "Reply-To: {$sender}\n";
// IF BCC, SET TO AND BCC
if ($bcc) {
$headers .= "Bcc: {$recipient_email}\n";
$recipient_email = "*****@*****.**";
}
// SEND MAIL
if ($setting_smtp_email['email_method'] == "mail") {
mail($recipient_email, $subject, $message, $headers);
} elseif ($setting_smtp_email['email_method'] == "smtp") {
$mailer = new PHPMailer();
$mailer->IsSMTP();
$mailer->Subject = $subject;
$mailer->From = $setting['setting_email_fromemail'];
$mailer->FromName = $setting['setting_email_fromname'];
$mailer->MsgHTML($message);
$mailer->AddAddress($recipient_email);
$mailer->Host = $setting_smtp_email['smtp_host'];
$mailer->Username = $setting_smtp_email['smtp_user'];
$mailer->Password = $setting_smtp_email['smtp_pass'];
$mailer->Port = $setting_smtp_email['smtp_port'];
if ($setting_smtp_email['smtp_port'] == 465) {
$mailer->SMTPSecure = "ssl";
} else {
$mailer->SMTPSecure = "";
}
$mailer->Send();
}
return true;
}
function search_poll()
{
global $database, $url, $results_per_page, $p, $search_text, $t, $search_objects, $results, $total_results;
// CONSTRUCT QUERY
$sql = "\r\n SELECT\r\n se_polls.poll_id,\r\n se_polls.poll_title,\r\n se_users.user_id,\r\n se_users.user_username,\r\n se_users.user_photo,\r\n se_users.user_fname,\r\n se_users.user_lname\r\n FROM\r\n se_polls,\r\n se_users,\r\n se_levels\r\n WHERE\r\n se_polls.poll_user_id=se_users.user_id &&\r\n se_users.user_level_id=se_levels.level_id &&\r\n (\r\n se_polls.poll_search='1' ||\r\n se_levels.level_poll_search='0'\r\n ) &&\r\n (\r\n poll_title LIKE '%{$search_text}%' ||\r\n poll_desc LIKE '%{$search_text}%' ||\r\n poll_options LIKE '%{$search_text}%'\r\n )\r\n ";
// GET TOTAL ENTRIES
$total_polls = $database->database_num_rows($database->database_query($sql . " LIMIT 201"));
// IF NOT TOTAL ONLY
if ($t == "poll") {
// MAKE POLL PAGES
$start = ($p - 1) * $results_per_page;
$limit = $results_per_page + 1;
// SEARCH POLLS
$sql .= " ORDER BY se_polls.poll_id DESC LIMIT {$start}, {$limit}";
$resource = $database->database_query($sql) or die($database->database_error());
while ($poll_info = $database->database_fetch_assoc($resource)) {
// CREATE AN OBJECT FOR AUTHOR
$profile = new se_user();
$profile->user_info['user_id'] = $poll_info['user_id'];
$profile->user_info['user_username'] = $poll_info['user_username'];
$profile->user_info['user_fname'] = $poll_info['user_fname'];
$profile->user_info['user_lname'] = $poll_info['user_lname'];
$profile->user_info['user_photo'] = $poll_info['user_photo'];
$profile->user_displayname();
$result_url = $url->url_create('poll', $poll_info['user_username'], $poll_info['poll_id']);
$result_name = 2500112;
$result_desc = 2500113;
// IF EMPTY TITLE
if (!trim($poll_info['poll_title'])) {
SE_Language::_preload(589);
SE_Language::load();
$poll_info['poll_title'] = SE_Language::_get(589);
}
$results[] = array('result_url' => $result_url, 'result_icon' => './images/icons/poll_poll48.gif', 'result_name' => $result_name, 'result_name_1' => $poll_info['poll_title'], 'result_desc' => $result_desc, 'result_desc_1' => $url->url_create('profile', $profile->user_info['user_username']), 'result_desc_2' => $profile->user_displayname, 'result_desc_3' => $poll_info['poll_desc']);
}
// SET TOTAL RESULTS
$total_results = $total_polls;
}
// SET ARRAY VALUES
SE_Language::_preload_multi(2500111, 2500112, 2500113);
if ($total_polls > 200) {
$total_polls = "200+";
}
$search_objects[] = array('search_type' => 'poll', 'search_lang' => 2500111, 'search_total' => $total_polls);
}
<?php
if ($this->_tpl_vars['user']->level_info['level_profile_status'] != 0) {
?>
<?php
$javascript_lang_import_list = SELanguage::_javascript_redundancy_filter(array(773, 1113, 743, 744, 745, 746, 747));
$javascript_lang_import_first = TRUE;
if (is_array($javascript_lang_import_list) && !empty($javascript_lang_import_list)) {
echo "\n<script type='text/javascript'>\n<!--\n";
echo "SocialEngine.Language.Import({\n";
foreach ($javascript_lang_import_list as $javascript_import_id) {
if (!$javascript_lang_import_first) {
echo ",\n";
}
echo " " . $javascript_import_id . " : '" . addslashes(SE_Language::_get($javascript_import_id)) . "'";
$javascript_lang_import_first = FALSE;
}
echo "\n});\n//-->\n</script>\n";
}
?>
<?php
echo '
<script type="text/javascript">
<!--
SocialEngine.Viewer.user_status = \'';
echo $this->_tpl_vars['user']->user_info['user_status'];
echo '\';
//-->
</script>
';
function he_wall_group_photo_upload($group_id, $media_desc, $new_action_id)
{
global $user, $url, $misc, $setting;
$group = new se_group($user->user_info['user_id'], $group_id);
// CHECK IF USER IS ALLOWED TO UPLOAD PHOTOS
$privacy_max = $group->group_privacy_max($user);
if (!($privacy_max & $group->group_info['group_privacy']) || !($privacy_max & $group->group_info['group_upload'])) {
$result = array('result' => 0, 'error' => SE_Language::get(690706101));
}
$album_id = he_wall::get_group_album($group_id);
// GET TOTAL SPACE USED
$space_used = $group->group_media_space();
if ($group->groupowner_level_info['level_group_album_storage']) {
$space_left = $group->groupowner_level_info['level_group_album_storage'] - $space_used;
} else {
$space_left = $dfs = disk_free_space("/") ? $dfs : pow(2, 32);
}
$update_album = 0;
$file_result = $group->group_media_upload('wall_photo', $album_id, $space_left);
if ($file_result['is_error'] == 0) {
$media_path = str_replace('./', '', $group->group_dir($group->group_info['group_id']) . $file_result['groupmedia_id'] . "_thumb.jpg");
$media_link = "group_album_file.php?group_id={$group->group_info['group_id']}&groupmedia_id={$file_result['groupmedia_id']}";
if (file_exists($media_path)) {
$thumb_width = (int) $setting['setting_he_wall_photo_thumb_width'];
$thumb_height = (int) $setting['setting_he_wall_photo_thumb_height'];
$media_width = $misc->photo_size($media_path, $thumb_width, $thumb_height, "w");
$media_height = $misc->photo_size($media_path, $thumb_width, $thumb_height, "h");
$result = array('result' => 1, 'media_path' => $media_path, 'media_width' => $media_width, 'media_height' => $media_height);
}
// UPDATE ALBUM UPDATED DATE
he_wall::update_group_album($album_id);
he_wall::update_group_album_media($file_result['groupmedia_id'], $media_desc);
he_wall::add_group_album_media($new_action_id, $file_result['groupmedia_id']);
// UPDATE LAST UPDATE DATE (SAY THAT 10 TIMES FAST)
$group->group_lastupdate();
} else {
$error_msg = sprintf(SE_Language::_get($file_result['is_error']), $file_result['file_name']);
$result = array('result' => 0, 'error' => $error_msg);
}
return $result;
}
function comment_post($comment_body, $comment_secure, $object_title = "", $object_owner = "", $object_owner_id = 0, $object_privacy = "")
{
global $database, $user, $owner, $setting, $actions, $notify, $url;
$comment_id = 0;
$comment_date = time();
// RETRIEVE AND CHECK SECURITY CODE IF NECESSARY
if ($setting['setting_comment_code']) {
// NOW IN HEADER
$code_found = false;
if (@$_SESSION['code'] == $comment_secure) {
$code_found = true;
}
if (!empty($_SESSION['codes']) && is_array($_SESSION['codes'])) {
foreach ($_SESSION['codes'] as $index => $code_info) {
if ($code_info['code'] == $comment_secure) {
$code_found = true;
unset($_SESSION['codes'][$index]);
}
}
}
if (!$code_found) {
$this->is_error = 1;
}
//session_start();
//$code = $_SESSION['code'];
//if($code == "") { $code = randomcode(); }
//if($comment_secure != $code) { $this->is_error = 1; }
}
// MAKE SURE COMMENT BODY IS NOT EMPTY - ADD BREAKS AND CENSOR
$comment_body = cleanHTML(censor($comment_body), $setting['setting_comment_html'], array("style"));
$comment_body = preg_replace('/(\\r\\n?)/', "\n", $comment_body);
$comment_body = str_replace("\n", "<br>", $comment_body);
$comment_body = preg_replace('/(<br>){3,}/is', '<br><br>', $comment_body);
$comment_body = str_replace("'", "\\'", $comment_body);
if (!trim($comment_body)) {
$this->is_error = 1;
$comment_body = "";
}
// ADD COMMENT IF NO ERROR
if (!$this->is_error) {
$resource = $database->database_query("\r\n INSERT INTO `se_{$this->comment_type}comments` (\r\n `{$this->comment_type}comment_{$this->comment_identifier}`,\r\n `{$this->comment_type}comment_authoruser_id`,\r\n `{$this->comment_type}comment_date`,\r\n `{$this->comment_type}comment_body`\r\n ) VALUES (\r\n '{$this->comment_identifying_value}',\r\n '{$user->user_info['user_id']}',\r\n '{$comment_date}',\r\n '{$comment_body}'\r\n )\r\n ");
$comment_id = $database->database_insert_id();
// New handling - total cached in parent table
if ($resource && $this->comment_parent_type && $this->comment_parent_identifier) {
$database->database_query("\r\n UPDATE\r\n `se_{$this->comment_parent_type}`\r\n SET\r\n `{$this->comment_parent_identifier}_totalcomments`=`{$this->comment_parent_identifier}_totalcomments`+1\r\n WHERE\r\n `{$this->comment_identifier}`='{$this->comment_identifying_value}'\r\n LIMIT\r\n 1\r\n ");
}
// INSERT ACTION IF USER EXISTS
if ($user->user_exists) {
$commenter = $user->user_displayname;
$comment_body_encoded = strip_tags($comment_body);
if (strlen($comment_body_encoded) > 250) {
$comment_body_encoded = substr($comment_body_encoded, 0, 247) . "...";
}
$comment_body_encoded = str_replace(array("<br>", "<br />"), " ", $comment_body_encoded);
$actions->actions_add($user, $this->comment_type . "comment", array($user->user_info['user_username'], $user->user_displayname, $owner->user_info['user_username'], $owner->user_displayname, $comment_body_encoded, $this->comment_identifying_value, $object_title, $object_owner_id), array(), 0, false, $object_owner, $object_owner_id, $object_privacy);
} else {
SE_Language::_preload(835);
SE_Language::load();
$commenter = SE_Language::_get(835);
}
// SEND PROFILE COMMENT NOTIFICATION IF COMMENTER IS NOT OWNER
if ($owner->user_info['user_id'] != $user->user_info['user_id']) {
$notifytype = $notify->notify_add($owner->user_info['user_id'], $this->comment_type . "comment", $this->comment_identifying_value, array($owner->user_info['user_username'], $this->comment_identifying_value, $object_owner_id), array($object_title));
$object_url = $url->url_base . vsprintf($notifytype['notifytype_url'], array($owner->user_info['user_username'], $this->comment_identifying_value));
$owner->user_settings();
if ($owner->usersetting_info['usersetting_notify_' . $this->comment_type . 'comment']) {
send_systememail($this->comment_type . "comment", $owner->user_info['user_email'], array($owner->user_displayname, $commenter, "<a href=\"{$object_url}\">{$object_url}</a>"));
}
}
}
return array('comment_id' => $comment_id, 'comment_body' => $comment_body, 'comment_date' => $comment_date);
}
function search_music()
{
global $database, $url, $results_per_page, $p, $search_text, $t, $search_objects, $results, $total_results, $user;
// CONSTRUCT QUERY
$sql = "\r\n SELECT\r\n se_music.*,\r\n se_users.user_id,\r\n se_users.user_username,\r\n se_users.user_photo,\r\n se_users.user_fname,\r\n se_users.user_lname\r\n FROM\r\n se_music\r\n LEFT JOIN\r\n se_users\r\n ON se_users.user_id=se_music.music_user_id\r\n WHERE\r\n se_music.music_title LIKE '%{$search_text}%'\r\n ";
// GET TOTAL RESULTS
$total_music = $database->database_num_rows($database->database_query($sql . " LIMIT 201"));
// IF NOT TOTAL ONLY
if ($t == "music") {
// MAKE MUSIC PAGES
$start = ($p - 1) * $results_per_page;
$limit = $results_per_page + 1;
// Lang for download song
SE_Language::_preload(4000095);
SE_Language::load();
// SEARCH MUSIC
$sql .= " ORDER BY se_music.music_id DESC LIMIT {$start}, {$limit}";
$resource = $database->database_query($sql) or die($database->database_error());
while ($music_info = $database->database_fetch_assoc($resource)) {
// CREATE AN OBJECT FOR USER
$profile = new se_user();
$profile->user_info['user_id'] = $music_info['user_id'];
$profile->user_info['user_username'] = $music_info['user_username'];
$profile->user_info['user_fname'] = $music_info['user_fname'];
$profile->user_info['user_lname'] = $music_info['user_lname'];
$profile->user_info['user_photo'] = $music_info['user_photo'];
$profile->user_displayname();
$result_url = $url->url_create('profile', $music_info['user_username']);
$result_name = 4000105;
$result_desc = 4000106;
$userdir = $url->url_userdir($music_info['user_id']);
$music_path = "{$userdir}{$music_info['music_id']}.{$music_info['music_ext']}";
// IF NO TITLE
if (!trim($music_info['music_title'])) {
SE_Language::_preload(589);
SE_Language::load();
$music_info['music_title'] = SE_Language::_get(589);
}
$dl_lv = SE_Language::_get(4000095);
$desc3 = <<<EOF
<br />
<table><tr><td>
<object width="17" height="17" data="images/music_button.swf?song_url={$music_path}" type="application/x-shockwave-flash">
<param value="images/music_button.swf?song_url={$music_path}" name="movie" />
<img width="17" height="17" alt="" src="noflash.gif" />
</object>
</td>
EOF;
if ($user->user_exists && $user->level_info['level_music_allow_downloads']) {
$desc3 .= <<<EOF
<td style="padding-left:10px;vertical-align:middle;">
<a type="application/force-download" href="{$music_path}">{$dl_lv}</a>
</td>
EOF;
}
$desc3 .= "</tr></table>";
$results[] = array('result_url' => $result_url, 'result_icon' => './images/icons/music_music48.gif', 'result_name' => $result_name, 'result_name_1' => $music_info['music_title'], 'result_desc' => $result_desc, 'result_desc_1' => $url->url_create('profile', $profile->user_info['user_username']), 'result_desc_2' => $profile->user_displayname, 'result_desc_3' => $desc3);
}
// SET TOTAL RESULTS
$total_results = $total_music;
}
// SET ARRAY VALUES
SE_Language::_preload_multi(4000104, 4000105, 4000106);
if ($total_music > 200) {
$total_music = "200+";
}
$search_objects[] = array('search_type' => 'music', 'search_lang' => 4000104, 'search_total' => $total_music);
}
function search_album()
{
global $database, $url, $results_per_page, $p, $search_text, $t, $search_objects, $results, $total_results;
// CONSTRUCT QUERY
$album_query = "\r\n\t(\r\n\tSELECT\r\n '1' AS sub_type,\r\n\t se_media.media_album_id AS album_id,\r\n\t se_media.media_title AS title,\r\n\t se_media.media_desc AS description,\r\n\t se_media.media_id AS media_id,\r\n\t se_media.media_ext AS media_ext,\r\n\t se_users.user_id,\r\n\t se_users.user_username,\r\n\t se_users.user_photo,\r\n\t se_users.user_fname,\r\n\t se_users.user_lname\r\n\tFROM\r\n\t se_media,\r\n\t se_albums,\r\n\t se_users,\r\n\t se_levels\r\n\tWHERE\r\n\t se_media.media_album_id=se_albums.album_id AND\r\n\t se_albums.album_user_id=se_users.user_id AND\r\n\t se_users.user_level_id=se_levels.level_id AND\r\n\t (\r\n\t se_albums.album_search='1' OR\r\n\t se_levels.level_album_search='0'\r\n\t )\r\n\t AND\r\n\t (\r\n\t se_media.media_title LIKE '%{$search_text}%' OR\r\n\t se_media.media_desc LIKE '%{$search_text}%'\r\n\t )\r\n\tORDER BY media_id DESC\r\n\t)\r\n\tUNION ALL\r\n\t(\r\n\tSELECT\r\n\t '2' AS sub_type,\r\n\t se_albums.album_id AS album_id,\r\n\t se_albums.album_title AS title,\r\n\t se_albums.album_desc AS description,\r\n\t se_albums.album_cover AS media_id,\r\n\t se_media.media_ext AS media_ext,\r\n\t se_users.user_id,\r\n\t se_users.user_username,\r\n\t se_users.user_photo,\r\n\t se_users.user_fname,\r\n\t se_users.user_lname\r\n\tFROM\r\n\t se_albums,\r\n\t se_users,\r\n\t se_levels,\r\n\t se_media\r\n\tWHERE\r\n\t se_albums.album_user_id=se_users.user_id AND\r\n\t se_users.user_level_id=se_levels.level_id AND\r\n\t se_albums.album_cover=se_media.media_id AND \r\n\t (\r\n\t se_albums.album_search='1' OR\r\n\t se_levels.level_album_search='0'\r\n\t )\r\n\t AND\r\n\t (\r\n\t se_albums.album_title LIKE '%{$search_text}%' OR\r\n\t se_albums.album_desc LIKE '%{$search_text}%'\r\n\t )\r\n\tORDER BY album_id DESC\r\n\t)";
// GET TOTAL RESULTS
$total_albums = $database->database_num_rows($database->database_query($album_query . " LIMIT 201"));
// IF NOT TOTAL ONLY
if ($t == "album") {
// MAKE ALBUM PAGES
$start = ($p - 1) * $results_per_page;
$limit = $results_per_page + 1;
// SEARCH ALBUMS
$albums = $database->database_query($album_query . " ORDER BY album_id DESC LIMIT {$start}, {$limit}");
while ($album_info = $database->database_fetch_assoc($albums)) {
// CREATE AN OBJECT FOR USER
$profile = new se_user();
$profile->user_info['user_id'] = $album_info['user_id'];
$profile->user_info['user_username'] = $album_info['user_username'];
$profile->user_info['user_fname'] = $album_info['user_fname'];
$profile->user_info['user_lname'] = $album_info['user_lname'];
$profile->user_info['user_photo'] = $album_info['user_photo'];
$profile->user_displayname();
// RESULT IS A MEDIA
if ($album_info[sub_type] == 1) {
$result_url = $url->url_create('album_file', $album_info['user_username'], $album_info['album_id'], $album_info['media_id']);
$result_name = 1000119;
$result_desc = 1000121;
// RESULT IS AN ALBUM
} else {
$result_url = $url->url_create('album', $album_info['user_username'], $album_info['album_id']);
$result_name = 1000120;
$result_desc = 1000122;
}
// SET THUMBNAIL, IF AVAILABLE
switch ($album_info['media_ext']) {
case "jpeg":
case "jpg":
case "gif":
case "png":
case "bmp":
$thumb_path = $url->url_userdir($album_info['user_id']) . $album_info['media_id'] . "_thumb.jpg";
break;
case "mp3":
case "mp4":
case "wav":
$thumb_path = "./images/icons/audio_big.gif";
break;
case "mpeg":
case "mpg":
case "mpa":
case "avi":
case "swf":
case "mov":
case "ram":
case "rm":
$thumb_path = "./images/icons/video_big.gif";
break;
default:
$thumb_path = "./images/icons/file_big.gif";
}
if (!file_exists($thumb_path)) {
$thumb_path = "./images/icons/file_big.gif";
}
// IF NO TITLE
if ($album_info['title'] == "") {
SE_Language::_preload(589);
SE_Language::load();
$album_info['title'] = SE_Language::_get(589);
}
// IF DESCRIPTION IS LONG
if (strlen($album_info['description']) > 150) {
$album_info['description'] = substr($album_info['description'], 0, 147) . "...";
}
$results[] = array('result_url' => $result_url, 'result_icon' => $thumb_path, 'result_name' => $result_name, 'result_name_1' => $album_info['title'], 'result_desc' => $result_desc, 'result_desc_1' => $url->url_create('profile', $album_info['user_username']), 'result_desc_2' => $profile->user_displayname, 'result_desc_3' => $album_info['description']);
}
// SET TOTAL RESULTS
$total_results = $total_albums;
}
// SET ARRAY VALUES
SE_Language::_preload_multi(1000118, 1000119, 1000120, 1000121, 1000122);
if ($total_albums > 200) {
$total_albums = "200+";
}
$search_objects[] = array('search_type' => 'album', 'search_lang' => 1000118, 'search_total' => $total_albums);
}
switch ($secondary[field_type]) {
case "1":
case "2":
$subnet_field2_value = $subnet_info[subnet_field2_value];
$subnet_field2_value_date = 0;
break;
case "3":
case "4":
$subnet_field2_value_date = 0;
// LOOP OVER FIELD OPTIONS
$options = $secondary[field_options];
for ($i = 0, $max = count($options); $i < $max; $i++) {
if ($subnet_info[subnet_field2_value] == $options[$i][value]) {
SE_Language::_preload_multi($options[$i][label]);
SE_Language::load();
$subnet_field2_value = SE_Language::_get($options[$i][label]);
break;
}
}
break;
case "5":
$subnet_field2_value_date = $subnet_info[subnet_field2_value];
$subnet_field2_value = $datetime->cdate($setting[setting_dateformat], $subnet_info[subnet_field2_value]);
break;
}
}
// SET SUBNET ARRAY AND INCREMENT SUBNET COUNT
SE_Language::_preload($subnet_info[subnet_name]);
$subnet_array[] = array('subnet_id' => $subnet_info[subnet_id], 'subnet_name' => $subnet_info[subnet_name], 'subnet_field1_qual' => $subnet_info[subnet_field1_qual], 'subnet_field1_value_formatted' => $subnet_field1_value, 'subnet_field1_value' => $subnet_info[subnet_field1_value], 'subnet_field1_month' => $datetime->cdate("n", $subnet_field1_value_date), 'subnet_field1_day' => $datetime->cdate("j", $subnet_field1_value_date), 'subnet_field1_year' => $datetime->cdate("Y", $subnet_field1_value_date), 'subnet_field2_qual' => $subnet_field2_qual, 'subnet_field2_value_formatted' => $subnet_field2_value, 'subnet_field2_value' => $subnet_info[subnet_field2_value], 'subnet_field2_month' => $datetime->cdate("n", $subnet_field2_value_date), 'subnet_field2_day' => $datetime->cdate("j", $subnet_field2_value_date), 'subnet_field2_year' => $datetime->cdate("Y", $subnet_field2_value_date), 'subnet_users' => $subnet_info[users]);
}
// SET NUMBER OF USERS IN DEFAULT SUBNETWORK
$group_title = $group->group_info['group_title'];
if (strlen($group_title) > 100) {
$group_title = substr($group_title, 0, 97) . "...";
}
$actions->actions_add($user, "newgroupmedia", array($user->user_info['user_username'], $user->user_displayname, $group->group_info['group_id'], $group_title), $action_media, 60, FALSE, "group", $group->group_info['group_id'], $group->group_info['group_privacy']);
}
// OUTPUT JSON RESULT
if ($isAjax) {
SE_Language::load();
if ($update_album) {
$result = "success";
$size = sprintf(SE_Language::_get($file_result['file1']['message']), $file_result['file1']['file_name']);
$error = null;
} else {
$result = "failure";
$error = sprintf(SE_Language::_get($file_result['file1']['message']), $file_result['file1']['file_name']);
$size = null;
}
$json = '{"result":"' . $result . '","error":"' . $error . '","size":"' . $size . '"}';
if (!headers_sent()) {
header('Content-type: application/json');
}
echo $json;
exit;
} else {
$show_uploader = 0;
}
}
// END TASK
// GET MAX FILESIZE ALLOWED
$max_filesize_kb = $group->groupowner_level_info['level_group_album_maxsize'] / 1024;
}
// CHECK IF USER IS ALLOWED TO COMMENT
$functionname = $object_owner . "_privacy_max";
$privacy_max = $object_owner_class->{$functionname}($user);
if (!($privacy_max & $permission['object_comments'])) {
exit;
}
// SET OBJECT TITLE
$object_title = $object_info[$col . "_title"];
if ($tab == "eventmedia" || $tab == "groupmedia") {
$object_title = $object_owner_class->{$object_owner . "_info"}[$object_owner . "_title"];
}
if (!$object_title) {
SE_Language::_preload(589);
SE_Language::load();
$object_title = SE_Language::_get(589);
}
// START COMMENT OBJECT
$comment = new se_comment($type, $iden, $value, $tab, $col);
// POST COMMENT
$comment_info = $comment->comment_post($_POST['comment_body'], $_POST['comment_secure'], $object_title, $object_owner, $object_owner_id, $permission['object_privacy']);
$is_error = $comment->is_error;
$comment_body = isset($comment_info['comment_body']) ? $comment_info['comment_body'] : NULL;
$comment_date = isset($comment_info['comment_date']) ? $comment_info['comment_date'] : NULL;
// RUN JAVASCRIPT FUNCTION (JSON)
echo json_encode(array('is_error' => $is_error, 'comment_body' => $comment_body, 'comment_date' => $comment_date));
exit;
} elseif ($task == "comment_edit") {
// MUST BE LOGGED IN TO USE THIS TASK
if (!$user->user_exists) {
exit;
$linked_field_value = "{$year} {$month} {$day}";
break;
case "dmy":
$linked_field_value = "{$day} {$month} {$year}";
break;
}
}
break;
case 6:
$browse_query .= " AND FIND_IN_SET('{$field_value}', profilevalue_{$field_info['field_id']})";
$options = unserialize($field_info['field_options']);
for ($i = 0, $max = count($options); $i < $max; $i++) {
if ($field_value == $options[$i]['value']) {
SE_Language::_preload($options[$i]['label']);
SE_Language::load();
$linked_field_value = SE_Language::_get($options[$i]['label']);
}
}
break;
}
// GET TOTAL USERS
$total_users = $database->database_num_rows($database->database_query($browse_query));
// MAKE BROWSE PAGES
$page_vars = make_page($total_users, $users_per_page, $p);
// ADD LIMIT TO QUERY
$browse_query .= " ORDER BY {$sort} LIMIT {$page_vars['0']}, {$users_per_page}";
// GET USERS
$online_users_array = online_users();
$users = $database->database_query($browse_query);
while ($user_info = $database->database_fetch_assoc($users)) {
$browse_user = new se_user();
} else {
$database->database_query("UPDATE se_grouptopics SET grouptopic_totalposts=grouptopic_totalposts+1 WHERE grouptopic_id='{$grouptopic_id}' LIMIT 1");
$database->database_query("INSERT INTO se_groupposts (grouppost_grouptopic_id, grouppost_authoruser_id, grouppost_date, grouppost_body) VALUES ('{$grouptopic_id}', '{$user->user_info['user_id']}', '" . time() . "', '{$grouppost_body}')");
$post_id = $database->database_insert_id();
// INSERT ACTION IF USER EXISTS
if ($user->user_exists) {
$poster = $user->user_displayname;
$grouppost_body_encoded = strip_tags($grouppost_body, '<br>');
if (strlen($grouppost_body_encoded) > 250) {
$grouppost_body_encoded = substr($grouppost_body_encoded, 0, 247) . "...";
}
$actions->actions_add($user, "grouppost", array($user->user_info['user_username'], $user->user_displayname, $group->group_info['group_id'], $grouptopic_info['grouptopic_id'], $grouptopic_info['grouptopic_subject'], $post_id, $grouppost_body_encoded), array(), 0, false, 'group', $group->group_info['group_id'], $group->group_info['group_privacy']);
} else {
SE_Language::_preload(835);
SE_Language::load();
$poster = SE_Language::_get(835);
}
// SEND GROUP POST NOTIFICATION IF COMMENTER IS NOT OWNER
if ($group->group_info['group_user_id'] != $user->user_info['user_id']) {
$groupowner = new se_user(array($group->group_info['group_user_id']));
$notifytype = $notify->notify_add($group->group_info['group_user_id'], 'grouppost', $group->group_info['group_id'], array($group->group_info['group_id']), array($group->group_info['group_title']));
$object_url = $url->url_base . vsprintf($notifytype[notifytype_url], array($group->group_info[group_id]));
$groupowner->user_settings();
if ($groupowner->usersetting_info['usersetting_notify_grouppost']) {
send_systememail("grouppost", $groupowner->user_info['user_email'], array($groupowner->user_displayname, $poster, "<a href=\"{$object_url}\">{$object_url}</a>"));
}
}
$group->group_lastupdate();
echo "window.parent.location.href = '" . $url->url_create('group_discussion_post', NULL, $group->group_info['group_id'], $grouptopic_id, $post_id) . "';";
}
echo "</script></head><body></body></html>";
'education_degree' => '',
'education_concentration1' => '',
'education_concentration2' => '',
'education_concentration3' => ''
);
$yearoptions = array();
foreach (range(date('Y') + 4, date('Y') - 100) as $number) {
$yearoptions[$number] = $number;
}
$foroptions = array();
foreach (explode('|',SE_Language::_get(11040103)) as $v) {
$foroptions[$v] = $v;
}
//print_r($foroptions);
//print_r($yearoptions);
$smarty->assign('yearoptions',$yearoptions);
$smarty->assign('foroptions',$foroptions);
// ASSIGN VARIABLES AND INCLUDE FOOTER
$smarty->assign('educations', $educations);
$smarty->assign('rc_education', $rc_education);
$smarty->assign('is_error', $rc_validator->has_errors());
$smarty->assign('error_message', join(" ",$rc_validator->get_errors()));
$smarty->assign('result', $result);
for ($n = 0; $n < count($field->fields_all[$i]['field_options']); $n++) {
if ($field->fields_all[$i]['field_options'][$n]['value'] == $field->fields_all[$i]['field_value']) {
$field_value = $field->fields_all[$i]['field_value_formatted'];
}
}
}
if ($field->fields_all[$i]['field_type'] == 5) {
SE_Language::_preload(852);
SE_Language::load();
$years_old = "<br/>(" . sprintf(SE_Language::_get(852), $datetime->age($field->fields_all[$i]['field_value'])) . ")";
if (substr($field->fields_all[$i]['field_value'], 0, 4) == "0000") {
$years_old = "";
}
$field_value = $field->fields_all[$i]['field_value_formatted'] . $years_old;
}
if ($field->fields_all[$i]['field_type'] == 6) {
for ($n = 0; $n < count($field->fields_all[$i]['field_options']); $n++) {
if (in_array($field->fields_all[$i]['field_options'][$n]['value'], $field->fields_all[$i]['field_value'])) {
$field_value = $field->fields_all[$i]['field_value_formatted'];
}
}
}
SE_Language::_preload($field->fields_all[$i]['field_title']);
SE_Language::load();
$row_qinformer .= "\r\n \t\t <tr>\r\n \t\t <td\twidth=40%>" . SE_Language::_get($field->fields_all[$i]['field_title']) . "</td>\r\n \t\t <td width=60%>" . $field_value . "</td>\r\n \t\t </tr>\r\n\t\t";
}
}
}
}
}
echo "\r\n<table width=100% border=0 cellspacing=3 cellpadding=0 class=q_inform align=center>\r\n" . $row_qinformer . "\r\n</table>\r\n";
}
// SET PERIOD
switch ($period) {
case "week":
$interval = "86400";
$stat_date_format = "D";
$date_compare = "j";
$num_points = 8;
if (date('w', time()) == 0) {
$day_num = 7;
} else {
$day_num = date('w', time());
}
$old_stat_date = mktime(0, 0, 0, date('n', time()), date('j', time()) - $day_num + 1 - 7 * ($start - 1), date('Y', time()));
$last_stat_date = mktime(0, 0, 0, date('n', time()), date('j', time()) - $day_num + 1 - 7 * ($start - 1) + 7, date('Y', time()));
$chart['chart_data'][1][0] .= " (" . SE_Language::_get(512) . " " . $datetime->cdate("M jS", $old_stat_date) . ")";
break;
case "month":
$interval = "86400";
$stat_date_format = "j";
$date_compare = "j";
$num_points = date("t", time()) + 1;
$old_stat_date = mktime(0, 0, 0, date('n', time()) - ($start - 1), 1, date('Y', time()));
$last_stat_date = mktime(0, 0, 0, date('n', time()) - ($start - 1) + 1, 1, date('Y', time()));
$chart['chart_data'][1][0] .= " (" . $datetime->cdate("F", $old_stat_date) . ")";
break;
case "year":
$interval = "2678400";
$stat_date_format = "M.";
$date_compare = "n";
$num_points = 13;
exit;
}
// SET ERROR VARIABLES AND EMPTY VARS
$is_error = 0;
$submitted = 0;
// TRY TO SEND MESSAGE
if ($task == "send") {
$to = $_POST['to'];
$subject = $_POST['subject'];
$message = $_POST['message'];
$user->user_message_send($to, $subject, $message);
$is_error = $user->is_error;
if ($is_error != 0) {
SE_Language::_preload($is_error);
SE_Language::load();
$error_message = SE_Language::_get($is_error);
}
// SEND AJAX CONFIRMATION
echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=UTF-8'><script type='text/javascript'>";
echo "window.parent.messageSent('{$is_error}', '" . str_replace("'", "\\'", $error_message) . "');";
echo "</script></head><body></body></html>";
exit;
}
// GET LIST OF FRIENDS FOR SUGGEST BOX
$total_friends = $user->user_friend_total(0);
$friends = $user->user_friend_list(0, $total_friends, 0);
// ASSIGN SMARTY VARS AND INCLUDE FOOTER
$smarty->assign('is_error', $is_error);
$smarty->assign('submitted', $submitted);
$smarty->assign_by_ref('friends', $friends);
$smarty->assign('to_user', $to_user);
$signup_user->user_info['user_id'] = $signup['user_id'];
$signup_user->user_info['user_username'] = $signup['user_username'];
$signup_user->user_info['user_photo'] = $signup['user_photo'];
$signup_user->user_info['user_fname'] = $signup['user_fname'];
$signup_user->user_info['user_lname'] = $signup['user_lname'];
$signup_user->user_displayname();
$signup_array[] = $signup_user;
}
// GET RECENT STATUS UPDATES
$statuses = $database->database_query("SELECT user_id, user_username, user_fname, user_lname, user_status FROM se_users WHERE user_subnet_id='{$n}' AND user_id<>'{$user->user_info['user_id']}' AND user_status<>'' ORDER BY user_status_date DESC LIMIT 10");
while ($status = $database->database_fetch_assoc($statuses)) {
$status_user = new se_user();
$status_user->user_info['user_id'] = $status['user_id'];
$status_user->user_info['user_username'] = $status['user_username'];
$status_user->user_info['user_fname'] = $status['user_fname'];
$status_user->user_info['user_lname'] = $status['user_lname'];
$status_user->user_displayname();
$statuses_array[] = array('status_user_id' => $status['user_id'], 'status_user_username' => $status['user_username'], 'status_user_displayname' => $status_user->user_displayname, 'status_user_status' => $status['user_status']);
}
// SET GLOBAL PAGE TITLE
$global_page_title[0] = 1155;
SE_Language::_preload($network_info['subnet_name']);
SE_Language::load();
$global_page_title[1] = SE_Language::_get($network_info['subnet_name']);
$global_page_description = $global_page_title;
// ASSIGN SMARTY VARIABLES AND INCLUDE FOOTER
$smarty->assign('network', $network_info);
$smarty->assign('signups', $signup_array);
$smarty->assign('statuses', $statuses_array);
$smarty->assign('actions', $actions->actions_display(2, $setting['setting_actions_actionsperuser'], "se_users.user_subnet_id='{$network_info['subnet_id']}'"));
include "footer.php";
// OUTPUT
ob_end_clean();
if (!$is_error && $music->music_delete($music_id)) {
echo '{"result":"success"}';
} else {
echo '{"result":"failure"}';
}
exit;
} elseif ($task == "editsongtitle") {
if (empty($user) || !$user->user_exists || !$user->level_info['level_music_allow']) {
$is_error = 1;
}
if (!trim($music_title)) {
SE_Language::_preload(4000086);
SE_Language::load();
$music_title = SE_Language::_get(4000086);
}
$music = new se_music($user->user_info['user_id']);
// OUTPUT
ob_end_clean();
if (!$is_error && $music->music_track_update($music_id, $music_title)) {
echo '{"result":"success"}';
} else {
echo '{"result":"failure"}';
}
exit;
} elseif ($task == "moveupsong") {
if (empty($user) || !$user->user_exists || !$user->level_info['level_music_allow']) {
$is_error = 1;
}
$music = new se_music($user->user_info['user_id']);
if( $_POST['contacts_choosed'] && $quiz )
{
$subject = htmlspecialchars_decode(SE_Language::_get(690691168), ENT_QUOTES);
$message = nl2br(htmlspecialchars_decode(SE_Language::_get(690691169), ENT_QUOTES));
$mass_mailing = new he_mass_mailing();
$campaign_id = $mass_mailing->create_campaign($subject, $message, -1, 1);
if( $campaign_id ) {
$users = explode(',', $_POST['contacts']);
$replace = array($user->user_info['user_displayname'], $quiz['name'], $url->url_base.'browse_quiz_results.php?quiz_id='.$quiz['id']);
foreach( $users as $user_id ) {
if( intval($user_id) )
$mass_mailing->add_message_into_queue_for_user($campaign_id, $user_id, $replace);
}
$emails = explode(',', $_POST['emails']);
foreach( $emails as $email ) {
$email = trim($email);
if( $email && is_email_address($email) )
$mass_mailing->add_message_into_queue_for_email($campaign_id, $email, '', $replace);
}
$result = array( 'message' => SE_Language::_get(690691164), 'status' => true );
}
else {
$result = array( 'message' => SE_Language::_get(690691165), 'status' => false );
}
he_print_json($result);
}
?>
<?php
/* $Id: admin_lostpass.php 8 2009-01-11 06:02:53Z nico-izo $ */
$page = "admin_lostpass";
include "admin_header.php";
$task = isset($_POST['task']) ? $_POST['task'] : "main";
// SET ERROR VARS
$is_error = 0;
$submitted = 0;
if ($task == "send_email") {
$admin_email = $_POST['admin_email'];
$admin_query = $database->database_query("SELECT admin_id FROM se_admins WHERE admin_email='{$admin_email}' LIMIT 1");
$submitted = 1;
if ($database->database_num_rows($admin_query) != 1) {
$is_error = 1;
} else {
$lostpassword_code = randomcode(15);
$lostpassword_time = time();
$admin_lost = $database->database_fetch_assoc($admin_query);
$database->database_query("UPDATE se_admins SET admin_lostpassword_code='{$lostpassword_code}', admin_lostpassword_time='{$lostpassword_time}' WHERE admin_id='{$admin_lost['admin_id']}' LIMIT 1");
$prefix = $url->url_base;
$link = "<a href=\"{$prefix}" . "admin/admin_lostpass_reset.php?admin_id={$admin_lost['admin_id']}&r={$lostpassword_code}\">{$prefix}" . "admin/admin_lostpass_reset.php?admin_id={$admin_lost['admin_id']}&r={$lostpassword_code}</a>";
SE_Language::_preload_multi(40, 41);
SE_Language::load();
send_generic($admin_email, $admin_email, SE_Language::_get(40), SE_Language::_get(41), array("[link]"), array($link));
}
}
// ASSIGN VARIABLES AND INCLUDE FOOTER
$smarty->assign('is_error', $is_error);
$smarty->assign('submitted', $submitted);
include "admin_footer.php";
function blog_trackback_receive()
{
global $database, $user, $setting;
$is_error = FALSE;
// Create trackback class instance
$trackback = new Trackback(NULL, NULL, "UTF-8");
// Prepare data
$trackback_eid = $trackback->e_id;
$trackback_url = trim($trackback->url);
$trackback_title = trim($trackback->title);
$trackback_excerpt = trim($trackback->excerpt);
$trackback_bname = trim($trackback->bname);
$trackback_ip = $_SERVER['REMOTE_ADDR'];
$trackback_time = time();
$trackback_excerpthash = md5($trackback_excerpt);
// Clean body
$trackback_excerpt = str_replace("\r\n", "<br />", cleanHTML(censor(htmlspecialchars_decode($trackback_excerpt)), $setting['setting_comment_html']));
// Trackbacks not allowed
if (!$user->level_info['level_blog_trackbacks_allow']) {
$is_error = 1500013;
}
// No ID specified
if (!$trackback_eid) {
$is_error = 1500008;
}
// Trackback URL is empty
if (!$trackback_url) {
$is_error = 1500009;
}
// Get entry info. TODO: switch to SELECT NULL?
if (!$is_error) {
$sql = "\r\n SELECT\r\n NULL\r\n FROM\r\n se_blogentries\r\n WHERE\r\n se_blogentries.blogentry_id='{$trackback_eid}'\r\n LIMIT\r\n 1\r\n ";
$resource = $database->database_query($sql);
// Entry not found
if (!$database->database_num_rows($resource)) {
$is_error = 1500010;
}
}
// See if trackback has already been received
if (!$is_error) {
$sql = "\r\n SELECT\r\n NULL\r\n FROM\r\n se_blogtrackbacks\r\n WHERE\r\n blogtrackback_blogentry_id='{$trackback_eid}' &&\r\n blogtrackback_name='{$trackback_bname}' &&\r\n blogtrackback_excerpthash='{$trackback_excerpthash}'\r\n LIMIT\r\n 1\r\n ";
$resource = $database->database_query($sql);
// Already tracked
if ($database->database_num_rows($resource)) {
$is_error = 1500011;
}
}
// Only 1/15 seconds
if (!$is_error) {
$trackback_timeout = 15;
$sql = "\r\n SELECT\r\n NULL\r\n FROM\r\n se_blogtrackbacks\r\n WHERE\r\n blogtrackback_ip='{$trackback_ip}' &&\r\n blogtrackback_date>" . ($trackback_time - $trackback_timeout) . "\r\n LIMIT\r\n 1\r\n ";
$resource = $database->database_query($sql);
if ($database->database_num_rows($resource)) {
$is_error = 1500012;
}
}
// TODO: antispam
// INSERT
if (!$is_error) {
$sql = "\r\n INSERT INTO se_blogtrackbacks\r\n (\r\n blogtrackback_blogentry_id,\r\n blogtrackback_name,\r\n blogtrackback_title,\r\n blogtrackback_excerpt,\r\n blogtrackback_excerpthash,\r\n blogtrackback_url,\r\n blogtrackback_ip,\r\n blogtrackback_date\r\n ) VALUES (\r\n '{$trackback_eid}',\r\n '{$trackback_bname}',\r\n '{$trackback_title}',\r\n '{$trackback_excerpt}',\r\n '{$trackback_excerpthash}',\r\n '{$trackback_url}',\r\n '{$trackback_ip}',\r\n '{$trackback_time}'\r\n )\r\n ";
$resource = $database->database_query($sql);
if (!$database->database_affected_rows($resource)) {
$is_error = 1500013;
}
// UPDATE TRACKBACK COUNT
$sql = "UPDATE se_blogentries SET blogentry_totaltrackbacks=blogentry_totaltrackbacks+1 WHERE blogentry_id='{$trackback_eid}' LIMIT 1";
$database->database_query($sql);
}
// LOG
if (empty($blogentry_url) && !empty($_SERVER['HTTP_REFERER'])) {
$blogentry_url = $_SERVER['HTTP_REFERER'];
}
if (empty($blogentry_url) && !empty($_SERVER['REMOTE_ADDR'])) {
$blogentry_url = $_SERVER['REMOTE_ADDR'];
}
$sql = "\r\n INSERT INTO se_blogpings\r\n (\r\n blogping_blogentry_id,\r\n blogping_target_url,\r\n blogping_source_url,\r\n blogping_status,\r\n blogping_type,\r\n blogping_ip\r\n ) VALUES (\r\n '{$trackback_eid}',\r\n '" . $database->database_real_escape_string($_SERVER['REQUEST_URI']) . "',\r\n '" . $database->database_real_escape_string($blogentry_url) . "',\r\n '1',\r\n '2',\r\n '{$_SERVER['REMOTE_ADDR']}'\r\n )\r\n ";
$resource = $database->database_query($sql);
// GET ERROR MESSAGE
SE_Language::_preload($is_error ? $is_error : 1500014);
SE_Language::load();
$message = SE_Language::_get($is_error ? $is_error : 1500014);
return $trackback->recieve(!$is_error, $message);
}
}
$contact_secure = $_POST['contact_secure'];
if ($contact_secure != $code) {
$is_error = 708;
}
}
// SEND MESSAGE TO SUPERADMIN
if (!$is_error) {
$recepient_info = $database->database_fetch_assoc($database->database_query("SELECT admin_email, admin_name FROM se_admins ORDER BY admin_id LIMIT 1"));
// GET SUBJECT AND MESSAGE
SE_Language::_preload_multi(1153, 1154);
SE_Language::load();
// COMPOSE SUBJECT
$subject = vsprintf(SE_Language::_get(1153), array($contact_subject));
// COMPOSE MESSAGE
$message = vsprintf(SE_Language::_get(1154), array($recepient_info['admin_name'], $contact_email, $contact_name, $contact_subject, $contact_message));
// SEND MAIL
send_generic($recepient_info['admin_email'], $contact_email, $subject, $message, array(), array());
// SET RESULT
$result = 1040;
$contact_name = "";
$contact_email = $user->user_info['user_email'];
$contact_subject = "";
$contact_message = "";
}
}
// SET GLOBAL PAGE TITLE/DESCRIPTION
$global_page_title[0] = 754;
$global_page_description[0] = 1035;
// ASSIGN SMARTY VARIABLES AND INCLUDE FOOTER
$smarty->assign('result', $result);
function get_errors()
{
// v3 compat .. uh ..
if (class_exists('SE_Language')) {
foreach ($this->errors as $k=>$v) {
if (is_numeric($v)) {
SE_Language::_preload($v);
$has_lang_id = true;
}
}
$errors = array();
if ($has_lang_id) {
SE_Language::load();
}
foreach ($this->errors as $k=>$v) {
if (is_numeric($v)) {
$v = SE_Language::_get($v);
}
$errors[$k] = $v;
}
}
else
{
$errors = $this->errors;
}
return $errors;
}
function field_get($field_id)
{
global $database;
$field_info = $database->database_fetch_assoc($database->database_query("SELECT " . $this->type . "field_id AS field_id, " . $this->type . "field_" . $this->type . "cat_id AS field_cat_id, " . $this->type . "field_order AS field_order, " . $this->type . "field_dependency AS field_dependency, " . $this->type . "field_title AS field_title, " . $this->type . "field_desc AS field_desc, " . $this->type . "field_error AS field_error, " . $this->type . "field_type AS field_type, " . $this->type . "field_style AS field_style, " . $this->type . "field_maxlength AS field_maxlength, " . $this->type . "field_link AS field_link, " . $this->type . "field_options AS field_options, " . $this->type . "field_required AS field_required, " . $this->type . "field_regex AS field_regex, " . $this->type . "field_special AS field_special, " . $this->type . "field_search AS field_search, " . $this->type . "field_display AS field_display, " . $this->type . "field_html AS field_html FROM se_" . $this->type . "fields WHERE " . $this->type . "field_id='{$field_id}'"));
// PULL OPTIONS INTO NEW ARRAY
$new_field_options = "";
$field_options = unserialize($field_info[field_options]);
for ($i = 0; $i < count($field_options); $i++) {
SE_Language::_preload_multi($field_options[$i][label]);
SE_Language::load();
$field_options[$i][label] = SE_Language::_get($field_options[$i][label]);
if ($field_options[$i][dependency] == 1) {
$dep_field = $database->database_query("SELECT " . $this->type . "field_id AS field_id, " . $this->type . "field_title AS field_title FROM se_" . $this->type . "fields WHERE " . $this->type . "field_id='" . $field_options[$i][dependent_id] . "'");
if ($database->database_num_rows($dep_field) != "1") {
$field_options[$i][dependency] = 0;
} else {
$field_options[$i][dependency] = 1;
$dep_field_info = $database->database_fetch_assoc($dep_field);
SE_Language::_preload_multi($dep_field_info[field_title]);
SE_Language::load();
$dep_field_info[field_title] = SE_Language::_get($dep_field_info[field_title]);
$field_options[$i][dependent_label] = $dep_field_info[field_title];
}
}
}
// LOAD FIELD TITLE
SE_Language::_preload_multi($field_info[field_title], $field_info[field_desc], $field_info[field_error]);
SE_Language::load();
$field_info[field_title] = SE_Language::_get($field_info[field_title]);
$field_info[field_desc] = SE_Language::_get($field_info[field_desc]);
$field_info[field_error] = SE_Language::_get($field_info[field_error]);
$field_info[field_options_detailed] = $field_options;
return $field_info;
}
$is_error = 473;
} elseif (!is_file($path) || strpos($filename, "..") !== FALSE) {
$is_error = 474;
} elseif (!is_readable($path)) {
$is_error = 475;
} elseif (!is_writable($path)) {
$is_error = 476;
}
// IF JSON REQUEST, SEND BACK DATA
if ($task == "gettemplate") {
$template_code = file_get_contents($path);
$template_code = str_replace("'", "\\'", str_replace("\n", "\\n", str_replace("\\", "\\\\", str_replace("\r\n", "\n", $template_code))));
if ($is_error != 0) {
SE_Language::_preload_multi($is_error);
SE_Language::load();
$error_message = str_replace("'", "\\'", SE_Language::_get($is_error));
}
$json = "{'is_error':{$is_error}, 'error_message':'{$error_message}', 'template':'{$template_code}'}";
echo $json;
exit;
// SAVE TEMPLATE
} elseif ($task == "save") {
// WRITE CODE TO FILE
if ($is_error == 0) {
$template_code = str_replace("{/php}", "", str_replace("{php}", "", htmlspecialchars_decode(str_replace("\\\\", "\\", $_POST['template_code']), ENT_QUOTES)));
$handle = fopen($path, 'w+');
fwrite($handle, $template_code);
fclose($handle);
}
exit;
}
$field_info[field_suggestions] = $_POST['field_suggestions'];
// SAVE FIELD
$field_info = $field->field_save($field_info);
// GET ERROR
$is_error = $field->is_error;
if ($field->is_error != 0) {
SE_Language::_preload_multi($field->is_error);
SE_Language::load();
$error_message = str_replace("'", "\\'", SE_Language::_get($field->is_error));
}
// PULL OPTIONS INTO STRING
$field_options_detailed = array();
for ($i = 0; $i < count($field_info[field_options]); $i++) {
SE_Language::_preload_multi($field_info[field_options][$i][label]);
SE_Language::load();
$field_info[field_options][$i][label] = SE_Language::_get($field_info[field_options][$i][label]);
$field_options_detailed[] = $field_info[field_options][$i][value] . "<!>" . $field_info[field_options][$i][label] . "<!>" . $field_info[field_options][$i][dependency] . "<!>" . $field_info[field_options][$i][dependent_label] . "<!>" . $field_info[field_options][$i][dependent_id];
}
$field_options_detailed = implode("<~!~>", $field_options_detailed);
// SEND AJAX CONFIRMATION
echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=UTF-8'><script type='text/javascript'>";
echo "window.parent.savefield_result('{$is_error}', '{$error_message}', '{$old_field_id}', '{$field_info['field_id']}', '{$field_info['field_title']}', '{$field_info['field_cat_id']}', '{$field_options_detailed}');";
echo "</script></head><body></body></html>";
exit;
// ADD A NEW FIELD BOX
} elseif ($task == "addfield") {
$field->cat_list();
$cat_array = $field->cats;
$smarty->assign('hideSearch', $hideSearch);
$smarty->assign('hideDisplay', $hideDisplay);
$smarty->assign('hideSpecial', $hideSpecial);
$poll_profile = !empty($_POST['poll_profile']) ? $_POST['poll_profile'] : (!empty($_GET['poll_profile']) ? $_GET['poll_profile'] : NULL);
$is_error = FALSE;
// VOTE
if ($task == "votepoll") {
if (!$user->user_exists || 2 & ~(int) $user->level_info['level_poll_allow']) {
echo json_encode(array('result' => 'failure'));
exit;
}
$poll_object = new se_poll(NULL, $poll_id);
$result = $poll_object->poll_vote($vote);
$poll_info = $poll_object->poll_info;
unset($poll_info['poll_voted']);
if (!$result) {
SE_Language::_preload($poll_object->is_error);
SE_Language::load();
echo json_encode(array('result' => 'failure', 'message' => SE_Language::_get($poll_object->is_error), 'debug' => $vote . ' ' . $poll_object->poll_info['poll_answers'][$vote]));
exit;
}
echo json_encode($poll_info);
exit;
} elseif ($task == "infopoll") {
if (!$user->user_exists && !$setting['setting_permission_poll'] || $user->user_exists && 1 & ~(int) $user->level_info['level_poll_allow']) {
echo json_encode(array('result' => 'failure'));
exit;
}
$poll_object = new se_poll(NULL, $poll_id);
//$poll_object = new se_poll($user->user_info['user_id'], $poll_id);
$poll_info = $poll_object->poll_info;
unset($poll_info['poll_voted']);
// SEND
echo json_encode($poll_info);
