function display()
{
global $conn, $config, $lang;
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
require_once $config['basepath'] . '/include/user.inc.php';
$userclass = new user();
require_once $config['basepath'] . '/include/class/template/core.inc.php';
$page = new page_user();
require_once $config['basepath'] . '/include/blog_functions.inc.php';
$blog_functions = new blog_functions();
// Make Sure we passed the PageID
$display = '';
if (!isset($_GET['ArticleID']) && intval($_GET['ArticleID']) <= 0) {
$display .= "ERROR. PageID not sent";
} else {
$blog_id = intval($_GET['ArticleID']);
//Check if we posted a comment.
if (isset($_SESSION['userID']) && $_SESSION['userID'] > 0 && isset($_POST['comment_text']) && strlen($_POST['comment_text']) > 0) {
require_once $config['basepath'] . '/include/blog_editor.inc.php';
$blog_comment = $misc->make_db_safe(blog_editor::htmlEncodeText($_POST['comment_text']));
if ($config['blog_requires_moderation'] == 1) {
$moderated = 0;
} else {
$moderated = 1;
}
$sql = "INSERT INTO " . $config['table_prefix'] . "blogcomments (userdb_id,blogcomments_timestamp,blogcomments_text,blogmain_id,blogcomments_moderated) VALUES\n\t\t\t\t(" . intval($_SESSION['userID']) . "," . time() . ",{$blog_comment},{$blog_id},{$moderated});";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
}
//$display .= '<div class="page_display">';
$sql = "SELECT blogmain_full,blogmain_id FROM " . $config['table_prefix'] . "blogmain WHERE blogmain_id=" . $blog_id;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$full = html_entity_decode($misc->make_db_unsafe($recordSet->fields['blogmain_full']), ENT_NOQUOTES, $config['charset']);
//$full = $misc->make_db_unsafe($recordSet->fields['blogmain_full']);
$full = preg_replace('/\\<hr.*?\\>/', '', $full, 1);
$id = $recordSet->fields['blogmain_id'];
if ($config["wysiwyg_execute_php"] == 1) {
ob_start();
$full = str_replace("<!--<?php", "<?php", $full);
$full = str_replace("?>-->", "?>", $full);
eval('?>' . "{$full}" . '<?php ');
$full = ob_get_contents();
ob_end_clean();
}
//Load Template
$page->load_page($config['template_path'] . '/blog_article.html');
//Start Replacing Tags
$blog_title = $blog_functions->get_blog_title($id);
$page->page = $page->parse_template_section($page->page, 'blog_title', $blog_title);
$blog_author = $blog_functions->get_blog_author($id);
$page->page = $page->parse_template_section($page->page, 'blog_author', $blog_author);
$blog_comment_count = $blog_functions->get_blog_comment_count($id);
$page->page = $page->parse_template_section($page->page, 'blog_comment_count', $blog_comment_count);
$blog_date_posted = $blog_functions->get_blog_date($id);
$page->page = $page->parse_template_section($page->page, 'blog_date_posted', $blog_date_posted);
$page->page = $page->parse_template_section($page->page, 'blog_full_article', $full);
// Allow Admin To Edit #
if (isset($_SESSION['editblog']) && $_SESSION['admin_privs'] == 'yes' && $config["wysiwyg_show_edit"] == 1) {
$admin_edit_link .= "{$config['baseurl']}/admin/index.php?action=edit_blog&id={$id}";
$page->page = $page->parse_template_section($page->page, 'admin_edit_link', $admin_edit_link);
$page->page = $page->cleanup_template_block('admin_edit_link', $page->page);
} else {
$page->page = $page->remove_template_block('admin_edit_link', $page->page);
}
//Deal with COmments
$sql = "SELECT blogcomments_id,userdb_id,blogcomments_timestamp,blogcomments_text FROM " . $config['table_prefix'] . "blogcomments WHERE blogmain_id = " . $id . " AND blogcomments_moderated = 1 ORDER BY blogcomments_timestamp ASC;";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$blog_comment_template = '';
while (!$recordSet->EOF) {
//Load DB Values
$comment_author_id = $misc->make_db_unsafe($recordSet->fields['userdb_id']);
$blogcomments_id = $misc->make_db_unsafe($recordSet->fields['blogcomments_id']);
$blogcomments_timestamp = $misc->make_db_unsafe($recordSet->fields['blogcomments_timestamp']);
$blogcomments_text = html_entity_decode($misc->make_db_unsafe($recordSet->fields['blogcomments_text']), ENT_NOQUOTES, $config['charset']);
//Load Template Block
$blog_comment_template .= $page->get_template_section('blog_article_comment_item_block');
//Lookup Blog Author..
$author_type = $userclass->get_user_type($comment_author_id);
if ($author_type == 'member') {
$author_display = $userclass->get_user_name($comment_author_id);
} else {
$author_display = $userclass->get_user_last_name($comment_author_id) . ', ' . $userclass->get_user_first_name($comment_author_id);
}
$blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_author', $author_display);
if ($config['date_format'] == 1) {
$format = "m/d/Y";
} elseif ($config['date_format'] == 2) {
$format = "Y/d/m";
} elseif ($config['date_format'] == 3) {
$format = "d/m/Y";
}
$blog_comment_date_posted = date($format, "{$blogcomments_timestamp}");
$blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_date_posted', $blog_comment_date_posted);
$blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_text', $blogcomments_text);
$recordSet->MoveNext();
}
$page->replace_template_section('blog_article_comment_item_block', $blog_comment_template);
//Render Add New Comment
if ($config['url_style'] == '1') {
$article_url = 'index.php?action=blog_view_article&ArticleID=' . $id;
} else {
$url_title = str_replace("/", "", $blog_title);
$url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title));
$article_url = 'article-' . urlencode($url_title) . '-' . $id . '.html';
}
$page->page = $page->parse_template_section($page->page, 'blog_comments_post_url', $article_url);
//Render Page Out
//$page->replace_tags(array('templated_search_form', 'featured_listings_horizontal', 'featured_listings_vertical', 'company_name', 'link_printer_friendly'));
$page->replace_permission_tags();
$display .= $page->return_page();
}
return $display;
}
function show_vtour($listingID, $popup = true)
{
global $lang, $conn, $config, $jscript;
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
$display = '';
if (isset($_GET['listingID'])) {
if ($_GET['listingID'] != "") {
require_once $config['basepath'] . '/include/class/template/core.inc.php';
$page = new page_user();
$page->load_page($config['template_path'] . '/' . $config['vtour_template']);
$listingID = intval($listingID);
$page->replace_listing_field_tags($listingID);
$a = 0;
$sql = "SELECT vtourimages_caption, vtourimages_description, vtourimages_file_name, vtourimages_rank FROM " . $config['table_prefix'] . "vtourimages WHERE (listingsdb_id = {$listingID}) ORDER BY vtourimages_rank";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$num_images = $recordSet->RecordCount();
if ($num_images > 0) {
$vtinit = 0;
$vtopts .= '<form action="/">' . "\r\n";
$vtopts .= "<p><select id=\"tourmenu\" onchange=\"swapTour(this)\"> \n";
$vtparams = "'<param name=\"file\" value=\"ptviewer:{$vtinit}\" />'+ \n";
$vtjs = '';
while (!$recordSet->EOF) {
$caption = $misc->make_db_unsafe($recordSet->fields['vtourimages_caption']);
$description = $conn->qstr($misc->make_db_unsafe($recordSet->fields['vtourimages_description']));
$file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_file_name']);
// $imageID = $misc->make_db_unsafe ($recordSet->fields['vtourimages_id']);
if ($caption == '') {
$caption = 'Virtual Tour Image ' . $a;
}
$vtopts .= "<option value=\"{$a}\">{$caption}</option> \n";
$vtparams .= "'<param name=\"pano{$a}\" value=\"{file={$config['vtour_view_images_path']}/{$file_name}}{auto=0.1}{pan=-45}{fov=" . $config['vtour_fov'] . "}\" />'+ \n";
$album = "<param name=\"Album\" value=\"{$config['vtour_view_images_path']}/{$file_name}\" /> \n";
$vtjs .= "tour[{$a}] = {$description}; \n";
$a++;
$ext = substr(strrchr($file_name, '.'), 1);
$recordSet->MoveNext();
}
// end while
$vtopts .= "</select></p>\n";
$vtopts .= '</form>' . "\r\n";
}
// end if ($num_images > 0)
if ($ext == 'jpg') {
// if it's a jpg file then use PTViewer for spherical pano images
// First Define the Javascript to be placed in the head
$jscript .= '<script type="text/javascript">' . "\r\n";
$jscript .= '<!--' . "\r\n";
$jscript .= 'inittour = (' . $vtinit . '*1);' . "\r\n";
$jscript .= 'tour = new Array();' . "\r\n";
$jscript .= $vtjs;
$jscript .= 'function swapTour(w)' . "\r\n";
$jscript .= '{' . "\r\n";
$jscript .= ' si = w.selectedIndex;' . "\r\n";
$jscript .= ' x = w.options[si].value;' . "\r\n";
$jscript .= ' n = (x*1);' . "\r\n";
$jscript .= ' if (n >= 0)' . "\r\n";
$jscript .= ' {' . "\r\n";
$jscript .= ' newPano(n);' . "\r\n";
$jscript .= ' newText(n);' . "\r\n";
$jscript .= ' }' . "\r\n";
$jscript .= '}' . "\r\n";
$jscript .= 'function newPano(n)' . "\r\n";
$jscript .= '{' . "\r\n";
$jscript .= ' if(n)' . "\r\n";
$jscript .= ' {' . "\r\n";
$jscript .= ' if(getptv())' . "\r\n";
$jscript .= ' {' . "\r\n";
$jscript .= ' getptv().newPanoFromList(n);' . "\r\n";
$jscript .= ' }' . "\r\n";
$jscript .= ' }' . "\r\n";
$jscript .= ' else' . "\r\n";
$jscript .= ' {' . "\r\n";
$jscript .= ' n=inittour;' . "\r\n";
$jscript .= ' if(getptv())' . "\r\n";
$jscript .= ' {' . "\r\n";
$jscript .= ' getptv().newPanoFromList(n);' . "\r\n";
$jscript .= ' }' . "\r\n";
$jscript .= ' }' . "\r\n";
$jscript .= '} ' . "\r\n";
$jscript .= 'function newText(n,id)' . "\r\n";
$jscript .= '{' . "\r\n";
$jscript .= ' if(!id)' . "\r\n";
$jscript .= ' {' . "\r\n";
$jscript .= ' id=\'desc\';' . "\r\n";
$jscript .= ' }' . "\r\n";
$jscript .= ' if (document.layers)' . "\r\n";
$jscript .= ' {' . "\r\n";
$jscript .= ' x = document.layers[id];' . "\r\n";
$jscript .= ' x.document.open();' . "\r\n";
$jscript .= ' x.document.write(tour[n]);' . "\r\n";
$jscript .= ' x.document.close();' . "\r\n";
$jscript .= ' }' . "\r\n";
$jscript .= ' else if(document.all)' . "\r\n";
$jscript .= ' {' . "\r\n";
$jscript .= ' x = eval(\'document.all.\' + id);' . "\r\n";
$jscript .= ' x.innerHTML = tour[n];' . "\r\n";
$jscript .= ' }' . "\r\n";
$jscript .= ' else if (document.getElementById)' . "\r\n";
$jscript .= ' {' . "\r\n";
$jscript .= ' x = document.getElementById(id);' . "\r\n";
$jscript .= ' x.innerHTML = \'\';' . "\r\n";
$jscript .= ' x.innerHTML = tour[n];' . "\r\n";
$jscript .= ' }' . "\r\n";
$jscript .= '}' . "\r\n";
$jscript .= 'function getptv()' . "\r\n";
$jscript .= '{' . "\r\n";
$jscript .= 'var forAll=\'\';' . "\r\n";
$jscript .= ' if (document.ptviewer)' . "\r\n";
$jscript .= ' {' . "\r\n";
$jscript .= ' forAll = document.ptviewer;' . "\r\n";
$jscript .= ' }' . "\r\n";
$jscript .= ' else if (document.applets)' . "\r\n";
$jscript .= ' {' . "\r\n";
$jscript .= ' forAll = document.applets[\'ptviewer\'];' . "\r\n";
$jscript .= ' }' . "\r\n";
$jscript .= ' else if (document.getElementById)' . "\r\n";
$jscript .= ' {' . "\r\n";
$jscript .= ' forAll = document.getElementById(\'ptviewer\');' . "\r\n";
$jscript .= ' }' . "\r\n";
$jscript .= ' else if (document.getElementByName)' . "\r\n";
$jscript .= ' {' . "\r\n";
$jscript .= ' forAll = document.getElementByName(\'ptviewer\');' . "\r\n";
$jscript .= ' }' . "\r\n";
$jscript .= 'return forAll;' . "\r\n";
$jscript .= '}' . "\r\n";
$jscript .= 'function AutorotationStartRight()' . "\r\n";
$jscript .= '{' . "\r\n";
$jscript .= 'getptv().startAutoPan(0.1, 0.0, 1.0 );' . "\r\n";
$jscript .= '}' . "\r\n";
$jscript .= 'function AutorotationStartLeft()' . "\r\n";
$jscript .= '{' . "\r\n";
$jscript .= 'getptv().startAutoPan(-0.1,0.0,1.0);' . "\r\n";
$jscript .= '}' . "\r\n";
$jscript .= 'function AutorotationStop()' . "\r\n";
$jscript .= '{' . "\r\n";
$jscript .= 'getptv().stopAutoPan();' . "\r\n";
$jscript .= '}' . "\r\n";
$jscript .= 'function ZoomItIn()' . "\r\n";
$jscript .= '{' . "\r\n";
$jscript .= 'getptv().startAutoPan(0, 0, .995);' . "\r\n";
$jscript .= '}' . "\r\n";
$jscript .= 'function ZoomItOut()' . "\r\n";
$jscript .= '{' . "\r\n";
$jscript .= 'getptv().startAutoPan(0, 0, 1.005);' . "\r\n";
$jscript .= '}' . "\r\n";
$jscript .= 'function StopItZoom()' . "\r\n";
$jscript .= '{' . "\r\n";
$jscript .= 'getptv().stopAutoPan();' . "\r\n";
$jscript .= '}' . "\r\n";
$jscript .= 'if (document.images)' . "\r\n";
$jscript .= ' { // Active Images' . "\r\n";
$jscript .= ' backon = new Image();' . "\r\n";
$jscript .= ' backon.src = "' . $config['template_url'] . '/images/vtour_backon.gif";' . "\r\n";
$jscript .= ' backoff = new Image();' . "\r\n";
$jscript .= ' backoff.src = "' . $config['template_url'] . '/images/vtour_back.gif";' . "\r\n";
$jscript .= ' pauseon = new Image();' . "\r\n";
$jscript .= ' pauseon.src = "' . $config['template_url'] . '/images/vtour_pauseon.gif";' . "\r\n";
$jscript .= ' pauseoff = new Image();' . "\r\n";
$jscript .= ' pauseoff.src = "' . $config['template_url'] . '/images/vtour_pause.gif";' . "\r\n";
$jscript .= ' forwardon = new Image();' . "\r\n";
$jscript .= ' forwardon.src = "' . $config['template_url'] . '/images/vtour_forwardon.gif";' . "\r\n";
$jscript .= ' forwardoff = new Image();' . "\r\n";
$jscript .= ' forwardoff.src = "' . $config['template_url'] . '/images/vtour_forward.gif";' . "\r\n";
$jscript .= ' zoom_outon = new Image();' . "\r\n";
$jscript .= ' zoom_outon.src = "' . $config['template_url'] . '/images/vtour_zoom_outon.gif";' . "\r\n";
$jscript .= ' zoom_outoff = new Image();' . "\r\n";
$jscript .= ' zoom_outoff.src = "' . $config['template_url'] . '/images/vtour_zoom_out.gif";' . "\r\n";
$jscript .= ' zoom_inon = new Image();' . "\r\n";
$jscript .= ' zoom_inon.src = "' . $config['template_url'] . '/images/vtour_zoom_inon.gif";' . "\r\n";
$jscript .= ' zoom_inoff = new Image();' . "\r\n";
$jscript .= ' zoom_inoff.src = "' . $config['template_url'] . '/images/vtour_zoom_in.gif";' . "\r\n";
$jscript .= ' }' . "\r\n";
$jscript .= '// Function to \'activate\' images.' . "\r\n";
$jscript .= 'function imgOn(imgName) {' . "\r\n";
$jscript .= ' if (document.images) {' . "\r\n";
$jscript .= ' document.images[imgName].src = eval(imgName + "on.src");' . "\r\n";
$jscript .= ' }' . "\r\n";
$jscript .= '}' . "\r\n";
$jscript .= '// Function to \'deactivate\' images.' . "\r\n";
$jscript .= 'function imgOff(imgName) {' . "\r\n";
$jscript .= ' if (document.images) {' . "\r\n";
$jscript .= ' document.images[imgName].src = eval(imgName + "off.src");' . "\r\n";
$jscript .= ' }' . "\r\n";
$jscript .= '}' . "\r\n";
$jscript .= '-->' . "\r\n";
$jscript .= '</script>' . "\r\n";
// Code for the {vtour} Tag Replacement
$bar_y = $config['vtour_height'] - 10;
$show_ptviewer = '<script type="text/javascript">' . "\r\n";
$show_ptviewer .= '<!--' . "\r\n";
$show_ptviewer .= 'ptoutput(\'<applet code="ptviewer.class" archive="ptviewer.jar" height="' . $config['vtour_height'] . '" width="' . $config['vtour_width'] . '" id="ptviewer" name="ptviewer">\'+' . "\r\n";
$show_ptviewer .= '\'<param name="code" value="ptviewer" />\'+' . "\r\n";
$show_ptviewer .= '\'<param name="archive" value="ptviewer.jar" />\'+' . "\r\n";
$show_ptviewer .= '\'<param name="quality" value="3" />\'+' . "\r\n";
$show_ptviewer .= '\'<param name="pan" value="180" />\'+' . "\r\n";
$show_ptviewer .= '\'<param name="view_height" value="' . $config['vtour_height'] . '" />\'+' . "\r\n";
$show_ptviewer .= '\'<param name="mass" value="20" />\'+' . "\r\n";
$show_ptviewer .= '\'<param name="bar_y" value="' . $bar_y . '" />\'+' . "\r\n";
$show_ptviewer .= '\'<param name="bar_x" value="0" />\'+' . "\r\n";
$show_ptviewer .= '\'<param name="cursor" value="move" />\'+' . "\r\n";
$show_ptviewer .= '\'<param name="wait" value="' . $config['template_url'] . '/images/vtour-load.jpg" />\'+' . "\r\n";
$show_ptviewer .= '\'<param name="barcolor" value="FF0000" />\'+' . "\r\n";
$show_ptviewer .= '\'<param name="bar_width" value="' . $config['vtour_width'] . '" />\'+' . "\r\n";
$show_ptviewer .= $vtparams;
$show_ptviewer .= '\'<\\/applet>\');' . "\r\n";
$show_ptviewer .= '//-->' . "\r\n";
$show_ptviewer .= '</script>' . "\r\n";
// Replace all the vtour tags
$page->page = str_replace('{vtour}', $show_ptviewer, $page->page);
$vtour_left_button = '<a onmouseover="imgOn(\'back\')" onmouseout="imgOff(\'back\')" onmousedown="AutorotationStartLeft()"><img src="' . $config['template_url'] . '/images/vtour_back.gif" id="back" alt="Back" /></a>' . "\r\n";
$page->page = str_replace('{vtour_left_button}', $vtour_left_button, $page->page);
$vtour_pause_button = '<a onmouseover="imgOn(\'pause\')" onmouseout="imgOff(\'pause\')" onmousedown="AutorotationStop()"><img src="' . $config['template_url'] . '/images/vtour_pause.gif" id="pause" alt="Pause" /></a>' . "\r\n";
$page->page = str_replace('{vtour_pause_button}', $vtour_pause_button, $page->page);
$vtour_right_button = '<a onmouseover="imgOn(\'forward\')" onmouseout="imgOff(\'forward\')" onmousedown="AutorotationStartRight()"><img src="' . $config['template_url'] . '/images/vtour_forward.gif" id="forward" alt="Forward" /></a>' . "\r\n";
$page->page = str_replace('{vtour_right_button}', $vtour_right_button, $page->page);
$vtour_zoomout_button = '<a onmouseover="imgOn(\'zoom_out\')" onmouseout="imgOff(\'zoom_out\')" onmousedown="ZoomItOut()" onmouseup="StopItZoom()"><img src="' . $config['template_url'] . '/images/vtour_zoom_out.gif" id="zoom_out" alt="Zoom Out" /></a>' . "\r\n";
$page->page = str_replace('{vtour_zoomout_button}', $vtour_zoomout_button, $page->page);
$vtour_zoomin_button = '<a onmouseover="imgOn(\'zoom_in\')" onmouseout="imgOff(\'zoom_in\')" onmousedown="ZoomItIn()" onmouseup="StopItZoom()"><img src="' . $config['template_url'] . '/images/vtour_zoom_in.gif" id="zoom_in" alt="Zoom In" /></a>' . "\r\n";
$page->page = str_replace('{vtour_zoomin_button}', $vtour_zoomin_button, $page->page);
$page->page = str_replace('{vtour_select}', $vtopts, $page->page);
$vtour_description = '<div id="desc"></div>' . "\r\n";
$page->page = str_replace('{vtour_description}', $vtour_description, $page->page);
// Need to have an onload command in the body tag or else the vtour doesn't load the text description properly
$onload = 'onload="newText(inittour)"';
$page->page = str_replace('{onload}', $onload, $page->page);
} elseif ($ext == 'egg') {
// if it's a .egg then use the egg solution for their proprietory file format
$egg_solution = '<!--[if !IE]>-->' . "\r\n";
$egg_solution .= '<object codetype="application/java" classid="java:EggApplet.class" archive="' . $config['baseurl'] . '/e3D.jar" width="' . $config['vtour_width'] . '" height="' . $config['vtour_height'] . '">' . "\r\n";
$egg_solution .= $album;
$egg_solution .= '<param name="Icons" value="' . $config['baseurl'] . '/applet.ear" />' . "\r\n";
$egg_solution .= '</object>' . "\r\n";
$egg_solution .= '<!--<![endif]-->' . "\r\n";
$egg_solution .= '<object classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93" codebase="http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab" width="' . $config['vtour_width'] . '" height="' . $config['vtour_height'] . '">' . "\r\n";
$egg_solution .= '<param name="code" value="EggApplet" />' . "\r\n";
$egg_solution .= '<param name="archive" value="' . $config['baseurl'] . '/e3D.jar" />' . "\r\n";
$egg_solution .= $album;
$egg_solution .= '<param name="Icons" value="' . $config['baseurl'] . '/applet.ear" />' . "\r\n";
$egg_solution .= '</object>' . "\r\n";
// Replace all the vtour tags
$page->page = str_replace('{vtour}', $egg_solution, $page->page);
$vtour_left_button = '';
$page->page = str_replace('{vtour_left_button}', $vtour_left_button, $page->page);
$vtour_pause_button = '';
$page->page = str_replace('{vtour_pause_button}', $vtour_pause_button, $page->page);
$vtour_right_button = '';
$page->page = str_replace('{vtour_right_button}', $vtour_right_button, $page->page);
$vtour_zoomout_button = '';
$page->page = str_replace('{vtour_zoomout_button}', $vtour_zoomout_button, $page->page);
$vtour_zoomin_button = '';
$page->page = str_replace('{vtour_zoomin_button}', $vtour_zoomin_button, $page->page);
$vtopts = '';
$page->page = str_replace('{vtour_select}', $vtopts, $page->page);
$vtour_description = '';
$page->page = str_replace('{vtour_description}', $vtour_description, $page->page);
// Need to have an onload command in the body tag or else the vtour doesn't load the text description properly
$onload = '';
$page->page = str_replace('{onload}', $onload, $page->page);
} else {
// if it's not a .jpg or .egg let them know it's not supported.
$unsupported_vtour = $lang['unsupported_vtour'];
// Replace all the vtour tags
$page->page = str_replace('{vtour}', $unsupported_vtour, $page->page);
$vtour_left_button = '';
$page->page = str_replace('{vtour_left_button}', $vtour_left_button, $page->page);
$vtour_pause_button = '';
$page->page = str_replace('{vtour_pause_button}', $vtour_pause_button, $page->page);
$vtour_right_button = '';
$page->page = str_replace('{vtour_right_button}', $vtour_right_button, $page->page);
$vtour_zoomout_button = '';
$page->page = str_replace('{vtour_zoomout_button}', $vtour_zoomout_button, $page->page);
$vtour_zoomin_button = '';
$page->page = str_replace('{vtour_zoomin_button}', $vtour_zoomin_button, $page->page);
$vtopts = '';
$page->page = str_replace('{vtour_select}', $vtopts, $page->page);
$vtour_description = '';
$page->page = str_replace('{vtour_description}', $vtour_description, $page->page);
// Need to have an onload command in the body tag or else the vtour doesn't load the text description properly
$onload = '';
$page->page = str_replace('{onload}', $onload, $page->page);
}
//end else $ext = Unsupported
if ($popup == false) {
$page->page = $page->remove_template_block('vtour_header', $page->page);
$page->page = $page->remove_template_block('vtour_footer', $page->page);
$page->page = $page->remove_template_block('vtour_content', $page->page);
} else {
$page->page = $page->cleanup_template_block('vtour_header', $page->page);
$page->page = $page->cleanup_template_block('vtour_footer', $page->page);
$page->page = $page->cleanup_template_block('vtour_content', $page->page);
}
$page->page = str_replace('{template_url}', $config['template_url'], $page->page);
$display = $page->return_page();
} else {
$display .= "<a href=\"index.php\">{$lang['perhaps_you_were_looking_something_else']}</a>";
}
} else {
$display .= "<a href=\"index.php\">{$lang['perhaps_you_were_looking_something_else']}</a>";
}
return $display;
}
public static function listing_view()
{
global $conn, $lang, $config;
$display = '';
if (isset($_GET['listingID']) && $_GET['listingID'] != "" && is_numeric($_GET['listingID'])) {
$sql = 'SELECT listingsdb_id FROM ' . $config['table_prefix'] . 'listingsdb WHERE listingsdb_id=' . $_GET['listingID'];
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$num = $recordSet->RecordCount();
if ($num != 0) {
// first, check to see whether the listing is currently active
$show_listing = listing_pages::checkActive($_GET['listingID']);
if ($show_listing == "yes") {
require_once $config['basepath'] . '/include/class/template/core.inc.php';
$page = new page_user();
//Lookup Class
$sql2 = "SELECT class_id FROM " . $config['table_prefix_no_lang'] . "classlistingsdb WHERE listingsdb_id = {$_GET['listingID']}";
$recordSet2 = $conn->SelectLimit($sql2, 1, 0);
$num = $recordSet2->RecordCount();
if ($recordSet2 === false) {
$misc->log_error($sql2);
}
$class = $recordSet2->fields['class_id'];
if (file_exists($config['template_path'] . '/listing_detail_pclass' . $class . '.html')) {
$page->load_page($config['template_path'] . '/listing_detail_pclass' . $class . '.html');
} else {
$page->load_page($config['template_path'] . '/' . $config['listing_template']);
}
$sections = explode(',', $config['template_listing_sections']);
foreach ($sections as $section) {
$replace = listing_pages::renderTemplateArea($section, $_GET['listingID']);
$page->replace_tag($section, $replace);
}
$page->replace_listing_field_tags($_GET['listingID']);
// Check to see if listing owner is an admin only.
$is_admin = listing_pages::getListingAgentAdminStatus($_GET['listingID']);
if ($is_admin == true && $config["show_listedby_admin"] == 0) {
$page->page = $page->remove_template_block('show_listed_by_admin', $page->page);
$page->page = $page->cleanup_template_block('!show_listed_by_admin', $page->page);
} else {
$page->page = $page->cleanup_template_block('show_listed_by_admin', $page->page);
$page->page = $page->remove_template_block('!show_listed_by_admin', $page->page);
}
if ($config['show_next_prev_listing_page'] == 1) {
$next_prev = listing_pages::listing_next_prev();
$page->page = str_replace('{next_prev}', $next_prev, $page->page);
} else {
$page->page = str_replace('{next_prev}', '', $page->page);
}
require_once $config['basepath'] . '/include/vtour.inc.php';
$goodvtour = vtours::goodvtour($_GET['listingID']);
if ($goodvtour == true) {
$page->page = $page->cleanup_template_block('vtour_tab', $page->page);
} else {
$page->page = $page->remove_template_block('vtour_tab', $page->page);
}
$display .= $page->return_page();
} else {
$display .= $lang['this_listing_is_not_active'];
}
} else {
$display .= "<a href=\"index.php\">{$lang['perhaps_you_were_looking_something_else']}</a>";
}
} else {
$display .= "<a href=\"index.php\">{$lang['perhaps_you_were_looking_something_else']}</a>";
}
return $display;
}
function edit_listings($only_my_listings = true)
{
global $conn, $lang, $config, $listingID;
if ($only_my_listings == false) {
$security = login::loginCheck('edit_all_listings', true);
} else {
$security = login::loginCheck('Agent', true);
}
$display = '';
if ($security === true) {
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
require_once $config['basepath'] . '/include/forms.inc.php';
$forms = new forms();
require_once $config['basepath'] . '/include/class/template/core.inc.php';
$page = new page_user();
// $display .= '<span class="section_header">'.$lang['listings_editor'].'<span><br /><br />';
if (!isset($_GET['delete'])) {
$_GET['delete'] = '';
}
if ($_GET['delete'] != '') {
if ($_SESSION['admin_privs'] == 'yes' || $_SESSION['edit_all_listings'] == 'yes') {
listing_editor::delete_listing($_GET['delete'], false);
} else {
listing_editor::delete_listing($_GET['delete'], true);
}
}
if (!isset($_POST['action'])) {
$_POST['action'] = '';
}
if ($_POST['action'] == "update_listing") {
if ($_SESSION['admin_privs'] == 'yes' || $_SESSION['edit_all_listings'] == 'yes') {
$display .= listing_editor::update_listing(false);
} else {
$display .= listing_editor::update_listing(true);
}
}
// end if $action == "update listing"
if (!isset($_GET['edit'])) {
$_GET['edit'] = '';
}
if (isset($_POST['lookup_field']) && isset($_POST['lookup_value'])) {
$_SESSION['edit_listing_qeb_lookup_field'] = $_POST['lookup_field'];
$_SESSION['edit_listing_qeb_lookup_value'] = $_POST['lookup_value'];
}
if (isset($_SESSION['edit_listing_qeb_lookup_field']) && isset($_SESSION['edit_listing_qeb_lookup_value'])) {
if ($_SESSION['edit_listing_qeb_lookup_field'] != 'listingsdb_id') {
$_POST['lookup_field'] = $_SESSION['edit_listing_qeb_lookup_field'];
$_POST['lookup_value'] = $_SESSION['edit_listing_qeb_lookup_value'];
}
}
if (isset($_POST['filter'])) {
$_SESSION['edit_listing_qeb_filter'] = $_POST['filter'];
}
if (isset($_SESSION['edit_listing_qeb_filter'])) {
$_POST['filter'] = $_SESSION['edit_listing_qeb_filter'];
}
if (isset($_POST['agent_filter'])) {
$_SESSION['edit_listing_qeb_agent_filter'] = $_POST['agent_filter'];
}
if (isset($_SESSION['edit_listing_qeb_agent_filter'])) {
$_POST['agent_filter'] = $_SESSION['edit_listing_qeb_agent_filter'];
}
if (isset($_POST['pclass_filter'])) {
$_SESSION['edit_listing_qeb_pclass_filter'] = $_POST['pclass_filter'];
}
if (isset($_SESSION['edit_listing_qeb_pclass_filter'])) {
$_POST['pclass_filter'] = $_SESSION['edit_listing_qeb_pclass_filter'];
}
if (isset($_POST['lookup_field']) && isset($_POST['lookup_value']) && $_POST['lookup_field'] == 'listingsdb_id' && $_POST['lookup_value'] != '') {
$_GET['edit'] = intval($_POST['lookup_value']);
}
if ($only_my_listings == TRUE) {
unset($_POST['agent_filter']);
}
if ($_GET['edit'] != "") {
$edit = intval($_GET['edit']);
// first, grab the listings's main info
if ($only_my_listings == true) {
$sql = "SELECT listingsdb_id, listingsdb_title, listingsdb_notes, userdb_id, listingsdb_last_modified, listingsdb_featured, listingsdb_active, listingsdb_mlsexport, listingsdb_expiration FROM " . $config['table_prefix'] . "listingsdb WHERE (listingsdb_id = {$edit}) AND (userdb_id = '{$_SESSION['userID']}')";
} else {
$sql = "SELECT listingsdb_id, listingsdb_title, listingsdb_notes, userdb_id, listingsdb_last_modified, listingsdb_featured, listingsdb_active, listingsdb_mlsexport, listingsdb_expiration FROM " . $config['table_prefix'] . "listingsdb WHERE (listingsdb_id = {$edit})";
}
$ADODB_FETCH_MODE = ADODB_FETCH_ASSOC;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
if ($recordSet->RecordCount() > 0) {
// collect up the main DB's various fields
$listing_ID = $misc->make_db_unsafe($recordSet->fields['listingsdb_id']);
$edit_title = $misc->make_db_unsafe($recordSet->fields['listingsdb_title']);
$edit_notes = $misc->make_db_unsafe($recordSet->fields['listingsdb_notes']);
$edit_mlsexport = $misc->make_db_unsafe($recordSet->fields['listingsdb_mlsexport']);
$edit_or_owner = $recordSet->fields['userdb_id'];
$last_modified = $recordSet->UserTimeStamp($recordSet->fields['listingsdb_last_modified'], 'D M j G:i:s T Y');
$edit_featured = $recordSet->fields['listingsdb_featured'];
$edit_active = $recordSet->fields['listingsdb_active'];
$expiration = $recordSet->UserTimeStamp($recordSet->fields['listingsdb_expiration'], $config["date_format_timestamp"]);
// now, display all that stuff
$display .= '<table class="form_main">';
$display .= '<tr>';
$display .= '<td colspan="3" class="row_main">';
if ($only_my_listings == true) {
$display .= '<span class="section_header"><a href="index.php?action=edit_my_listings">' . $lang['listings_editor'] . '</a></span><br />';
} else {
$display .= '<span class="section_header"><a href="index.php?action=edit_listings">' . $lang['listings_editor'] . '</a></span><br />';
}
$display .= '<h3>' . $lang['admin_listings_editor_modify_listing'] . ' (<a href="' . $config['baseurl'] . '/index.php?action=listingview&listingID=' . $listing_ID . '" target="_preview">' . $lang['preview'] . '</a>)</h3>';
$display .= '</td>';
$display .= '</tr>';
$display .= '<tr>';
$display .= '<td valign="top" align="center" class="row_main">';
$display .= '<b>' . $lang['images'] . '</b>';
$display .= '<br />';
$display .= '<hr width="75%" />';
$display .= '<form action="index.php?action=edit_listing_images" method="post" name="edit_listing_images"><input type="hidden" name="edit" value="' . $_GET['edit'] . '" /><a href="javascript:document.edit_listing_images.submit()">' . $lang['edit_images'] . '</a></form>';
$display .= '<br />';
$sql = "SELECT listingsimages_caption, listingsimages_file_name, listingsimages_thumb_file_name FROM " . $config['table_prefix'] . "listingsimages WHERE (listingsdb_id = {$edit}) ORDER BY listingsimages_rank";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$caption = $misc->make_db_unsafe($recordSet->fields['listingsimages_caption']);
$thumb_file_name = $misc->make_db_unsafe($recordSet->fields['listingsimages_thumb_file_name']);
$file_name = $misc->make_db_unsafe($recordSet->fields['listingsimages_file_name']);
// gotta grab the image size
$thumb_imagedata = GetImageSize("{$config['listings_upload_path']}/{$thumb_file_name}");
$thumb_imagewidth = $thumb_imagedata[0];
$thumb_imageheight = $thumb_imagedata[1];
$thumb_max_width = $config['thumbnail_width'];
$thumb_max_height = $config['thumbnail_height'];
$resize_by = $config['resize_thumb_by'];
$shrinkage = 1;
if ($thumb_max_width == $thumb_imagewidth || $thumb_max_height == $thumb_imageheight) {
$thumb_displaywidth = $thumb_imagewidth;
$thumb_displayheight = $thumb_imageheight;
} else {
if ($resize_by == 'width') {
$shrinkage = $thumb_imagewidth / $thumb_max_width;
$thumb_displaywidth = $thumb_max_width;
$thumb_displayheight = round($thumb_imageheight / $shrinkage);
} elseif ($resize_by == 'height') {
$shrinkage = $thumb_imageheight / $thumb_max_height;
$thumb_displayheight = $thumb_max_height;
$thumb_displaywidth = round($thumb_imagewidth / $shrinkage);
} elseif ($resize_by == 'both') {
$thumb_displayheight = $thumb_max_height;
$thumb_displaywidth = $thumb_max_width;
}
}
$display .= "<a href=\"{$config['listings_view_images_path']}/{$file_name}\" target=\"_thumb\"> ";
$display .= "<img src=\"{$config['listings_view_images_path']}/{$thumb_file_name}\" height=\"{$thumb_displayheight}\" width=\"{$thumb_displaywidth}\" alt=\"{$thumb_file_name}\" /></a><br /> ";
$display .= "<b>{$caption}</b><br /><br />";
$recordSet->MoveNext();
}
// end while
$display .= '</td>';
if ($_SESSION['admin_privs'] == "yes" || $_SESSION['havevtours'] == "yes") {
$display .= '<td valign="top" align="center" class="row_main">';
$display .= '<b>' . $lang['vtours'] . '</b>';
$display .= '<br />';
$display .= '<hr width="75%" />';
$display .= '<form action="index.php?action=edit_vtour_images" method="post" name="edit_vtour_images"><input type="hidden" name="edit" value="' . $edit . '" /><a href="javascript:document.edit_vtour_images.submit()">' . $lang['edit_vtours'] . '</a></form>';
$display .= '<br />';
$sql = "SELECT vtourimages_caption, vtourimages_file_name, vtourimages_thumb_file_name FROM " . $config['table_prefix'] . "vtourimages WHERE (listingsdb_id = '{$edit}') ORDER BY vtourimages_rank";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$caption = $misc->make_db_unsafe($recordSet->fields['vtourimages_caption']);
$thumb_file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_thumb_file_name']);
$file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_file_name']);
$ext = substr(strrchr($file_name, '.'), 1);
if ($ext == 'jpg') {
// gotta grab the image size
$imagedata = GetImageSize("{$config['vtour_upload_path']}/{$thumb_file_name}");
$imagewidth = $imagedata[0];
$imageheight = $imagedata[1];
$shrinkage = $config['thumbnail_width'] / $imagewidth;
$displaywidth = $imagewidth * $shrinkage;
$displayheight = $imageheight * $shrinkage;
$display .= "<a href=\"{$config['vtour_view_images_path']}/{$file_name}\" target=\"_thumb\">";
$display .= "<img src=\"{$config['vtour_view_images_path']}/{$thumb_file_name}\" height=\"{$displayheight}\" width=\"{$displaywidth}\" alt=\"{$thumb_file_name}\" /></a><br /> ";
$display .= "<strong>{$caption}</strong><br /><br />";
$recordSet->MoveNext();
} elseif ($ext == 'egg') {
$display .= "<img src=\"{$config['baseurl']}/images/eggimage.gif\" alt=\"eggimage.gif\" /><br /> ";
$recordSet->MoveNext();
} else {
$display .= $file_name . '<br />' . $lang['unsupported_vtour'] . '<br /><br />';
$recordSet->MoveNext();
}
}
// end while
if ($_SESSION['admin_privs'] == "yes" || $_SESSION['havefiles'] == "yes") {
$display .= '<br />';
} else {
$display .= '</td>';
}
}
// Place the Files list and edit files link on the edit listing page if we are allowed to have files.
if ($_SESSION['admin_privs'] == "yes" || $_SESSION['havefiles'] == "yes") {
if ($_SESSION['admin_privs'] == "yes" || $_SESSION['havevtours'] == "yes") {
$display .= '<br />';
} else {
$display .= '<td valign="top" align="center" class="row_main">';
}
$display .= '<b>' . $lang['files'] . '</b>';
$display .= '<br />';
$display .= '<hr width="75%" />';
$display .= '<form action="index.php?action=edit_listing_files" method="post" name="edit_listing_files"><input type="hidden" name="edit" value="' . $_GET['edit'] . '" /><a href="javascript:document.edit_listing_files.submit()">' . $lang['edit_files'] . '</a></form>';
$display .= '<br />';
$sql = "SELECT listingsfiles_id, listingsfiles_caption, listingsfiles_file_name FROM " . $config['table_prefix'] . "listingsfiles WHERE (listingsdb_id = '{$_GET['edit']}')";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$caption = $misc->make_db_unsafe($recordSet->fields['listingsfiles_caption']);
$file_name = $misc->make_db_unsafe($recordSet->fields['listingsfiles_file_name']);
$file_id = $misc->make_db_unsafe($recordSet->fields['listingsfiles_id']);
$iconext = substr(strrchr($file_name, '.'), 1);
$iconpath = $config["file_icons_path"] . '/' . $iconext . '.png';
if (file_exists($iconpath)) {
$icon = $config["listings_view_file_icons_path"] . '/' . $iconext . '.png';
} else {
$icon = $config["listings_view_file_icons_path"] . '/default.png';
}
$file_download_url = 'index.php?action=create_download&ID=' . $edit . '&file_id=' . $file_id . '&type=listing';
$display .= '<a href="' . $config['baseurl'] . '/' . $file_download_url . '" target="_thumb">';
$display .= '<img src="' . $icon . '" height="' . $config["file_icon_height"] . '" width="' . $config["file_icon_width"] . '" alt="' . $file_name . '" /><br />';
$display .= '<strong>' . $file_name . '</strong></a><br />';
$display .= '<strong>' . $caption . '</strong><br /><br />';
$recordSet->MoveNext();
}
// end while
$display .= '</td>';
}
$display .= '<td class="row_main">';
//START FORM VALIDATION
if (isset($_POST['property_class'])) {
$class_sql = '';
foreach ($_POST['property_class'] as $class_id) {
if (empty($class_sql)) {
$class_sql .= ' class_id = ' . $class_id;
} else {
$class_sql .= ' OR class_id = ' . $class_id;
}
$display .= '<input type="hidden" name="property_class[]" value="' . $class_id . '" />';
}
$pclass_list = '';
$sql = "SELECT DISTINCT(listingsformelements_id) FROM " . $config['table_prefix_no_lang'] . "classformelements WHERE " . $class_sql;
$recordSet = $conn->execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
if (empty($pclass_list)) {
$pclass_list .= $recordSet->fields['listingsformelements_id'];
} else {
$pclass_list .= ',' . $recordSet->fields['listingsformelements_id'];
}
$recordSet->Movenext();
}
if ($pclass_list == '') {
$pclass_list = 0;
}
$sql = "SELECT listingsformelements_field_type, listingsformelements_field_name, listingsformelements_field_caption, listingsformelements_default_text, listingsformelements_field_elements, listingsformelements_required from " . $config['table_prefix'] . "listingsformelements WHERE listingsformelements_id IN (" . $pclass_list . ") ORDER BY listingsformelements_rank, listingsformelements_field_name";
} else {
$sql = "SELECT listingsformelements_field_type, listingsformelements_field_name, listingsformelements_field_caption, listingsformelements_default_text, listingsformelements_field_elements, listingsformelements_required from " . $config['table_prefix'] . "listingsformelements ORDER BY listingsformelements_rank, listingsformelements_field_name";
}
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$display .= "\r\n<script type=\"text/javascript\" >\r\n";
$display .= "<!--\r\n";
$display .= "function validate_form()\r\n";
$display .= "{\r\n";
$display .= "var msg=\"\"\r\n";
$display .= "valid = true;\r\n";
$display .= "if ( document.update_listing.title.value == \"\" )\r\n";
$display .= "{\r\n";
$display .= "msg += '{$lang['forgot_field']} {$lang['admin_listings_editor_title']} {$lang['admin_template_editor_field']}.\\r\\n';\r\n";
$display .= "valid = false;\r\n";
$display .= "}\r\n";
while (!$recordSet->EOF) {
$field_name = $recordSet->fields['listingsformelements_field_name'];
$field_caption = $recordSet->fields['listingsformelements_field_caption'];
$required = $recordSet->fields['listingsformelements_required'];
if ($required == 'Yes') {
$display .= "if ( document.update_listing.{$field_name}.value == \"\" )\r\n";
$display .= "{\r\n";
$display .= "msg += '" . html_entity_decode($lang[forgot_field]) . " {$field_caption} " . html_entity_decode($lang[admin_template_editor_field]) . ".\\r\\n';\r\n";
$display .= "valid = false;\r\n";
$display .= "}\r\n";
}
$recordSet->MoveNext();
}
$display .= "if (msg != \"\")\r\n";
$display .= "{\r\n";
$display .= "alert (msg);";
$display .= "}\r\n";
$display .= "return valid;\r\n";
$display .= "}\r\n";
$display .= "//-->\r\n";
$display .= "</script>\r\n";
//END FORM VALIDATION
$display .= '<table>';
if ($only_my_listings == true) {
$display .= '<form name="update_listing" action="index.php?action=edit_my_listings&edit=' . $_GET['edit'] . '" method="post" onsubmit="return validate_form ( );">';
} else {
$display .= '<form name="update_listing" action="index.php?action=edit_listings&edit=' . $_GET['edit'] . '" method="post" onsubmit="return validate_form ( );">';
}
$display .= '<input type="hidden" name="action" value="update_listing">';
$display .= '<input type="hidden" name="edit" value="' . $_GET['edit'] . '">';
$display .= '<tr>';
$display .= '<td align="right"><b>' . $lang['admin_listings_editor_title'] . ': <font color="red">*</font></b></td>';
$display .= '<td align="left"> <input type="text" name="title" value="' . $edit_title . '"></td></tr>';
// Display Property Classes
$sql2 = 'SELECT class_id FROM ' . $config['table_prefix_no_lang'] . 'classlistingsdb WHERE listingsdb_id =' . $listing_ID;
$recordSet2 = $conn->execute($sql2);
if ($recordSet2 === false) {
$misc->log_error($sql2);
}
$selected_class_id = array();
while (!$recordSet2->EOF) {
$selected_class_id[] = $recordSet2->fields['class_id'];
$recordSet2->MoveNext();
}
$sql2 = 'SELECT class_id,class_name FROM ' . $config['table_prefix'] . 'class';
$recordSet2 = $conn->execute($sql2);
if ($recordSet2 === false) {
$misc->log_error($sql2);
}
$display .= '<tr><td align="right"><b>' . $lang['admin_listings_editor_property_class'] . '</b></td><td align="left">';
$display .= '<select name="pclass[]"';
if ($config["multiple_pclass_selection"] == '1') {
$display .= ' multiple="multiple" size="5"';
}
$display .= '>';
while (!$recordSet2->EOF) {
$class_id = $recordSet2->fields['class_id'];
$class_name = $misc->make_db_unsafe($recordSet2->fields['class_name']);
if (in_array($class_id, $selected_class_id, true)) {
$display .= '<option value="' . $class_id . '" selected="selected">' . $class_name . '</option>';
} else {
$display .= '<option value="' . $class_id . '">' . $class_name . '</option>';
}
$recordSet2->MoveNext();
}
$display .= '</select></td></tr>';
// End property Class Display
if ($_SESSION['featureListings'] == "yes" || $_SESSION['admin_privs'] == "yes") {
$display .= '<tr><td align="right"><b>' . $lang['admin_listings_editor_featured'] . ':</b></td><td align="left">';
$display .= '<select name="featured" size="1">';
$display .= '<option value="' . $edit_featured . '">' . $lang['' . $edit_featured . ''] . '</option>';
$display .= '<option value="">-----</option>';
$display .= '<option value="yes">' . $lang['yes'] . '</option>';
$display .= '<option value="no">' . $lang['no'] . '</option>';
$display .= '</select></td></tr>';
}
// end if ($featureListings == "yes")
if ($_SESSION['admin_privs'] == "yes" || $_SESSION['moderator'] == 'yes') {
$display .= '<tr><td align="right"><b>' . $lang['admin_listings_active'] . ':</b></td><td align="left">';
$display .= '<select name="edit_active" size="1">';
$display .= '<option value="' . $edit_active . '">' . $lang['' . $edit_active . ''] . '</option>';
$display .= '<option value="">-----</option>';
$display .= '<option value="yes">' . $lang['yes'] . '</option>';
$display .= '<option value="no">' . $lang['no'] . '</option>';
$display .= '</select></td></tr>';
if ($config['moderate_listings'] == 1 && $edit_active == 'no') {
$display .= '<tr><td align="right"><b>' . $lang['admin_send_notices'] . ':</b></td><td align="left">';
$display .= '<select name="send_notices" size="1">';
$display .= '<option value="no">' . $lang['no'] . '</option>';
$display .= '<option value="yes">' . $lang['yes'] . '</option>';
$display .= '</select>';
$display .= ' <a href="#" class="tooltip"><img src="images/info.gif" width="16" height="16" /><span>' . $lang['send_notices_tool_tip'] . '</span></a>';
$display .= '</td></tr>';
}
}
// end if ($featureListings == "yes")
if (($_SESSION['admin_privs'] == "yes" || $_SESSION['edit_expiration'] == "yes") && $config['use_expiration'] == "1") {
$display .= '<tr><td align="right" class="row_main"><b>' . $lang['expiration'] . ':</b></td><td align="left"><input type="text" name="edit_expiration" value="' . $expiration . '" onFocus="javascript:vDateType=\'' . $config['date_format'] . '\'" onKeyUp="DateFormat(this,this.value,event,false,\'' . $config['date_format'] . '\')" onBlur="DateFormat(this,this.value,event,true,\'' . $config['date_format'] . '\')" />(' . $config['date_format_long'] . ')</td></tr>';
}
// end if ($admin_privs == "yes" and $config[use_expiration] = "yes")
if ($config["export_listings"] == 1 && $_SESSION['export_listings'] == "yes") {
$display .= '<tr><td align="right"><strong>' . $lang['admin_listings_editor_mlsexport'] . ':</strong></td><td align="left">';
$display .= '<select name="mlsexport" size="1">';
$display .= '<option value="' . $edit_mlsexport . '">' . $lang['' . $edit_mlsexport . ''] . '</option>';
$display .= '<option value="">-----</option>';
$display .= '<option value="yes">' . $lang['yes'] . '</option>';
$display .= '<option value="no">' . $lang['no'] . '</option>';
$display .= '</select>';
$display .= '</td></tr>';
} else {
$display .= '<input type="hidden" name="mlsexport" value="no" />';
}
// Display Agent selection Option to reassign listing
if ($_SESSION['admin_privs'] == "yes" || $_SESSION['edit_all_listings'] == "yes") {
$display .= '<tr><td align="right"><b>' . $lang['listing_editor_listing_agent'] . ':</b></td>';
$display .= '<td align="left" class="row_main"><select name="or_owner" size="1">';
// find the name of the agent listed as ID in $edit_or_owner
$sql = "SELECT userdb_user_first_name, userdb_user_last_name FROM " . $config['table_prefix'] . "userdb WHERE (userdb_id = {$edit_or_owner})";
$ADODB_FETCH_MODE = ADODB_FETCH_ASSOC;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
// strip slashes so input appears correctly
$agent_first_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_first_name']);
$agent_last_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_last_name']);
$display .= "<option value=\"{$edit_or_owner}\">{$agent_last_name},{$agent_first_name}</option>";
// fill list with names of all agents
$sql = "SELECT userdb_id, userdb_user_first_name, userdb_user_last_name FROM " . $config['table_prefix'] . "userdb where userdb_is_agent = 'yes' or userdb_is_admin = 'yes' ORDER BY userdb_user_last_name,userdb_user_first_name";
$ADODB_FETCH_MODE = ADODB_FETCH_ASSOC;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
// strip slashes so input appears correctly
$agent_ID = $recordSet->fields['userdb_id'];
$agent_first_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_first_name']);
$agent_last_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_last_name']);
$display .= "<option value=\"{$agent_ID}\">{$agent_last_name},{$agent_first_name}</option>";
$recordSet->MoveNext();
}
$display .= "</select></td>";
$display .= '</tr>';
} else {
$display .= '<input type="hidden" name="or_owner" value="' . $edit_or_owner . '" />';
}
// Show Notes Field
if ($config["show_notes_field"] == 1) {
$display .= '<tr><td align="right"><b>' . $lang['admin_listings_editor_notes'] . ':</b><br /><div class="small">(' . $lang['admin_listings_editor_notes_note'] . ')</div></td><td align="left"> <textarea name="notes" rows="6" cols="40">' . $edit_notes . '</textarea></td></tr>';
} else {
$display .= '<input type="hidden" name="notes" value="' . $edit_notes . '" />';
}
// Show Listing Fields for this property class
$sql = 'SELECT class_id from ' . $config['table_prefix_no_lang'] . 'classlistingsdb WHERE listingsdb_id =' . $edit;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$class_sql = '';
while (!$recordSet->EOF()) {
$class_id = $recordSet->fields['class_id'];
if (empty($class_sql)) {
$class_sql .= ' class_id = ' . $class_id;
} else {
$class_sql .= ' OR class_id = ' . $class_id;
}
$recordSet->MoveNext();
}
$class_list = '';
$sql = "SELECT DISTINCT(listingsformelements_id) FROM " . $config['table_prefix_no_lang'] . "classformelements WHERE " . $class_sql;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
if (empty($class_list)) {
$class_list .= $recordSet->fields['listingsformelements_id'];
} else {
$class_list .= ',' . $recordSet->fields['listingsformelements_id'];
}
$recordSet->MoveNext();
}
if ($class_list == '') {
$class_list = 0;
}
$sql = "SELECT listingsformelements_field_name, listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption, listingsformelements_default_text, listingsformelements_field_elements, listingsformelements_required, listingsformelements_field_length, listingsformelements_tool_tip FROM " . $config['table_prefix'] . "listingsformelements left join " . $config['table_prefix'] . "listingsdbelements on listingsdbelements_field_name = listingsformelements_field_name AND listingsdb_id = {$edit} WHERE listingsformelements_id IN (" . $class_list . ") ORDER BY listingsformelements_rank";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$field_name = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_name']);
if (isset($_POST[$field_name])) {
if (is_array($_POST[$field_name])) {
$field_value = "";
foreach ($_POST[$field_name] as $feature_item) {
$feature_item = $misc->make_db_unsafe($feature_item);
$field_value .= "||{$feature_item}";
}
// end while
// now remove the first two characters
$feature_insert_length = strlen($field_value);
$feature_insert_length = $feature_insert_length - 2;
$field_value = substr($field_value, 2, $feature_insert_length);
} else {
$field_value = $misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']);
}
} else {
$field_value = $misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']);
}
$field_type = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_type']);
$field_caption = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_caption']);
$default_text = $misc->make_db_unsafe($recordSet->fields['listingsformelements_default_text']);
$field_elements = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_elements']);
$required = $misc->make_db_unsafe($recordSet->fields['listingsformelements_required']);
$field_length = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_length']);
$tool_tip = $misc->make_db_unsafe($recordSet->fields['listingsformelements_tool_tip']);
// pass the data to the function
$display .= $forms->renderExistingFormElement($field_type, $field_name, $field_value, $field_caption, $default_text, $required, $field_elements, $field_length, $tool_tip);
$recordSet->MoveNext();
}
//$editid = substr($edit, 1, -1) * 1;
if ($only_my_listings == true) {
$edit_link = $config['baseurl'] . '/admin/index.php?action=edit_my_listings&edit=' . $edit;
$delete_link = $config['baseurl'] . '/admin/index.php?action=edit_my_listings&delete=' . $edit;
} else {
$edit_link = $config['baseurl'] . '/admin/index.php?action=edit_listings&edit=' . $edit;
$delete_link = $config['baseurl'] . '/admin/index.php?action=edit_listings&delete=' . $edit;
}
$display .= '<tr><td colspan="2" align="center">' . $lang[required_form_text] . '</td></tr>';
$display .= '<tr><td colspan="2" align="center"><input type="submit" value="' . $lang[update_button] . '"> <a href="' . $delete_link . '" onclick="return confirmDelete()">' . $lang[admin_listings_editor_delete_listing] . '</a></td></tr></table></form>';
$display .= '</td></tr></table>';
} else {
$display .= '<center><span class="redtext">' . $lang['admin_listings_editor_invalid_listing'] . '</span></center>';
$next_prev = '<center>' . $misc->next_prev($num_rows, $_GET['cur_page'], "", '', TRUE) . '</center>';
// put in the next/previous stuff
$display .= listing_editor::show_quick_edit_bar($next_prev, $only_my_listings);
}
} else {
// show all the listings
$sql_filter = '';
if (isset($_POST['filter'])) {
if ($_POST['filter'] == 'active') {
$sql_filter = " AND listingsdb_active = 'yes' ";
}
if ($_POST['filter'] == 'inactive') {
$sql_filter = " AND listingsdb_active = 'no' ";
}
if ($_POST['filter'] == 'expired') {
$sql_filter = " AND listingsdb_expiration < " . $conn->DBDate(time());
}
if ($_POST['filter'] == 'featured') {
$sql_filter = " AND listingsdb_featured = 'yes' ";
}
if ($_POST['filter'] == 'created_1week') {
$sql_filter = " AND listingsdb_creation_date >= " . $conn->DBDate(date('Y-m-d', strtotime('-1 week')));
}
if ($_POST['filter'] == 'created_1month') {
$sql_filter = " AND listingsdb_creation_date >= " . $conn->DBDate(date('Y-m-d', strtotime('-1 month')));
}
if ($_POST['filter'] == 'created_3month') {
$sql_filter = " AND listingsdb_creation_date >= " . $conn->DBDate(date('Y-m-d', strtotime('-3 month')));
}
}
$lookup_sql = '';
if (isset($_POST['lookup_field']) && isset($_POST['lookup_value']) && $_POST['lookup_field'] != 'listingsdb_id' && $_POST['lookup_field'] != 'listingsdb_title' && $_POST['lookup_value'] != '') {
$lookup_field = $misc->make_db_safe($_POST['lookup_field']);
$lookup_value = $misc->make_db_safe('%' . $_POST['lookup_value'] . '%');
$sql = 'SELECT listingsdb_id FROM ' . $config['table_prefix'] . 'listingsdbelements WHERE listingsdbelements_field_name = ' . $lookup_field . ' AND listingsdbelements_field_value LIKE ' . $lookup_value;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$listing_ids = array();
while (!$recordSet->EOF) {
$listing_ids[] = $recordSet->fields['listingsdb_id'];
$recordSet->MoveNext();
}
if (count($listing_ids) > 0) {
$listing_ids = implode(',', $listing_ids);
} else {
$listing_ids = '0';
}
$lookup_sql = ' AND listingsdb_id IN (' . $listing_ids . ') ';
}
if (isset($_POST['lookup_field']) && isset($_POST['lookup_value']) && $_POST['lookup_field'] == 'listingsdb_title' && $_POST['lookup_value'] != '') {
$lookup_value = $misc->make_db_safe('%' . $_POST['lookup_value'] . '%');
$sql = 'SELECT listingsdb_id FROM ' . $config['table_prefix'] . 'listingsdb WHERE listingsdb_title LIKE ' . $lookup_value;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$listing_ids = array();
while (!$recordSet->EOF) {
$listing_ids[] = $recordSet->fields['listingsdb_id'];
$recordSet->MoveNext();
}
if (count($listing_ids) > 0) {
$listing_ids = implode(',', $listing_ids);
} else {
$listing_ids = '0';
}
$lookup_sql = ' AND listingsdb_id IN (' . $listing_ids . ') ';
}
if (isset($_POST['pclass_filter']) && $_POST['pclass_filter'] != '') {
$pclass_filter = $misc->make_db_safe($_POST['pclass_filter']);
$sql = 'SELECT listingsdb_id FROM ' . $config['table_prefix_no_lang'] . 'classlistingsdb WHERE class_id = ' . $pclass_filter;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$listing_ids = array();
while (!$recordSet->EOF) {
$listing_ids[] = $recordSet->fields['listingsdb_id'];
$recordSet->MoveNext();
}
if (count($listing_ids) > 0) {
$listing_ids = implode(',', $listing_ids);
} else {
$listing_ids = '0';
}
$pclass_sql = ' AND listingsdb_id IN (' . $listing_ids . ') ';
}
if (isset($_POST['agent_filter']) && $_POST['agent_filter'] != '') {
$agent_filter = $misc->make_db_safe($_POST['agent_filter']);
$sql = 'SELECT listingsdb_id FROM ' . $config['table_prefix'] . 'listingsdb WHERE userdb_id = ' . $agent_filter;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$listing_ids = array();
while (!$recordSet->EOF) {
$listing_ids[] = $recordSet->fields['listingsdb_id'];
$recordSet->MoveNext();
}
if (count($listing_ids) > 0) {
$listing_ids = implode(',', $listing_ids);
} else {
$listing_ids = '0';
}
$agent_sql = ' AND listingsdb_id IN (' . $listing_ids . ') ';
}
// grab the number of listings from the db
if ($only_my_listings == true) {
$sql = "SELECT listingsdb_id, listingsdb_title, listingsdb_mlsexport, listingsdb_notes,\tlistingsdb_expiration, listingsdb_active, listingsdb_featured, listingsdb_hit_count, userdb_emailaddress FROM " . $config['table_prefix'] . "listingsdb, " . $config['table_prefix'] . "userdb WHERE " . $config['table_prefix'] . "listingsdb.userdb_id = " . $config['table_prefix'] . "userdb.userdb_id AND (" . $config['table_prefix'] . "userdb.userdb_id = '{$_SESSION['userID']}') {$sql_filter} {$lookup_sql} {$pclass_sql} {$agent_sql} ORDER BY listingsdb_id ASC";
} else {
$sql = "SELECT listingsdb_id, listingsdb_title, listingsdb_mlsexport, listingsdb_notes,\tlistingsdb_expiration, listingsdb_active, listingsdb_featured, listingsdb_hit_count, userdb_emailaddress FROM " . $config['table_prefix'] . "listingsdb, " . $config['table_prefix'] . "userdb WHERE " . $config['table_prefix'] . "listingsdb.userdb_id = " . $config['table_prefix'] . "userdb.userdb_id {$sql_filter} {$lookup_sql} {$pclass_sql} {$agent_sql} ORDER BY listingsdb_id ASC";
}
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$num_rows = $recordSet->RecordCount();
if (!isset($_GET['cur_page'])) {
$_GET['cur_page'] = 0;
}
$next_prev = '<center>' . $misc->next_prev($num_rows, $_GET['cur_page'], "", '', TRUE) . '</center>';
// put in the next/previous stuff
$display .= listing_editor::show_quick_edit_bar($next_prev, $only_my_listings);
// build the string to select a certain number of listings per page
$limit_str = $_GET['cur_page'] * $config['listings_per_page'];
$recordSet = $conn->SelectLimit($sql, $config['listings_per_page'], $limit_str);
if ($recordSet === false) {
$misc->log_error($sql);
}
$count = 0;
$display .= "<br /><br />";
$page->load_page($config['admin_template_path'] . '/edit_listings.html');
$page->replace_lang_template_tags();
$page->replace_tags();
$addons = $page->load_addons();
$listing_section = $page->get_template_section('listing_dataset');
while (!$recordSet->EOF) {
// alternate the colors
if ($count == 0) {
$count = $count + 1;
} else {
$count = 0;
}
$listing .= $listing_section;
// strip slashes so input appears correctly
$title = $misc->make_db_unsafe($recordSet->fields['listingsdb_title']);
$notes = $misc->make_db_unsafe($recordSet->fields['listingsdb_notes']);
$active = $misc->make_db_unsafe($recordSet->fields['listingsdb_active']);
$featured = $misc->make_db_unsafe($recordSet->fields['listingsdb_featured']);
$mlsexport = $misc->make_db_unsafe($recordSet->fields['listingsdb_mlsexport']);
$email = $misc->make_db_unsafe($recordSet->fields['userdb_emailaddress']);
$formatted_expiration = $recordSet->UserTimeStamp($recordSet->fields['listingsdb_expiration'], $config["date_format_timestamp"]);
$listingID = $recordSet->fields['listingsdb_id'];
$hit_count = $misc->make_db_unsafe($recordSet->fields['listingsdb_hit_count']);
if ($active == 'yes') {
$active = '<span class="edit_listings_' . $active . '">' . $lang['yes'] . '</span>';
} elseif ($active == 'no') {
$active = '<span class="edit_listings_' . $active . '">' . $lang['no'] . '</span>';
}
if ($featured == 'yes') {
$featured = '<span class="edit_listings_' . $featured . '">' . $lang['yes'] . '</span>';
} elseif ($featured == 'no') {
$featured = '<span class="edit_listings_' . $featured . '">' . $lang['no'] . '</span>';
}
//Add filters to link
if (isset($_POST['lookup_field']) && isset($_POST['lookup_value'])) {
$_GET['lookup_field'] = $_POST['lookup_field'];
$_GET['lookup_value'] = $_POST['lookup_value'];
}
if (isset($_GET['lookup_field']) && isset($_GET['lookup_value'])) {
$_POST['lookup_field'] = $_GET['lookup_field'];
$_POST['lookup_value'] = $_GET['lookup_value'];
}
if ($only_my_listings == true) {
$edit_link = $config['baseurl'] . '/admin/index.php?action=edit_my_listings&edit=' . $listingID;
$delete_link = $config['baseurl'] . '/admin/index.php?action=edit_my_listings&delete=' . $listingID;
} else {
$edit_link = $config['baseurl'] . '/admin/index.php?action=edit_listings&edit=' . $listingID;
$delete_link = $config['baseurl'] . '/admin/index.php?action=edit_listings&delete=' . $listingID;
}
$email_link = 'mailto:' . $email;
$listing = $page->replace_listing_field_tags($listingID, $listing);
$listing = $page->parse_template_section($listing, 'listingid', $listingID);
$listing = $page->parse_template_section($listing, 'edit_listing_link', $edit_link);
$listing = $page->parse_template_section($listing, 'delete_listing_link', $delete_link);
$listing = $page->parse_template_section($listing, 'email_agent_link', $email_link);
$listing = $page->parse_template_section($listing, 'listing_active_status', $active);
$listing = $page->parse_template_section($listing, 'listing_featured_status', $featured);
$listing = $page->parse_template_section($listing, 'listing_expiration', $formatted_expiration);
$listing = $page->parse_template_section($listing, 'listing_notes', $notes);
$listing = $page->parse_template_section($listing, 'row_num_even_odd', $count);
$listing = $page->parse_template_section($listing, 'listing_hit_count', $hit_count);
$addon_fields = $page->get_addon_template_field_list($addons);
$listing = $page->parse_addon_tags($listing, $addon_fields);
if ($config["use_expiration"] == 0) {
$listing = $page->remove_template_block('show_expiration', $listing);
} else {
$listing = $page->cleanup_template_block('show_expiration', $listing);
}
$recordSet->MoveNext();
}
// end while
$page->replace_template_section('listing_dataset', $listing);
$page->replace_permission_tags();
$display .= $page->return_page();
}
// end if $edit == ""
} else {
$display .= '<div class="error_text">' . $lang['access_denied'] . '</div>';
}
return $display;
}
/**
* user::view_user()
*
* @param $type
* @return
*/
function view_users()
{
global $conn, $config, $lang, $agent_id;
require_once $config['basepath'] . '/include/misc.inc.php';
require_once $config['basepath'] . '/include/images.inc.php';
require_once $config['basepath'] . '/include/class/template/core.inc.php';
$misc = new misc();
$display = '';
$user_section = '';
$page = new page_user();
$page->load_page($config['template_path'] . '/view_users_default.html');
//Get User Count
$sql = "SELECT count(userdb_id) as user_count FROM " . $config['table_prefix'] . "userdb where userdb_is_agent = 'yes' and userdb_active = 'yes' order by userdb_rank,userdb_user_name";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$num_rows = $recordSet->fields['user_count'];
if ($config["show_admin_on_agent_list"] == 0) {
$options = "userdb_is_agent = 'yes'";
} else {
$options = "(userdb_is_agent = 'yes' or userdb_is_admin = 'yes')";
}
$sql = "SELECT userdb_user_name, userdb_user_first_name, userdb_user_last_name, userdb_id FROM " . $config['table_prefix'] . "userdb where " . $options . " and userdb_active = 'yes' order by userdb_rank,userdb_user_name";
//Handle Pagnation
if (!isset($_GET['cur_page'])) {
$_GET['cur_page'] = 0;
}
$limit_str = intval($_GET['cur_page']) * $config['users_per_page'];
$some_num = intval($_GET['cur_page']) + 1;
$next_prev = $misc->next_prev($num_rows, intval($_GET['cur_page']), $guidestring);
// put in the next/previous stuff
$recordSet = $conn->SelectLimit($sql, $config['users_per_page'], $limit_str);
//$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$first_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_first_name']);
$last_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_last_name']);
$agent_id = $misc->make_db_unsafe($recordSet->fields['userdb_id']);
$agent_link = user::get_agent_link($recordSet->fields['userdb_id']);
$agent_contact_link = user::contact_agent_link($agent_id);
$agent_fields = user::renderUserInfo($agent_id);
$user_section .= $page->get_template_section('user_block');
$user_section = $page->parse_template_section($user_section, 'agent_first_name', $first_name);
$user_section = $page->parse_template_section($user_section, 'agent_last_name', $last_name);
$user_section = $page->parse_template_section($user_section, 'agent_id', $agent_id);
$user_section = $page->parse_template_section($user_section, 'agent_contact_link', $agent_contact_link);
$user_section = $page->parse_template_section($user_section, 'agent_fields', $agent_fields);
$user_section = $page->parse_template_section($user_section, 'agent_link', $agent_link);
// Insert Agent Image
$sql2 = "SELECT userimages_thumb_file_name FROM " . $config['table_prefix'] . "userimages WHERE userdb_id = {$agent_id} ORDER BY userimages_rank";
$recordSet2 = $conn->Execute($sql2);
if ($recordSet2 === false) {
$misc->log_error($sql2);
}
$num_images = $recordSet2->RecordCount();
if ($num_images == 0) {
if ($config['show_no_photo'] == 1) {
$agent_image = '<img src="images/nophoto.gif" alt="' . $lang['no_photo'] . '" />';
$raw_agent_image = 'images/nophoto.gif';
$user_section = $page->cleanup_template_block('agent_image_thumb_1', $user_section);
} else {
$agent_image = '';
$raw_agent_image = '';
}
$user_section = $page->parse_template_section($user_section, 'agent_image_thumb_1', $agent_image);
$user_section = $page->parse_template_section($user_section, 'raw_agent_image_thumb_1', $raw_agent_image);
$user_section = $page->remove_template_block('agent_image_thumb_[1-9]', $user_section);
}
$x = 1;
while (!$recordSet2->EOF) {
$thumb_file_name = $misc->make_db_unsafe($recordSet2->fields['userimages_thumb_file_name']);
if ($thumb_file_name != "") {
// gotta grab the image size
$imagedata = GetImageSize("{$config['user_upload_path']}/{$thumb_file_name}");
$imagewidth = $imagedata[0];
$imageheight = $imagedata[1];
$shrinkage = $config['thumbnail_width'] / $imagewidth;
$displaywidth = $imagewidth * $shrinkage;
$displayheight = $imageheight * $shrinkage;
$agent_image = '<img src="' . $config['user_view_images_path'] . '/' . $thumb_file_name . '" height="' . $displayheight . '" width="' . $displaywidth . '" alt="' . $thumb_file_name . '" />';
$raw_agent_image = $config['user_view_images_path'] . '/' . $thumb_file_name;
}
// end if ($thumb_file_name != "")
// We have the image so insert it into the section.
$user_section = $page->parse_template_section($user_section, 'agent_image_thumb_' . $x, $agent_image);
$user_section = $page->parse_template_section($user_section, 'raw_agent_image_thumb_' . $x, $raw_agent_image);
$user_section = $page->cleanup_template_block('agent_image_thumb_' . $x, $user_section);
$x++;
$recordSet2->MoveNext();
}
// end while
$user_section = preg_replace('{agent_image_thumb_(.*?)}', '', $user_section);
$user_section = preg_replace('{raw_agent_image_thumb_(.*?)}', '', $user_section);
$user_section = $page->remove_template_block('agent_image_thumb_[1-9]', $user_section);
$recordSet->MoveNext();
}
$page->replace_template_section('user_block', $user_section);
$page->page = str_replace('{next_prev}', $next_prev, $page->page);
return $page->page;
}
function renderNotifyListings($listingIDArray, $search_title, $user_name, $email)
{
global $conn, $lang, $config, $db_type, $current_ID;
//Load the Core Template class and the Misc Class
require_once $config['basepath'] . '/include/class/template/core.inc.php';
$page = new page_user();
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
require_once $config['basepath'] . '/include/listing.inc.php';
$listingclass = new listing_pages();
//Declare an empty display variable to hold all output from function.
$display = '';
//If We have a $current_ID save it
$old_current_ID = '';
if ($current_ID != '') {
$old_current_ID = $current_ID;
}
//Load the Notify Listing Template specified in the Site Config
$page->load_page($config['template_path'] . '/' . $config['notify_listings_template']);
// Determine if the template uses rows.
// First item in array is the row conent second item is the number of block per block row
$notify_template_row = $page->get_template_section_row('notify_listing_block_row');
if (is_array($notify_template_row)) {
$row = $notify_template_row[0];
$col_count = $notify_template_row[1];
$user_rows = true;
$x = 1;
//Create an empty array to hold the row conents
$new_row_data = array();
} else {
$user_rows = false;
}
$notify_template_section = '';
foreach ($listingIDArray as $current_ID) {
if ($user_rows == true && $x > $col_count) {
//We are at then end of a row. Save the template section as a new row.
$new_row_data[] = $page->replace_template_section('notify_listing_block', $notify_template_section, $row);
//$new_row_data[] = $notify_template_section;
$notify_template_section = $page->get_template_section('notify_listing_block');
$x = 1;
} else {
$notify_template_section .= $page->get_template_section('notify_listing_block');
}
$listing_title = $listingclass->get_title($current_ID);
if ($config['url_style'] == '1') {
$notify_url = $config['baseurl'] . '/index.php?action=listingview&listingID=' . $current_ID;
// #####
} else {
$url_title = str_replace("/", "", $listing_title);
$url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title));
$notify_url = $config['baseurl'] . '/listing-' . misc::urlencode_to_sef($url_title) . '-' . $current_ID . '.html';
// #####
}
$notify_template_section = $page->replace_listing_field_tags($current_ID, $notify_template_section);
$notify_template_section = $page->replace_listing_field_tags($current_ID, $notify_template_section);
$notify_template_section = $page->parse_template_section($notify_template_section, 'notify_url', $notify_url);
$notify_template_section = $page->parse_template_section($notify_template_section, 'listingid', $current_ID);
// Setup Image Tags
$sql2 = "SELECT listingsimages_thumb_file_name,listingsimages_file_name\n\t\t\t\t\tFROM " . $config['table_prefix'] . "listingsimages\n\t\t\t\t\tWHERE (listingsdb_id = {$current_ID})\n\t\t\t\t\tORDER BY listingsimages_rank";
$recordSet2 = $conn->SelectLimit($sql2, 1, 0);
if ($recordSet2 === false) {
$misc->log_error($sql2);
}
if ($recordSet2->RecordCount() > 0) {
$thumb_file_name = $misc->make_db_unsafe($recordSet2->fields['listingsimages_thumb_file_name']);
$file_name = $misc->make_db_unsafe($recordSet2->fields['listingsimages_file_name']);
if ($thumb_file_name != "" && file_exists("{$config['listings_upload_path']}/{$thumb_file_name}")) {
// gotta grab the thumbnail image size
$imagedata = GetImageSize("{$config['listings_upload_path']}/{$thumb_file_name}");
$imagewidth = $imagedata[0];
$imageheight = $imagedata[1];
$shrinkage = $config['thumbnail_width'] / $imagewidth;
$notify_thumb_width = $imagewidth * $shrinkage;
$notify_thumb_height = $imageheight * $shrinkage;
$notify_thumb_src = $config['listings_view_images_path'] . '/' . $thumb_file_name;
// gotta grab the thumbnail image size
$imagedata = GetImageSize("{$config['listings_upload_path']}/{$file_name}");
$imagewidth = $imagedata[0];
$imageheight = $imagedata[1];
$notify_width = $imagewidth;
$notify_height = $imageheight;
$notify_src = $config['listings_view_images_path'] . '/' . $file_name;
}
} else {
if ($config['show_no_photo'] == 1) {
$imagedata = GetImageSize($config['basepath'] . "/images/nophoto.gif");
$imagewidth = $imagedata[0];
$imageheight = $imagedata[1];
$shrinkage = $config['thumbnail_width'] / $imagewidth;
$notify_thumb_width = $imagewidth * $shrinkage;
$notify_thumb_height = $imageheight * $shrinkage;
$notify_thumb_src = $config['baseurl'] . '/images/nophoto.gif';
$notify_width = $notify_thumb_width;
$notify_height = $notify_thumb_height;
$notify_src = $config['baseurl'] . '/images/nophoto.gif';
} else {
$notify_thumb_width = '';
$notify_thumb_height = '';
$notify_thumb_src = '';
$notify_width = '';
$notify_height = '';
$notify_src = '';
}
}
if (!empty($notify_thumb_src)) {
$notify_template_section = $page->parse_template_section($notify_template_section, 'notify_thumb_src', $notify_thumb_src);
$notify_template_section = $page->parse_template_section($notify_template_section, 'notify_thumb_height', $notify_thumb_height);
$notify_template_section = $page->parse_template_section($notify_template_section, 'notify_thumb_width', $notify_thumb_width);
$notify_template_section = $page->cleanup_template_block('notify_img', $notify_template_section);
} else {
$notify_template_section = $page->remove_template_block('notify_img', $notify_template_section);
}
if (!empty($notify_src)) {
$notify_template_section = $page->parse_template_section($notify_template_section, 'notify_large_src', $notify_src);
$notify_template_section = $page->parse_template_section($notify_template_section, 'notify_large_height', $notify_height);
$notify_template_section = $page->parse_template_section($notify_template_section, 'notify_large_width', $notify_width);
$notify_template_section = $page->cleanup_template_block('notify_img_large', $notify_template_section);
} else {
$notify_template_section = $page->remove_template_block('notify_img_large', $notify_template_section);
}
if ($user_rows == true) {
$x++;
}
}
if ($user_rows == true) {
$notify_template_section = $page->cleanup_template_block('notify_listing', $notify_template_section);
$new_row_data[] = $page->replace_template_section('notify_listing_block', $notify_template_section, $row);
$replace_row = '';
foreach ($new_row_data as $rows) {
$replace_row .= $rows;
}
$page->replace_template_section_row('notify_listing_block_row', $replace_row);
} else {
$page->replace_template_section('notify_listing_block', $notify_template_section);
}
$page->replace_permission_tags();
$page->replace_urls();
$page->auto_replace_tags();
$page->replace_lang_template_tags();
$display .= $page->return_page();
$current_ID = '';
if ($old_current_ID != '') {
$current_ID = $old_current_ID;
}
return $display;
}
function next_prev($num_rows, $cur_page, $guidestring = '', $template = '', $admin = FALSE)
{
global $lang, $config;
require_once $config['basepath'] . '/include/class/template/core.inc.php';
$page = new page_user();
if (isset($template) && $template != '') {
$template_file = 'next_prev_' . $template . '.html';
} else {
$template_file = 'next_prev.html';
}
if ($admin == TRUE) {
$page->load_page($config['admin_template_path'] . '/' . $template_file);
} else {
$page->load_page($config['template_path'] . '/' . $template_file);
}
$guidestring = '';
$guidestring_no_action = '';
$guidestring_with_sort = '';
// Save GET
foreach ($_GET as $k => $v) {
if ($v && $k != 'cur_page' && $k != 'PHPSESSID') {
if (is_array($v)) {
foreach ($v as $vitem) {
$guidestring .= '&' . urlencode("{$k}") . '[]=' . urlencode("{$vitem}");
}
} else {
$guidestring .= '&' . urlencode("{$k}") . '=' . urlencode("{$v}");
}
}
if ($v && $k != 'cur_page' && $k != 'PHPSESSID' && $k != 'action') {
if (is_array($v)) {
foreach ($v as $vitem) {
$guidestring_no_action .= '&' . urlencode("{$k}") . '[]=' . urlencode("{$vitem}");
}
} else {
$guidestring_no_action .= '&' . urlencode("{$k}") . '=' . urlencode("{$v}");
}
}
}
$page->page = str_replace('{nextprev_guidestring}', $guidestring, $page->page);
$page->page = str_replace('{nextprev_guidestring_no_action}', $guidestring_no_action, $page->page);
if ($cur_page == "") {
$cur_page = 0;
}
$page_num = $cur_page + 1;
$page->page = str_replace('{nextprev_num_rows}', $num_rows, $page->page);
if ($_GET['action'] == 'view_log') {
$items_per_page = 25;
$page->page = str_replace('{nextprev_page_type}', $lang['log'], $page->page);
$page->page = str_replace('{nextprev_meet_your_search}', $lang['logs_meet_your_search'], $page->page);
if ($num_rows == 1) {
$page->page = $page->remove_template_block('!nextprev_num_of_rows_is_1', $page->page);
$page->page = $page->cleanup_template_block('nextprev_num_of_rows_is_1', $page->page);
} else {
$page->page = $page->remove_template_block('nextprev_num_of_rows_is_1', $page->page);
$page->page = $page->cleanup_template_block('!nextprev_num_of_rows_is_1', $page->page);
}
} elseif ($_GET['action'] == 'view_users') {
$items_per_page = $config['users_per_page'];
$page->page = str_replace('{nextprev_page_type}', $lang['agent'], $page->page);
$page->page = str_replace('{nextprev_meet_your_search}', $lang['agents'], $page->page);
if ($num_rows == 1) {
$page->page = $page->remove_template_block('!nextprev_num_of_rows_is_1', $page->page);
$page->page = $page->cleanup_template_block('nextprev_num_of_rows_is_1', $page->page);
} else {
$page->page = $page->remove_template_block('nextprev_num_of_rows_is_1', $page->page);
$page->page = $page->cleanup_template_block('!nextprev_num_of_rows_is_1', $page->page);
}
} else {
$items_per_page = $config['listings_per_page'];
$page->page = str_replace('{nextprev_page_type}', $lang['listing'], $page->page);
$page->page = str_replace('{nextprev_meet_your_search}', $lang['listings_meet_your_search'], $page->page);
if ($num_rows == 1) {
$page->page = $page->remove_template_block('!nextprev_num_of_rows_is_1', $page->page);
$page->page = $page->cleanup_template_block('nextprev_num_of_rows_is_1', $page->page);
} else {
$page->page = $page->remove_template_block('nextprev_num_of_rows_is_1', $page->page);
$page->page = $page->cleanup_template_block('!nextprev_num_of_rows_is_1', $page->page);
}
}
$total_num_page = ceil($num_rows / $items_per_page);
if ($total_num_page == 0) {
$listing_num_min = 0;
$listing_num_max = 0;
} else {
$listing_num_min = $cur_page * $items_per_page + 1;
if ($page_num == $total_num_page) {
$listing_num_max = $num_rows;
} else {
$listing_num_max = $page_num * $items_per_page;
}
}
$page->page = str_replace('{nextprev_listing_num_min}', $listing_num_min, $page->page);
$page->page = str_replace('{nextprev_listing_num_max}', $listing_num_max, $page->page);
$prevpage = $cur_page - 1;
$nextpage = $cur_page + 1;
$next10page = $cur_page + 10;
$prev10page = $cur_page - 10;
$next_minus10page = $cur_page - 10;
$page->page = str_replace('{nextprev_nextpage}', $nextpage, $page->page);
$page->page = str_replace('{nextprev_prevpage}', $prevpage, $page->page);
$page->page = str_replace('{nextprev_next10page}', $next10page, $page->page);
$page->page = str_replace('{nextprev_prev10page}', $prev10page, $page->page);
if ($_GET['action'] == 'searchresults') {
$page->page = $page->cleanup_template_block('nextprev_show_save_search', $page->page);
} else {
$page->page = $page->remove_template_block('nextprev_show_save_search', $page->page);
}
if ($_GET['action'] == 'searchresults') {
$page->page = $page->cleanup_template_block('nextprev_show_refine_search', $page->page);
} else {
$page->page = $page->remove_template_block('nextprev_show_refine_search', $page->page);
}
if ($page_num <= 1) {
$page->page = $page->cleanup_template_block('nextprev_is_firstpage', $page->page);
$page->page = $page->remove_template_block('!nextprev_is_firstpage', $page->page);
}
if ($page_num > 1) {
$page->page = $page->cleanup_template_block('!nextprev_is_firstpage', $page->page);
$page->page = $page->remove_template_block('nextprev_is_firstpage', $page->page);
}
//end if ($page_num > 10)
// begin 10 page menu selection
$count = $cur_page;
//Determine Where to Start the Page Count At
$count_start = $count - 10;
if ($count_start < 0) {
$count_start = 0;
$real_count_start = 0;
} else {
while (!preg_match("/0\$/", $count_start)) {
$count_start++;
}
}
//echo 'Count Start '.$count_start.'<br />';
//$count = ($count - $lastnum);
$page_section_part = $page->get_template_section('nextprev_page_section');
$page_section = '';
$reverse_count = $count_start;
while ($count > $count_start) {
//echo 'Count '.$count.'<br />';
//echo 'Reverse Count '.$reverse_count.'<br />';
// If the last number is a zero, it's divisible by 10 check it...
if (preg_match("/0\$/", $count)) {
break;
}
$page_section .= $page_section_part;
$disp_count = $reverse_count + 1;
$page_section = str_replace('{nextprev_count}', $reverse_count, $page_section);
$page_section = str_replace('{nextprev_disp_count}', $disp_count, $page_section);
$page_section = $page->cleanup_template_block('nextprev_page_other', $page_section);
$page_section = $page->remove_template_block('nextprev_page_current', $page_section);
$count--;
$reverse_count++;
}
$count = $cur_page;
while ($count < $total_num_page) {
$page_section .= $page_section_part;
$disp_count = $count + 1;
$page_section = str_replace('{nextprev_count}', $count, $page_section);
$page_section = str_replace('{nextprev_disp_count}', $disp_count, $page_section);
if ($page_num == $disp_count) {
// the currently selected page
$page_section = $page->cleanup_template_block('nextprev_page_current', $page_section);
$page_section = $page->remove_template_block('nextprev_page_other', $page_section);
} else {
$page_section = $page->cleanup_template_block('nextprev_page_other', $page_section);
$page_section = $page->remove_template_block('nextprev_page_current', $page_section);
}
$count++;
// If the last number is a zero, it's divisible by 10 check it...
if (!($count % 10)) {
break;
}
}
// end while ($count <= 10)
$page->replace_template_section('nextprev_page_section', $page_section);
if ($page_num >= $total_num_page) {
$page->page = $page->cleanup_template_block('nextprev_lastpage', $page->page);
$page->page = $page->remove_template_block('!nextprev_lastpage', $page->page);
}
if ($page_num < $total_num_page) {
$diff = $total_num_page - $cur_page;
$page->page = $page->cleanup_template_block('!nextprev_lastpage', $page->page);
$page->page = $page->remove_template_block('nextprev_lastpage', $page->page);
}
//end if
// search buttons
if ($page_num >= 11) {
// previous 10 page
$page->page = $page->cleanup_template_block('nextprev_prev_100_button', $page->page);
$page->page = $page->remove_template_block('!nextprev_prev_100_button', $page->page);
} else {
$page->page = $page->cleanup_template_block('!nextprev_prev_100_button', $page->page);
$page->page = $page->remove_template_block('nextprev_prev_100_button', $page->page);
}
// Next 100 button
if ($cur_page < $total_num_page - $config['listings_per_page'] && $total_num_page > 10) {
$page->page = $page->cleanup_template_block('nextprev_next_100_button', $page->page);
$page->page = $page->remove_template_block('!nextprev_next_100_button', $page->page);
} else {
$page->page = $page->cleanup_template_block('!nextprev_next_100_button', $page->page);
$page->page = $page->remove_template_block('nextprev_next_100_button', $page->page);
}
if ($_GET['action'] == 'view_log' && $_SESSION['admin_privs'] == "yes") {
$page->page = $page->cleanup_template_block('nextprev_clearlog', $page->page);
} else {
$page->page = $page->remove_template_block('nextprev_clearlog', $page->page);
}
return $page->page;
}
function edit_post_comments()
{
global $conn, $lang, $config;
$security = login::loginCheck('can_access_blog_manager', true);
$display = '';
$blog_user_type = intval($_SESSION['blog_user_type']);
if ($security === true) {
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
//Load the Core Template
require_once $config['basepath'] . '/include/class/template/core.inc.php';
$page = new page_user();
require_once $config['basepath'] . '/include/user.inc.php';
$userclass = new user();
require_once $config['basepath'] . '/include/blog_functions.inc.php';
$blog_functions = new blog_functions();
//Load TEmplate File
$page->load_page($config['admin_template_path'] . '/blog_edit_comments.html');
// Do we need to save?
if (isset($_GET['id'])) {
$post_id = intval($_GET['id']);
//Get Blog Post Information
$blog_title = $blog_functions->get_blog_title($post_id);
$page->page = $page->parse_template_section($page->page, 'blog_title', $blog_title);
$blog_author = $blog_functions->get_blog_author($post_id);
$page->page = $page->parse_template_section($page->page, 'blog_author', $blog_author);
$blog_date_posted = $blog_functions->get_blog_date($post_id);
$page->page = $page->parse_template_section($page->page, 'blog_date_posted', $blog_date_posted);
//Handle any deletions and comment approvals before we load the comments
if (isset($_GET['caction']) && $_GET['caction'] == 'delete') {
if (isset($_GET['cid'])) {
$cid = intval($_GET['cid']);
//Do permission checks.
if ($blog_user_type < 4) {
//Throw Error
$display .= '<div class="error_message">' . $lang['blog_permission_denied'] . '</div><br />';
unset($_GET['caction']);
$display .= $this->edit_post_comments();
return $display;
}
//Delete
$sql = 'DELETE FROM ' . $config['table_prefix'] . 'blogcomments WHERE blogcomments_id = ' . $cid . ' AND blogmain_id = ' . $post_id;
//Load Record Set
$recordSet = $conn->Execute($sql);
if (!$recordSet) {
$misc->log_error($sql);
}
}
}
if (isset($_GET['caction']) && $_GET['caction'] == 'approve') {
if (isset($_GET['cid'])) {
$cid = intval($_GET['cid']);
//Do permission checks.
if ($blog_user_type < 4) {
//Throw Error
$display .= '<div class="error_message">' . $lang['blog_permission_denied'] . '</div><br />';
unset($_GET['caction']);
$display .= $this->edit_post_comments();
return $display;
}
//Delete
$sql = 'UPDATE ' . $config['table_prefix'] . 'blogcomments SET blogcomments_moderated = 1 WHERE blogcomments_id = ' . $cid . ' AND blogmain_id = ' . $post_id;
//Load Record Set
$recordSet = $conn->Execute($sql);
if (!$recordSet) {
$misc->log_error($sql);
}
}
}
//Ok Load the comments.
$sql = 'SELECT * FROM ' . $config['table_prefix'] . 'blogcomments WHERE blogmain_id = ' . $post_id . ' ORDER BY blogcomments_timestamp ASC';
//Load Record Set
$recordSet = $conn->Execute($sql);
if (!$recordSet) {
$misc->log_error($sql);
}
//Handle Next prev
$num_rows = $recordSet->RecordCount();
if (!isset($_GET['cur_page'])) {
$_GET['cur_page'] = 0;
}
$limit_str = $_GET['cur_page'] * $config['listings_per_page'];
$recordSet = $conn->SelectLimit($sql, $config['listings_per_page'], $limit_str);
if ($recordSet === false) {
$misc->log_error($sql);
}
$blog_comment_template = '';
while (!$recordSet->EOF) {
//Load DB Values
$comment_author_id = $misc->make_db_unsafe($recordSet->fields['userdb_id']);
$blogcomments_id = $misc->make_db_unsafe($recordSet->fields['blogcomments_id']);
$blogcomments_moderated = $misc->make_db_unsafe($recordSet->fields['blogcomments_moderated']);
$blogcomments_timestamp = $misc->make_db_unsafe($recordSet->fields['blogcomments_timestamp']);
$blogcomments_text = html_entity_decode($misc->make_db_unsafe($recordSet->fields['blogcomments_text']), ENT_NOQUOTES, $config['charset']);
//Load Template Block
$blog_comment_template .= $page->get_template_section('blog_article_comment_item_block');
//Lookup Blog Author..
$author_type = $userclass->get_user_type($comment_author_id);
if ($author_type == 'member') {
$author_display = $userclass->get_user_name($comment_author_id);
} else {
$author_display = $userclass->get_user_last_name($comment_author_id) . ', ' . $userclass->get_user_first_name($comment_author_id);
}
$blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_author', $author_display);
if ($config['date_format'] == 1) {
$format = "m/d/Y";
} elseif ($config['date_format'] == 2) {
$format = "Y/d/m";
} elseif ($config['date_format'] == 3) {
$format = "d/m/Y";
}
$blog_comment_date_posted = date($format, "{$blogcomments_timestamp}");
$blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_date_posted', $blog_comment_date_posted);
$blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_text', $blogcomments_text);
//Add Delete COmment Link
//{blog_comment_delete_url}
$blog_comment_delete_url = 'index.php?action=edit_blog_post_comments&id=' . $post_id . '&caction=delete&cid=' . $blogcomments_id;
$blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_delete_url', $blog_comment_delete_url);
$blog_comment_approve_url = 'index.php?action=edit_blog_post_comments&id=' . $post_id . '&caction=approve&cid=' . $blogcomments_id;
$blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_approve_url', $blog_comment_approve_url);
//Do Security Checks
if ($blog_user_type < 4) {
$blog_comment_template = $page->remove_template_block('blog_article_comment_approve', $blog_comment_template);
$blog_comment_template = $page->remove_template_block('blog_article_comment_delete', $blog_comment_template);
}
//Handle Moderation
if ($blogcomments_moderated == 1) {
$blog_comment_template = $page->remove_template_block('blog_article_comment_approve', $blog_comment_template);
} else {
$blog_comment_template = $page->cleanup_template_block('blog_article_comment_approve', $blog_comment_template);
}
$recordSet->MoveNext();
}
$page->replace_template_section('blog_article_comment_item_block', $blog_comment_template);
$next_prev = $misc->next_prev($num_rows, $_GET['cur_page'], "", 'blog', TRUE);
$page->replace_tag('next_prev', $next_prev);
$page->replace_permission_tags();
$page->auto_replace_tags('', true);
$display .= $page->return_page();
}
}
return $display;
}
