function rss_view($option) { global $conn, $lang, $config; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); $display = ''; $sql = 'SELECT listingsdb_id,listingsdb_last_modified FROM ' . $config['table_prefix'] . 'listingsdb WHERE '; //Allow Filtering by agent ID if (isset($_GET['agent_id'])) { if (!is_array($_GET['agent_id'])) { $id = $_GET['agent_id']; unset($_GET['agent_id']); $_GET['agent_id'][] = $id; } $aidset = FALSE; foreach ($_GET['agent_id'] as $aid) { if (is_numeric($aid)) { if ($aidset) { $sql .= ' AND userdb_id = ' . $aid; } else { $sql .= ' userdb_id = ' . $aid; } $aidset = TRUE; } } if ($aidset) { $sql .= ' AND '; } } //Decide with RSS feed to show switch ($option) { case 'featured': if (intval($config['rss_limit_featured']) > 0) { $sql .= ' listingsdb_featured = \'yes\' AND listingsdb_active = \'yes\' LIMIT 0, ' . intval($config['rss_limit_featured']); } else { $sql .= ' listingsdb_featured = \'yes\' AND listingsdb_active = \'yes\' '; } $rsslink = $config['baseurl'] . '/index.php?action=rss_featured_listings'; $rsstitle = $config['rss_title_featured']; $rssdesc = $config['rss_desc_featured']; $rsslistingdesc = $config['rss_listingdesc_featured']; break; case 'lastmodified': if (intval($config['rss_limit_lastmodified']) > 0) { $sql .= ' listingsdb_active = \'yes\' ORDER BY listingsdb_last_modified DESC LIMIT 0, ' . intval($config['rss_limit_lastmodified']); } else { $sql .= ' listingsdb_active = \'yes\' ORDER BY listingsdb_last_modified DESC'; } $rsslink = $config['baseurl'] . '/index.php?action=rss_featured_listings'; $rsstitle = $config['rss_title_lastmodified']; $rssdesc = $config['rss_desc_lastmodified']; $rsslistingdesc = $config['rss_listingdesc_lastmodified']; break; } $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } //Get RSS Template require_once $config['basepath'] . '/include/class/template/core.inc.php'; $page = new page_user(); $page->load_page($config['template_path'] . '/rss.html', FALSE); $page->replace_tag('rss_webroot', $rsslink); $page->replace_tag('rss_description', $rssdesc); $page->replace_tag('rss_title', $rsstitle); $page->replace_tag('rss_listing_description', $rsslistingdesc); $listing_template = $page->get_template_section('rss_listing_block'); $completed_listing_template = ''; while (!$recordSet->EOF) { // first, check to see whether the listing is currently active //Lookup Class $sql2 = "SELECT class_id FROM " . $config['table_prefix_no_lang'] . "classlistingsdb WHERE listingsdb_id = " . $recordSet->fields['listingsdb_id']; $recordSet2 = $conn->SelectLimit($sql2, 1, 0); $num = $recordSet2->RecordCount(); if ($recordSet2 === false) { $misc->log_error($sql); } $class = $recordSet2->fields['class_id']; $completed_listing_template .= $page->replace_listing_field_tags($recordSet->fields['listingsdb_id'], $listing_template, TRUE); $completed_listing_template = str_replace('{rss_listing_guid}', base64_encode($recordSet->fields['listingsdb_id'] . '-' . $recordSet->fields['listingsdb_last_modified']), $completed_listing_template); $recordSet->MoveNext(); } $page->replace_template_section('rss_listing_block', $completed_listing_template); $display = $page->return_page(); return $display; }
public static function listing_view() { global $conn, $lang, $config; $display = ''; if (isset($_GET['listingID']) && $_GET['listingID'] != "" && is_numeric($_GET['listingID'])) { $sql = 'SELECT listingsdb_id FROM ' . $config['table_prefix'] . 'listingsdb WHERE listingsdb_id=' . $_GET['listingID']; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $num = $recordSet->RecordCount(); if ($num != 0) { // first, check to see whether the listing is currently active $show_listing = listing_pages::checkActive($_GET['listingID']); if ($show_listing == "yes") { require_once $config['basepath'] . '/include/class/template/core.inc.php'; $page = new page_user(); //Lookup Class $sql2 = "SELECT class_id FROM " . $config['table_prefix_no_lang'] . "classlistingsdb WHERE listingsdb_id = {$_GET['listingID']}"; $recordSet2 = $conn->SelectLimit($sql2, 1, 0); $num = $recordSet2->RecordCount(); if ($recordSet2 === false) { $misc->log_error($sql2); } $class = $recordSet2->fields['class_id']; if (file_exists($config['template_path'] . '/listing_detail_pclass' . $class . '.html')) { $page->load_page($config['template_path'] . '/listing_detail_pclass' . $class . '.html'); } else { $page->load_page($config['template_path'] . '/' . $config['listing_template']); } $sections = explode(',', $config['template_listing_sections']); foreach ($sections as $section) { $replace = listing_pages::renderTemplateArea($section, $_GET['listingID']); $page->replace_tag($section, $replace); } $page->replace_listing_field_tags($_GET['listingID']); // Check to see if listing owner is an admin only. $is_admin = listing_pages::getListingAgentAdminStatus($_GET['listingID']); if ($is_admin == true && $config["show_listedby_admin"] == 0) { $page->page = $page->remove_template_block('show_listed_by_admin', $page->page); $page->page = $page->cleanup_template_block('!show_listed_by_admin', $page->page); } else { $page->page = $page->cleanup_template_block('show_listed_by_admin', $page->page); $page->page = $page->remove_template_block('!show_listed_by_admin', $page->page); } if ($config['show_next_prev_listing_page'] == 1) { $next_prev = listing_pages::listing_next_prev(); $page->page = str_replace('{next_prev}', $next_prev, $page->page); } else { $page->page = str_replace('{next_prev}', '', $page->page); } require_once $config['basepath'] . '/include/vtour.inc.php'; $goodvtour = vtours::goodvtour($_GET['listingID']); if ($goodvtour == true) { $page->page = $page->cleanup_template_block('vtour_tab', $page->page); } else { $page->page = $page->remove_template_block('vtour_tab', $page->page); } $display .= $page->return_page(); } else { $display .= $lang['this_listing_is_not_active']; } } else { $display .= "<a href=\"index.php\">{$lang['perhaps_you_were_looking_something_else']}</a>"; } } else { $display .= "<a href=\"index.php\">{$lang['perhaps_you_were_looking_something_else']}</a>"; } return $display; }
function edit_post_comments() { global $conn, $lang, $config; $security = login::loginCheck('can_access_blog_manager', true); $display = ''; $blog_user_type = intval($_SESSION['blog_user_type']); if ($security === true) { require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); //Load the Core Template require_once $config['basepath'] . '/include/class/template/core.inc.php'; $page = new page_user(); require_once $config['basepath'] . '/include/user.inc.php'; $userclass = new user(); require_once $config['basepath'] . '/include/blog_functions.inc.php'; $blog_functions = new blog_functions(); //Load TEmplate File $page->load_page($config['admin_template_path'] . '/blog_edit_comments.html'); // Do we need to save? if (isset($_GET['id'])) { $post_id = intval($_GET['id']); //Get Blog Post Information $blog_title = $blog_functions->get_blog_title($post_id); $page->page = $page->parse_template_section($page->page, 'blog_title', $blog_title); $blog_author = $blog_functions->get_blog_author($post_id); $page->page = $page->parse_template_section($page->page, 'blog_author', $blog_author); $blog_date_posted = $blog_functions->get_blog_date($post_id); $page->page = $page->parse_template_section($page->page, 'blog_date_posted', $blog_date_posted); //Handle any deletions and comment approvals before we load the comments if (isset($_GET['caction']) && $_GET['caction'] == 'delete') { if (isset($_GET['cid'])) { $cid = intval($_GET['cid']); //Do permission checks. if ($blog_user_type < 4) { //Throw Error $display .= '<div class="error_message">' . $lang['blog_permission_denied'] . '</div><br />'; unset($_GET['caction']); $display .= $this->edit_post_comments(); return $display; } //Delete $sql = 'DELETE FROM ' . $config['table_prefix'] . 'blogcomments WHERE blogcomments_id = ' . $cid . ' AND blogmain_id = ' . $post_id; //Load Record Set $recordSet = $conn->Execute($sql); if (!$recordSet) { $misc->log_error($sql); } } } if (isset($_GET['caction']) && $_GET['caction'] == 'approve') { if (isset($_GET['cid'])) { $cid = intval($_GET['cid']); //Do permission checks. if ($blog_user_type < 4) { //Throw Error $display .= '<div class="error_message">' . $lang['blog_permission_denied'] . '</div><br />'; unset($_GET['caction']); $display .= $this->edit_post_comments(); return $display; } //Delete $sql = 'UPDATE ' . $config['table_prefix'] . 'blogcomments SET blogcomments_moderated = 1 WHERE blogcomments_id = ' . $cid . ' AND blogmain_id = ' . $post_id; //Load Record Set $recordSet = $conn->Execute($sql); if (!$recordSet) { $misc->log_error($sql); } } } //Ok Load the comments. $sql = 'SELECT * FROM ' . $config['table_prefix'] . 'blogcomments WHERE blogmain_id = ' . $post_id . ' ORDER BY blogcomments_timestamp ASC'; //Load Record Set $recordSet = $conn->Execute($sql); if (!$recordSet) { $misc->log_error($sql); } //Handle Next prev $num_rows = $recordSet->RecordCount(); if (!isset($_GET['cur_page'])) { $_GET['cur_page'] = 0; } $limit_str = $_GET['cur_page'] * $config['listings_per_page']; $recordSet = $conn->SelectLimit($sql, $config['listings_per_page'], $limit_str); if ($recordSet === false) { $misc->log_error($sql); } $blog_comment_template = ''; while (!$recordSet->EOF) { //Load DB Values $comment_author_id = $misc->make_db_unsafe($recordSet->fields['userdb_id']); $blogcomments_id = $misc->make_db_unsafe($recordSet->fields['blogcomments_id']); $blogcomments_moderated = $misc->make_db_unsafe($recordSet->fields['blogcomments_moderated']); $blogcomments_timestamp = $misc->make_db_unsafe($recordSet->fields['blogcomments_timestamp']); $blogcomments_text = html_entity_decode($misc->make_db_unsafe($recordSet->fields['blogcomments_text']), ENT_NOQUOTES, $config['charset']); //Load Template Block $blog_comment_template .= $page->get_template_section('blog_article_comment_item_block'); //Lookup Blog Author.. $author_type = $userclass->get_user_type($comment_author_id); if ($author_type == 'member') { $author_display = $userclass->get_user_name($comment_author_id); } else { $author_display = $userclass->get_user_last_name($comment_author_id) . ', ' . $userclass->get_user_first_name($comment_author_id); } $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_author', $author_display); if ($config['date_format'] == 1) { $format = "m/d/Y"; } elseif ($config['date_format'] == 2) { $format = "Y/d/m"; } elseif ($config['date_format'] == 3) { $format = "d/m/Y"; } $blog_comment_date_posted = date($format, "{$blogcomments_timestamp}"); $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_date_posted', $blog_comment_date_posted); $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_text', $blogcomments_text); //Add Delete COmment Link //{blog_comment_delete_url} $blog_comment_delete_url = 'index.php?action=edit_blog_post_comments&id=' . $post_id . '&caction=delete&cid=' . $blogcomments_id; $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_delete_url', $blog_comment_delete_url); $blog_comment_approve_url = 'index.php?action=edit_blog_post_comments&id=' . $post_id . '&caction=approve&cid=' . $blogcomments_id; $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_approve_url', $blog_comment_approve_url); //Do Security Checks if ($blog_user_type < 4) { $blog_comment_template = $page->remove_template_block('blog_article_comment_approve', $blog_comment_template); $blog_comment_template = $page->remove_template_block('blog_article_comment_delete', $blog_comment_template); } //Handle Moderation if ($blogcomments_moderated == 1) { $blog_comment_template = $page->remove_template_block('blog_article_comment_approve', $blog_comment_template); } else { $blog_comment_template = $page->cleanup_template_block('blog_article_comment_approve', $blog_comment_template); } $recordSet->MoveNext(); } $page->replace_template_section('blog_article_comment_item_block', $blog_comment_template); $next_prev = $misc->next_prev($num_rows, $_GET['cur_page'], "", 'blog', TRUE); $page->replace_tag('next_prev', $next_prev); $page->replace_permission_tags(); $page->auto_replace_tags('', true); $display .= $page->return_page(); } } return $display; }