/**
* Saves user to the database
*
* @param int $uid user id
* @return string HTML redirect or error message
*
*/
function USER_save($uid)
{
global $_CONF, $_TABLES, $_USER, $LANG28, $_USER_VERBOSE;
$retval = '';
$userChanged = false;
if ($_USER_VERBOSE) {
COM_errorLog("**** entering USER_save()****", 1);
}
if ($_USER_VERBOSE) {
COM_errorLog("group size at beginning = " . sizeof($groups), 1);
}
$uid = COM_applyFilter($_POST['uid'], true);
if ($uid == 0) {
$uid = '';
}
$regdate = COM_applyFilter($_POST['regdate'], true);
$username = trim($_POST['new_username']);
$fullname = COM_truncate(trim(USER_sanitizeName($_POST['fullname'])), 80);
$userstatus = COM_applyFilter($_POST['userstatus'], true);
$oldstatus = COM_applyFilter($_POST['oldstatus'], true);
$passwd = isset($_POST['newp']) ? trim($_POST['newp']) : '';
$passwd_conf = isset($_POST['newp_conf']) ? trim($_POST['newp_conf']) : '';
$cooktime = COM_applyFilter($_POST['cooktime'], true);
$email = trim($_POST['email']);
$email_conf = trim($_POST['email_conf']);
$groups = $_POST['groups'];
$homepage = trim($_POST['homepage']);
$location = strip_tags(trim($_POST['location']));
$photo = isset($_POST['photo']) ? $_POST['photo'] : '';
$delete_photo = isset($_POST['delete_photo']) && $_POST['delete_photo'] == 'on' ? 1 : 0;
$sig = trim($_POST['sig']);
$about = trim($_POST['about']);
$pgpkey = trim($_POST['pgpkey']);
$language = isset($_POST['language']) ? trim(COM_applyFilter($_POST['language'])) : '';
$theme = isset($_POST['theme']) ? trim(COM_applyFilter($_POST['theme'])) : '';
$maxstories = COM_applyFilter($_POST['maxstories'], true);
$tzid = COM_applyFilter($_POST['tzid']);
$dfid = COM_applyFilter($_POST['dfid'], true);
$search_fmt = COM_applyFilter($_POST['search_result_format']);
$commentmode = COM_applyFilter($_POST['commentmode']);
$commentorder = isset($_POST['commentorder']) && $_POST['commentorder'] == 'DESC' ? 'DESC' : 'ASC';
$commentlimit = COM_applyFilter($_POST['commentlimit'], true);
$emailfromuser = isset($_POST['emailfromuser']) && $_POST['emailfromuser'] == 'on' ? 1 : 0;
$emailfromadmin = isset($_POST['emailfromadmin']) && $_POST['emailfromadmin'] == 'on' ? 1 : 0;
$noicons = isset($_POST['noicons']) && $_POST['noicons'] == 'on' ? 1 : 0;
$noboxes = isset($_POST['noboxes']) && $_POST['noboxes'] == 'on' ? 1 : 0;
$showonline = isset($_POST['showonline']) && $_POST['showonline'] == 'on' ? 1 : 0;
$topic_order = isset($_POST['topic_order']) && $_POST['topic_order'] == 'ASC' ? 'ASC' : 'DESC';
$maxstories = COM_applyFilter($_POST['maxstories'], true);
$newuser = COM_applyFilter($_POST['newuser'], true);
$remoteuser = isset($_POST['remoteuser']) && $_POST['remoteuser'] == 'on' ? 1 : 0;
$remoteusername = isset($_POST['remoteusername']) ? strip_tags(trim($_POST['remoteusername'])) : '';
$remoteservice = isset($_POST['remoteservice']) ? COM_applyFilter($_POST['remoteservice']) : '';
$social_services = SOC_followMeProfile($uid);
foreach ($social_services as $service) {
$service_input = $service['service'] . '_username';
$_POST[$service_input] = strip_tags($_POST[$service_input]);
}
if ($uid == 1) {
return USER_list();
}
if ($uid == '' || $uid < 2 || $newuser == 1) {
if (empty($passwd) && $remoteuser == 0) {
return USER_edit($uid, 504);
}
if (empty($email)) {
return USER_edit($uid, 505);
}
}
if ($username == '') {
return USER_edit($uid, 506);
}
if (!USER_validateUsername($username)) {
return USER_edit($uid, 512);
}
if ($email == '') {
return USER_edit($uid, 507);
}
if ($passwd != $passwd_conf && $remoteuser == 0) {
// passwords don't match
return USER_edit($uid, 67);
}
if ($email != $email_conf) {
return USER_edit($uid, 508);
}
// remote user checks
if ($remoteuser == 1) {
if ($remoteusername == '') {
return USER_edit($uid, 513);
}
if ($remoteservice == '') {
return USER_edit($uid, 514);
}
}
$validEmail = true;
if (empty($username)) {
$validEmail = false;
} elseif (empty($email)) {
if (empty($uid)) {
$validEmail = false;
} else {
$ws_user = DB_getItem($_TABLES['users'], 'remoteservice', "uid = " . intval($uid));
if (empty($ws_user)) {
$validEmail = false;
}
}
}
if ($validEmail) {
if (!empty($email) && !COM_isEmail($email)) {
return USER_edit($uid, 52);
}
$uname = DB_escapeString($username);
if (empty($uid)) {
$ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "username = '******'");
} else {
$uservice = DB_getItem($_TABLES['users'], 'remoteservice', "uid = {$uid}");
if ($uservice != '') {
$uservice = DB_escapeString($uservice);
$ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "username = '******' AND uid <> {$uid} AND remoteservice = '{$uservice}'");
} else {
$ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "username = '******' AND uid <> {$uid} AND (remoteservice = '' OR remoteservice IS NULL)");
}
}
if ($ucount > 0) {
// Admin just changed a user's username to one that already exists
return USER_edit($uid, 51);
}
$emailaddr = DB_escapeString($email);
$exclude_remote = " AND (remoteservice IS NULL OR remoteservice = '')";
if (empty($uid)) {
$ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "email = '{$emailaddr}'" . $exclude_remote);
} else {
$old_email = DB_getItem($_TABLES['users'], 'email', "uid = {$uid}");
if ($old_email == $email) {
// email address didn't change so don't care
$ucount = 0;
} else {
$ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "email = '{$emailaddr}' AND uid <> {$uid}" . $exclude_remote);
}
}
if ($ucount > 0) {
// Admin just changed a user's email to one that already exists
return USER_edit($uid, 56);
}
if ($_CONF['custom_registration'] && function_exists('CUSTOM_userCheck')) {
$ret = CUSTOM_userCheck($username, $email);
if (!empty($ret)) {
// need a numeric return value - otherwise use default message
if (!is_numeric($ret['number'])) {
$ret['number'] = 97;
}
return USER_edit($uid, $ret['number']);
}
}
// Let plugins have a chance to decide what to do before saving the user, return errors.
$msg = PLG_itemPreSave('useredit', $username);
if (!empty($msg)) {
// need a numeric return value - otherwise use default message
if (!is_numeric($msg)) {
$msg = 97;
}
return USER_edit($uid, $msg);
}
if (empty($uid) || !empty($passwd)) {
$passwd2 = SEC_encryptPassword($passwd);
} else {
$passwd2 = DB_getItem($_TABLES['users'], 'passwd', "uid = {$uid}");
}
// do we need to create the user?
if (empty($uid)) {
if (empty($passwd)) {
// no password? create one ...
$passwd = USER_createPassword(8);
$passwd2 = SEC_encryptPassword($passwd);
}
if ($remoteuser == 1) {
$uid = USER_createAccount($username, $email, '', $fullname, '', $remoteusername, $remoteservice, 1);
} else {
$uid = USER_createAccount($username, $email, $passwd2, $fullname, $homepage, '', '', 1);
}
if ($uid > 1) {
DB_query("UPDATE {$_TABLES['users']} SET status = {$userstatus} WHERE uid = {$uid}");
}
if (isset($_POST['emailuser'])) {
USER_createAndSendPassword($username, $email, $uid, $passwd);
}
if ($uid < 2) {
return USER_edit('', 509);
}
$newuser = 1;
}
// at this point, we have a valid user...
// Filter some of the text entry fields to ensure they don't cause problems...
$fullname = strip_tags($fullname);
$about = strip_tags($about);
$pgpkey = strip_tags($pgpkey);
$curphoto = USER_handlePhotoUpload($uid, $delete_photo);
if ($_CONF['allow_user_photo'] == 1 && !empty($curphoto)) {
$curusername = DB_getItem($_TABLES['users'], 'username', "uid = {$uid}");
if ($curusername != $username) {
// user has been renamed - rename the photo, too
$newphoto = preg_replace('/' . $curusername . '/', $username, $curphoto, 1);
$imgpath = $_CONF['path_images'] . 'userphotos/';
if (rename($imgpath . $curphoto, $imgpath . $newphoto) === false) {
$display = COM_siteHeader('menu', $LANG28[22]);
$display .= COM_errorLog('Could not rename userphoto "' . $curphoto . '" to "' . $newphoto . '".');
$display .= COM_siteFooter();
return $display;
}
$curphoto = $newphoto;
}
}
// update users table
$sql = "UPDATE {$_TABLES['users']} SET " . "username = '******'," . "fullname = '" . DB_escapeString($fullname) . "'," . "passwd = '" . DB_escapeString($passwd2) . "'," . "email = '" . DB_escapeString($email) . "'," . "homepage = '" . DB_escapeString($homepage) . "'," . "sig = '" . DB_escapeString($sig) . "'," . "photo = '" . DB_escapeString($curphoto) . "'," . "cookietimeout = {$cooktime}," . "theme = '" . DB_escapeString($theme) . "'," . "language = '" . DB_escapeString($language) . "'," . "status = {$userstatus} WHERE uid = {$uid};";
DB_query($sql);
// update userprefs
$sql = "UPDATE {$_TABLES['userprefs']} SET " . "noicons = {$noicons}," . "dfid = {$dfid}," . "tzid = '" . DB_escapeString($tzid) . "'," . "emailstories = 0," . "emailfromadmin = {$emailfromadmin}," . "emailfromuser = {$emailfromuser}," . "showonline = {$showonline}," . "search_result_format = '" . DB_escapeString($search_fmt) . "' WHERE uid={$uid};";
DB_query($sql);
// userinfo table
$sql = "UPDATE {$_TABLES['userinfo']} SET " . "about = '" . DB_escapeString($about) . "'," . "location = '" . DB_escapeString($location) . "'," . "pgpkey = '" . DB_escapeString($pgpkey) . "' WHERE uid={$uid};";
DB_query($sql);
// userindex table
$TIDS = @array_values($_POST['topics']);
$AIDS = @array_values($_POST['selauthors']);
$BOXES = @array_values($_POST['blocks']);
$ETIDS = @array_values($_POST['dgtopics']);
$allowed_etids = USER_buildTopicList();
$AETIDS = explode(' ', $allowed_etids);
$tids = '';
if (sizeof($TIDS) > 0) {
$tids = DB_escapeString(implode(' ', array_intersect($AETIDS, $TIDS)));
}
$aids = '';
if (sizeof($AIDS) > 0) {
foreach ($AIDS as $key => $val) {
$AIDS[$key] = intval($val);
}
$aids = DB_escapeString(implode(' ', $AIDS));
}
$selectedblocks = '';
$selectedBoxes = array();
if (count($BOXES) > 0) {
foreach ($BOXES as $key => $val) {
$BOXES[$key] = intval($val);
}
$boxes = DB_escapeString(implode(',', $BOXES));
$blockresult = DB_query("SELECT bid,name FROM {$_TABLES['blocks']} WHERE bid NOT IN ({$boxes})");
$numRows = DB_numRows($blockresult);
for ($x = 1; $x <= $numRows; $x++) {
$row = DB_fetchArray($blockresult);
if ($row['name'] != 'user_block' and $row['name'] != 'admin_block' and $row['name'] != 'section_block') {
$selectedblocks .= $row['bid'];
if ($x != $numRows) {
$selectedblocks .= ' ';
}
}
}
}
$etids = '-';
if (sizeof($ETIDS) > 0) {
$etids = DB_escapeString(implode(' ', array_intersect($AETIDS, $ETIDS)));
} else {
$etids = '-';
}
DB_save($_TABLES['userindex'], "uid,tids,aids,boxes,noboxes,maxstories,etids", "{$uid},'{$tids}','{$aids}','{$selectedblocks}',{$noboxes},{$maxstories},'{$etids}'");
// usercomment
DB_save($_TABLES['usercomment'], 'uid,commentmode,commentorder,commentlimit', "{$uid},'{$commentmode}','{$commentorder}'," . intval($commentlimit));
if ($_CONF['custom_registration'] and function_exists('CUSTOM_userSave')) {
CUSTOM_userSave($uid);
}
if ($_CONF['usersubmission'] == 1 && $oldstatus == USER_ACCOUNT_AWAITING_APPROVAL && ($userstatus == USER_ACCOUNT_ACTIVE || $userstatus == USER_ACCOUNT_AWAITING_ACTIVATION || $userstatus == USER_ACCOUNT_AWAITING_VERIFICATION)) {
USER_createAndSendPassword($username, $email, $uid);
}
if ($userstatus == USER_ACCOUNT_DISABLED) {
SESS_endUserSession($uid);
}
$userChanged = true;
// if groups is -1 then this user isn't allowed to change any groups so ignore
if (is_array($groups) && SEC_hasRights('group.edit')) {
if (!SEC_inGroup('Root')) {
$rootgrp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Root'");
if (in_array($rootgrp, $groups)) {
COM_accessLog("User {$_USER['username']} ({$_USER['uid']}) just tried to give Root permissions to user {$username}.");
echo COM_refresh($_CONF['site_admin_url'] . '/index.php');
exit;
}
}
// make sure the Remote Users group is in $groups
if (SEC_inGroup('Remote Users', $uid)) {
$remUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'");
if (!in_array($remUsers, $groups)) {
$groups[] = $remUsers;
}
}
if ($_USER_VERBOSE) {
COM_errorLog("deleting all group_assignments for user {$uid}/{$username}", 1);
}
// remove user from all groups that the User Admin is a member of
$UserAdminGroups = SEC_getUserGroups();
$whereGroup = 'ug_main_grp_id IN (' . implode(',', $UserAdminGroups) . ')';
DB_query("DELETE FROM {$_TABLES['group_assignments']} WHERE (ug_uid = {$uid}) AND " . $whereGroup);
// make sure to add user to All Users and Logged-in Users groups
$allUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'All Users'");
if (!in_array($allUsers, $groups)) {
$groups[] = $allUsers;
}
$logUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Logged-in Users'");
if (!in_array($logUsers, $groups)) {
$groups[] = $logUsers;
}
foreach ($groups as $userGroup) {
if (in_array($userGroup, $UserAdminGroups)) {
if ($_USER_VERBOSE) {
COM_errorLog("adding group_assignment " . $userGroup . " for {$username}", 1);
}
$sql = "INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$userGroup}, {$uid})";
DB_query($sql);
}
}
}
// subscriptions
$subscription_deletes = @array_values($_POST['subdelete']);
if (is_array($subscription_deletes)) {
foreach ($subscription_deletes as $subid) {
DB_delete($_TABLES['subscriptions'], 'sub_id', (int) $subid);
}
}
foreach ($social_services as $service) {
$service_input = $service['service'] . '_username';
$_POST[$service_input] = DB_escapeString($_POST[$service_input]);
if ($_POST[$service_input] != '') {
$sql = "REPLACE INTO {$_TABLES['social_follow_user']} (ssid,uid,ss_username) ";
$sql .= " VALUES (" . (int) $service['service_id'] . "," . $uid . ",'" . $_POST[$service_input] . "');";
DB_query($sql, 1);
} else {
$sql = "DELETE FROM {$_TABLES['social_follow_user']} WHERE ssid = " . (int) $service['service_id'] . " AND uid=" . (int) $uid;
DB_query($sql, 1);
}
}
if ($newuser == 0) {
PLG_profileSave('', $uid);
} else {
PLG_createUser($uid);
}
if ($userChanged) {
PLG_userInfoChanged($uid);
}
CACHE_remove_instance('mbmenu');
$errors = DB_error();
if (empty($errors)) {
echo PLG_afterSaveSwitch($_CONF['aftersave_user'], "{$_CONF['site_url']}/users.php?mode=profile&uid={$uid}", 'user', 21);
} else {
$retval .= COM_siteHeader('menu', $LANG28[22]);
$retval .= COM_errorLog('Error in USER_save() in ' . $_CONF['site_admin_url'] . '/user.php');
$retval .= COM_siteFooter();
echo $retval;
exit;
}
} else {
$retval = COM_siteHeader('menu', $LANG28[1]);
$retval .= COM_errorLog($LANG28[10]);
if (DB_count($_TABLES['users'], 'uid', $uid) > 0) {
$retval .= USER_edit($uid);
} else {
$retval .= USER_edit();
}
$retval .= COM_siteFooter();
echo $retval;
exit;
}
if ($_USER_VERBOSE) {
COM_errorLog("***************leaving USER_save()*****************", 1);
}
return $retval;
}
$moved = "";
}
if ($CONF_FORUM['show_subject_length'] > 0 and strlen($record['subject']) > $CONF_FORUM['show_subject_length']) {
$subject = COM_truncate($record['subject'], $CONF_FORUM['show_subject_length'], '...');
} else {
$subject = $record['subject'];
}
if ($record['uid'] > 1) {
$firstposterName = COM_getDisplayName($record['uid']);
} else {
$firstposterName = $record['name'];
}
$topicinfo = "<b>{$LANG_GF01['STARTEDBY']} {$firstposterName}, {$firstdate}</b><br" . XHTML . ">";
$lastpostinfo = stripBBCode($lastpostinfo);
// Simple function to strip out bbcode so tooltips display better
$lastpostinfo = strip_tags(COM_truncate($record['comment'], $CONF_FORUM['contentinfo_numchars'], '...'));
$lastpostinfo = htmlspecialchars($lastpostinfo);
// Escape things like " so it displays properly in tooltip
$topicinfo .= str_replace(LB, "<br" . XHTML . ">", forum_mb_wordwrap($lastpostinfo, $CONF_FORUM['linkinfo_width'], LB));
if (function_exists('COM_getTooltip')) {
$topiclink = "viewtopic.php?showtopic={$record['id']}";
$tooltip_subject = COM_getTooltip($subject, $topicinfo, $topiclink);
//$subject = '';
$topiclisting->set_var('tooltip_subject', $tooltip_subject);
}
$topiclisting->set_var('topicinfo', $topicinfo);
$topiclisting->parse('folderimg', $folderimg);
$topiclisting->set_var('topic_id', $record['id']);
$topiclisting->set_var('subject', $subject);
$topiclisting->set_var('fullsubject', $record['subject']);
$topiclisting->set_var('gotomsg', $gotomsg);
function showtopic($showtopic, $mode = '', $onetwo = 1, $page = 1)
{
global $CONF_FORUM, $_CONF, $_TABLES, $_USER, $LANG_GF01, $LANG_GF02, $LANG_GF09;
global $highlight;
global $oldPost;
$oldPost = 0;
//$mytimer = new timerobject();
//$mytimer->setPercision(2);
//$mytimer->startTimer();
//$intervalTime = $mytimer->stopTimer();
//COM_errorLog("Show Topic Display Time1: $intervalTime");
if (!class_exists('StringParser')) {
require_once $CONF_FORUM['path_include'] . 'bbcode/stringparser_bbcode.class.php';
}
$topictemplate = COM_newTemplate(CTL_plugin_templatePath('forum'));
$topictemplate->set_file(array('topictemplate' => 'topic.thtml', 'forum_icons' => 'forum_icons.thtml', 'forum_links' => 'forum_links.thtml'));
$topictemplate->set_block('topictemplate', 'block_user_information');
$topictemplate->set_block('topictemplate', 'block_anon_user_information');
$topictemplate->set_block('topictemplate', 'location');
$topictemplate->set_block('topictemplate', 'ip_address');
$topictemplate->set_block('topictemplate', 'anon_ip_address');
$topictemplate->set_block('topictemplate', 'user_signature');
$topictemplate->set_block('topictemplate', 'mod_functions');
$blocks = array('block_user_name', 'block_anon_user_name', 'block_user_information', 'block_anon_user_information', 'user_signature', 'mod_functions');
foreach ($blocks as $block) {
$topictemplate->set_block('topictemplate', $block);
}
$topictemplate->set_block('forum_icons', 'topiclocked_icon');
$topictemplate->set_block('forum_icons', 'mood_icon');
$blocks = array('profile_link', 'pm_link', 'email_link', 'website_link', 'quotetopic_link', 'edittopic_link');
foreach ($blocks as $block) {
$topictemplate->set_block('forum_links', $block);
}
// if preview, only stripslashes is gpc=on, else assume from db so strip
if ($mode == 'preview') {
$showtopic['subject'] = COM_stripslashes($showtopic['subject']);
} else {
$showtopic['subject'] = stripslashes($showtopic['subject']);
}
$min_height = 50;
// Base minimum height of topic - will increase if avatar or sig is used
$date = strftime($CONF_FORUM['default_Topic_Datetime_format'], $showtopic['date']);
$sql = "SELECT u.*, ui.location FROM {$_TABLES['users']} u, {$_TABLES['userinfo']} ui \n \t\tWHERE u.uid = ui.uid \n \t\tAND u.uid = '{$showtopic['uid']}'";
$userQuery = DB_query($sql);
if ($showtopic['uid'] > 1 and DB_numRows($userQuery) == 1) {
$userarray = DB_fetchArray($userQuery);
$username = COM_getDisplayName($showtopic['uid']);
$userlink = "<a href=\"{$_CONF['site_url']}/users.php?mode=profile&uid={$showtopic['uid']}\" ";
$userlink .= "class=\"authorname {$onetwo}\"><b>{$username}</b></a>";
$uservalid = true;
$postcount = DB_query("SELECT * FROM {$_TABLES['forum_topic']} WHERE uid='{$showtopic['uid']}'");
$posts = DB_numRows($postcount);
// STARS CODE
if (SEC_inGroup(1, $showtopic['uid'])) {
$user_level = showrank(7, $LANG_GF01['admin']);
$user_levelname = $LANG_GF01['admin'];
} else {
if (forum_modPermission($showtopic['forum'], $showtopic['uid'])) {
$user_level = showrank(6, $LANG_GF01['moderator']);
$user_levelname = $LANG_GF01['moderator'];
} else {
if ($posts < $CONF_FORUM['level2']) {
$user_level = showrank(1, $CONF_FORUM['level1name']);
$user_levelname = $CONF_FORUM['level1name'];
} elseif ($posts >= $CONF_FORUM['level2'] && $posts < $CONF_FORUM['level3']) {
$user_level = showrank(2, $CONF_FORUM['level2name']);
$user_levelname = $CONF_FORUM['level2name'];
} elseif ($posts >= $CONF_FORUM['level3'] && $posts < $CONF_FORUM['level4']) {
$user_level = showrank(3, $CONF_FORUM['level3name']);
$user_levelname = $CONF_FORUM['level3name'];
} elseif ($posts >= $CONF_FORUM['level4'] && $posts < $CONF_FORUM['level5']) {
$user_level = showrank(4, $CONF_FORUM['level4name']);
$user_levelname = $CONF_FORUM['level4name'];
} elseif ($posts > $CONF_FORUM['level5']) {
$user_level = showrank(5, $CONF_FORUM['level5name']);
$user_levelname = $CONF_FORUM['level5name'];
}
}
}
// Still allow photo to be showen for users
if ($showtopic['uid'] > 1 and ($userarray['photo'] != "" or !empty($_CONF['default_photo']))) {
$avatar = USER_getPhoto($showtopic['uid'], '', '', $CONF_FORUM['avatar_width']);
$min_height = $min_height + 50;
} else {
$avatar = '';
}
$regdate = $LANG_GF01['REGISTERED'] . ': ' . strftime($_CONF['shortdate'], strtotime($userarray['regdate'])) . '<br' . XHTML . '>';
$numposts = $LANG_GF01['POSTS'] . ': ' . $posts;
if (DB_count($_TABLES['sessions'], 'uid', $showtopic['uid']) > 0 and DB_getItem($_TABLES['userprefs'], 'showonline', "uid={$showtopic['uid']}") == 1) {
$avatar .= '<br' . XHTML . '>' . $LANG_GF01['STATUS'] . ' ' . $LANG_GF01['ONLINE'];
} else {
$avatar .= '<br' . XHTML . '>' . $LANG_GF01['STATUS'] . ' ' . $LANG_GF01['OFFLINE'];
}
if ($userarray['sig'] != '') {
$sig = $userarray['sig'];
$min_height = $min_height + 30;
} else {
$sig = '';
}
} else {
$uservalid = false;
$userlink = urldecode($showtopic['name']);
}
if ($CONF_FORUM['show_moods'] && $showtopic['mood'] != "") {
$topictemplate->set_var('moodicon', gf_getImage($showtopic['mood'], 'moods'));
$topictemplate->set_var('moodicontext', $showtopic['mood']);
$topictemplate->parse('mood_icon', 'mood_icon');
$min_height = $min_height + 30;
} else {
$topictemplate->set_var('mood_icon', '');
}
//$intervalTime = $mytimer->stopTimer();
//COM_errorLog("Show Topic Display Time3: $intervalTime");
// Handle Pre ver 2.5 quoting and New Line Formatting - consider adding this to a migrate function
if ($CONF_FORUM['pre2.5_mode']) {
// try to determine if we have an old post...
if (strstr($showtopic['comment'], '<pre class="forumCode">') !== false) {
$oldPost = 1;
}
if (strstr($showtopic['comment'], "[code]<code>") !== false) {
$oldPost = 1;
}
if (strstr($showtopic['comment'], "<pre>") !== false) {
$oldPost = 1;
}
if (stristr($showtopic['comment'], '[code') == false || stristr($showtopic['comment'], '[code]<code>') == true) {
if (strstr($showtopic['comment'], "<pre>") !== false) {
$oldPost = 1;
}
$showtopic['comment'] = str_replace('<pre>', '[code]', $showtopic['comment']);
$showtopic['comment'] = str_replace('</pre>', '[/code]', $showtopic['comment']);
}
$showtopic['comment'] = str_ireplace("[code]<code>", '[code]', $showtopic['comment']);
$showtopic['comment'] = str_ireplace("</code>[/code]", '[/code]', $showtopic['comment']);
$showtopic['comment'] = str_replace(array("<br />\r\n", "<br />\n\r", "<br />\r", "<br />\n", "<br>\r\n", "<br>\n\r", "<br>\r", "<br>\n"), '<br' . XHTML . '>', $showtopic['comment']);
$showtopic['comment'] = preg_replace("/\\[QUOTE\\sBY=\\s(.+?)\\]/i", "[QUOTE] Quote by \$1:", $showtopic['comment']);
/* Reformat code blocks - version 2.3.3 and prior */
$showtopic['comment'] = str_replace('<pre class="forumCode">', '[code]', $showtopic['comment']);
$showtopic['comment'] = preg_replace("/\\[QUOTE\\sBY=(.+?)\\]/i", "[QUOTE] Quote by \$1:", $showtopic['comment']);
if ($oldPost) {
if (strstr($showtopic['comment'], "\\'") !== false) {
$showtopic['comment'] = stripslashes($showtopic['comment']);
}
}
}
$showtopic['comment'] = gf_formatTextBlock($showtopic['comment'], $showtopic['postmode'], $mode);
$showtopic['subject'] = gf_formatTextBlock($showtopic['subject'], 'text', $mode);
if ($CONF_FORUM['show_subject_length'] > 0 and strlen($showtopic['subject']) > $CONF_FORUM['show_subject_length']) {
$showtopic['subject'] = COM_truncate("{$showtopic['subject']}", $CONF_FORUM['show_subject_length'], '...');
}
//$intervalTime = $mytimer->stopTimer();
//COM_errorLog("Show Topic Display Time2: $intervalTime");
if ($mode != 'preview' && $uservalid && !COM_isAnonUser() && $_USER['uid'] == $showtopic['uid']) {
/* Check if user can still edit this post - within allowed edit timeframe */
$editAllowed = false;
if ($CONF_FORUM['allowed_editwindow'] > 0) {
$t1 = $showtopic['date'];
$t2 = $CONF_FORUM['allowed_editwindow'];
if (time() - $t2 < $t1) {
$editAllowed = true;
}
} else {
$editAllowed = true;
}
if ($editAllowed) {
$editlink = "{$_CONF['site_url']}/forum/createtopic.php?method=edit&forum={$showtopic['forum']}&id={$showtopic['id']}&editid={$showtopic['id']}&page={$page}";
$editlinktext = $LANG_GF09['edit'];
$topictemplate->set_var('editlink', $editlink);
$topictemplate->set_var('editlinktext', $editlinktext);
$topictemplate->set_var('LANG_edit', $LANG_GF01['EDITICON']);
$topictemplate->parse('edittopic_link', 'edittopic_link');
}
}
if ($highlight != '') {
$showtopic['subject'] = str_replace("{$highlight}", "<span class=\"highlight\">{$highlight}</span>", $showtopic['subject']);
$showtopic['comment'] = str_replace("{$highlight}", "<span class=\"highlight\">{$highlight}</span>", $showtopic['comment']);
}
if (!isset($showtopic['pid'])) {
$showtopic['pid'] = 0;
}
if ($showtopic['pid'] == 0) {
$replytopicid = $showtopic['id'];
$is_lockedtopic = $showtopic['locked'];
$views = $showtopic['views'];
$topictemplate->set_var('read_msg', sprintf($LANG_GF02['msg49'], $views));
if ($is_lockedtopic) {
$topictemplate->parse('topiclocked_icon', 'topiclocked_icon');
}
} else {
$replytopicid = $showtopic['pid'];
$is_lockedtopic = DB_getItem($_TABLES['forum_topic'], 'locked', "id={$showtopic['pid']}");
$topictemplate->set_var('read_msg', '');
}
if ($CONF_FORUM['allow_user_dateformat']) {
$date = COM_getUserDateTimeFormat($showtopic['date']);
$topictemplate->set_var('posted_date', $date[0]);
} else {
$date = strftime($CONF_FORUM['default_Topic_Datetime_format'], $showtopic['date']);
$topictemplate->set_var('posted_date', $date);
}
if ($mode != 'preview') {
if ($is_lockedtopic == 0) {
$is_readonly = DB_getItem($_TABLES['forum_forums'], 'is_readonly', 'forum_id=' . $showtopic['forum']);
if ($is_readonly == 0 or forum_modPermission($showtopic['forum'], $_USER['uid'], 'mod_edit')) {
$quotelink = "{$_CONF['site_url']}/forum/createtopic.php?method=postreply&forum={$showtopic['forum']}&id={$replytopicid}&quoteid={$showtopic['id']}";
$quotelinktext = $LANG_GF09['quote'];
$topictemplate->set_var('quotelink', $quotelink);
$topictemplate->set_var('quotelinktext', $quotelinktext);
$topictemplate->set_var('LANG_quote', $LANG_GF01['QUOTEICON']);
$topictemplate->parse('quotetopic_link', 'quotetopic_link');
}
}
$topictemplate->set_var('topic_post_id', $showtopic['id']);
if ($showtopic['uid'] > 1 && $uservalid) {
$profile_link = "{$_CONF['site_url']}/users.php?mode=profile&uid={$showtopic['uid']}";
$profile_linktext = $LANG_GF09['profile'];
$topictemplate->set_var('profilelink', $profile_link);
$topictemplate->set_var('profilelinktext', $profile_linktext);
$topictemplate->set_var('LANG_profile', $LANG_GF01['ProfileLink']);
$topictemplate->parse('profile_link', 'profile_link');
if ($CONF_FORUM['use_pm_plugin']) {
$pmusernmame = COM_getDisplayName($showtopic['uid']);
$pmplugin_link = forumPLG_getPMlink($pmusernmame);
if ($pmplugin_link != '') {
$pm_link = $pmplugin_link;
$pm_linktext = $LANG_GF09['pm'];
$topictemplate->set_var('pmlink', $pm_link);
$topictemplate->set_var('pmlinktext', $pm_linktext);
$topictemplate->set_var('LANG_pm', $LANG_GF01['PMLink']);
$topictemplate->parse('pm_link', 'pm_link');
}
}
}
if ($userarray['email'] != '' && $showtopic["uid"] > 1) {
$email_link = "{$_CONF['site_url']}/profiles.php?uid={$showtopic['uid']}";
$email_linktext = $LANG_GF09['email'];
$topictemplate->set_var('emaillink', $email_link);
$topictemplate->set_var('emaillinktext', $email_linktext);
$topictemplate->set_var('LANG_email', $LANG_GF01['EmailLink']);
$topictemplate->parse('email_link', 'email_link');
}
if ($userarray['homepage'] != '') {
$homepage = trim($userarray['homepage']);
if (strtolower(substr($homepage, 0, 4)) != 'http') {
$homepage = 'http://' . $homepage;
}
$homepagetext = $LANG_GF09['website'];
$topictemplate->set_var('websitelink', $homepage);
$topictemplate->set_var('websitelinktext', $homepagetext);
$topictemplate->set_var('LANG_website', $LANG_GF01['WebsiteLink']);
$topictemplate->parse('website_link', 'website_link');
}
if ($userarray['location'] != '' && $showtopic["uid"] > 1) {
$topictemplate->set_var('user_location', $userarray['location']);
$topictemplate->parse('location', 'location');
}
} else {
if (isset($_GET['onlytopic']) and $_GET['onlytopic'] != 1) {
$topictemplate->set_var('posted_date', '');
$topictemplate->set_var('preview_topic_subject', $showtopic['subject']);
} else {
$topictemplate->set_var('preview_topic_subject', '');
}
$topictemplate->set_var('read_msg', '');
$topictemplate->set_var('topiclocked_icon', '');
$topictemplate->set_var('preview_mode', 'none');
}
//$intervalTime = $mytimer->stopTimer();
//COM_errorLog("Show Topic Display Time4: $intervalTime");
$showtopic['comment'] = str_replace('{', '{', $showtopic['comment']);
$showtopic['comment'] = str_replace('}', '}', $showtopic['comment']);
// Temporary correspondence. You should cope in more roots.
$showtopic['comment'] = str_replace(array("<br />", "<br>"), '<br' . XHTML . '>', $showtopic['comment']);
$topictemplate->set_var('layout_url', $CONF_FORUM['layout_url']);
$topictemplate->set_var('csscode', $onetwo);
$topictemplate->set_var('postmode', $showtopic['postmode']);
$topictemplate->set_var('userlink', $userlink);
$topictemplate->set_var('lang_forum', $LANG_GF01['FORUM']);
$topictemplate->set_var('user_levelname', $user_levelname);
$topictemplate->set_var('user_level', $user_level);
$topictemplate->set_var('avatar', $avatar);
$topictemplate->set_var('regdate', $regdate);
$topictemplate->set_var('numposts', $numposts);
if (forum_modPermission($showtopic['forum'], $_USER['uid'], 'mod_ban')) {
$topictemplate->set_var('ip', $showtopic['ip']);
if ($showtopic['uid'] == 1) {
$topictemplate->parse('ip_address', 'anon_ip_address');
} else {
$topictemplate->parse('ip_address', 'ip_address');
}
} else {
$topictemplate->set_var('ip_address', '');
}
$topictemplate->set_var('imgset', $CONF_FORUM['imgset']);
$topictemplate->set_var('topic_subject', $showtopic['subject']);
$topictemplate->set_var('LANG_ON2', $LANG_GF01['ON2']);
if ($mode != 'preview') {
$mod_functions = forum_getmodFunctions($showtopic);
if (!empty($mod_functions)) {
$topictemplate->set_var('mod_functions', $mod_functions);
$topictemplate->parse('mod_functions', 'mod_functions');
} else {
$topictemplate->set_var('mod_functions', '');
}
}
$topictemplate->set_var('topic_comment', $showtopic['comment']);
$topictemplate->set_var('comment_minheight', "min-height:{$min_height}px");
if (trim($sig) != '') {
$topictemplate->set_var('sig', PLG_replaceTags($sig));
$topictemplate->set_var('show_sig', '');
$topictemplate->parse('user_signature', 'user_signature');
} else {
$topictemplate->set_var('sig', '');
$topictemplate->set_var('show_sig', 'none');
$topictemplate->set_var('user_signature', '');
}
$topictemplate->set_var('forumid', $showtopic['forum']);
$topictemplate->set_var('topic_id', $showtopic['id']);
$topictemplate->set_var('member_badge', forumPLG_getMemberBadge($showtopic['uid']));
if ($uservalid) {
$topictemplate->parse('user_name', 'block_user_name');
$topictemplate->parse('user_information', 'block_user_information');
} else {
$topictemplate->parse('user_name', 'block_anon_user_name');
$topictemplate->parse('user_information', 'block_anon_user_information');
}
$topictemplate->parse('output', 'topictemplate');
$retval = $topictemplate->finish($topictemplate->get_var('output'));
//$intervalTime = $mytimer->stopTimer();
//COM_errorLog("Show Topic Display Time5: $intervalTime");
return $retval;
}
/**
* Truncates a string to a certain length at the most sensible point.
* First, if there's a '.' character near the end of the string, the string is truncated after this character.
* If there is no '.', the string is truncated after the last ' ' character.
* If the string is truncated, " ..." is appended.
* If the string is already shorter than $length, it is returned unchanged.
*
* @static
* @param string string A string to be truncated.
* @param int length the maximum length the string should be truncated to
* @return string the truncated string
*/
function iTrunc($string, $length)
{
if (strlen($string) <= $length) {
return $string;
}
$pos = strrpos($string, ".");
if ($pos >= $length - 4) {
$string = COM_truncate($string, $length - 4);
$pos = strrpos($string, ".");
}
if ($pos >= $length * 0.4) {
return COM_truncate($string, $pos + 1) . " ...";
}
$pos = strrpos($string, " ");
if ($pos >= $length - 4) {
$string = COM_truncate($string, $length - 4);
$pos = strrpos($string, " ");
}
if ($pos >= $length * 0.4) {
return COM_truncate($string, $pos) . " ...";
}
return COM_truncate($string, $length - 4) . " ...";
}
function FF_showtopic($showtopic, $mode = '', $onetwo = 1, $page = 1, $topictemplate)
{
global $_FF_CONF, $_CONF, $_TABLES, $_USER, $LANG_GF01, $LANG_GF02, $_SYSTEM;
global $highlight;
global $forumfiles;
global $canPost;
$retval = '';
if (isset($showtopic['date'])) {
$dt = new Date($showtopic['date'], $_USER['tzid']);
} else {
$dt = new Date('now', $_USER['tzid']);
}
static $cacheUserArray = array();
static $_user_already_voted = array();
$oldPost = 0;
if (!class_exists('StringParser')) {
require_once $_CONF['path'] . 'lib/bbcode/stringparser_bbcode.class.php';
}
if ($mode == 'preview') {
$topictemplate->set_var(array('lang_postpreview' => $LANG_GF01['PREVIEW_HEADER'], 'preview' => true));
}
$min_height = 50;
// Base minimum height of topic - will increase if avatar or sig is used
$foundUser = 0;
if ($showtopic['uid'] > 1) {
if (isset($cacheUserArray[$showtopic['uid']])) {
$userarray = $cacheUserArray[$showtopic['uid']];
$username = $userarray['display_name'];
$location = $userarray['location'];
$posts = $userarray['posts'];
$user_level = $userarray['user_level'];
$user_levelname = $userarray['user_levelname'];
$avatar = $userarray['avatar'];
$onlinestatus = $userarray['onlinestatus'];
$min_height = $userarray['min_height'];
$regdate = $userarray['regdate'];
$numposts = $userarray['numposts'];
$foundUser = 1;
} else {
$sql = "SELECT users.*,userprefs.*,userinfo.*,gf_userinfo.rating,gf_userinfo.signature FROM {$_TABLES['users']} users LEFT JOIN {$_TABLES['userprefs']} userprefs ON users.uid=userprefs.uid LEFT JOIN {$_TABLES['userinfo']} userinfo ON users.uid=userinfo.uid LEFT JOIN {$_TABLES['ff_userinfo']} gf_userinfo ON users.uid=gf_userinfo.uid WHERE users.uid=" . (int) $showtopic['uid'];
$userQuery = DB_query($sql);
if (DB_numRows($userQuery) == 1) {
$userarray = DB_fetchArray($userQuery);
$username = COM_getDisplayName($showtopic['uid']);
$userarray['display_name'] = $username;
$postcount = DB_query("SELECT * FROM {$_TABLES['ff_topic']} WHERE uid='" . (int) $showtopic['uid'] . "'");
$posts = DB_numRows($postcount);
$userarray['posts'] = $posts;
$starimage = '<img src="%s" alt="' . $LANG_GF01['FORUM'] . ' %s" title="' . $LANG_GF01['FORUM'] . ' %s"/>';
if ($posts < $_FF_CONF['level2']) {
$user_level = sprintf($starimage, _ff_getImage('rank1', 'ranks'), $_FF_CONF['level1name'], $_FF_CONF['level1name']);
$user_levelname = $_FF_CONF['level1name'];
} elseif ($posts >= $_FF_CONF['level2'] && $posts < $_FF_CONF['level3']) {
$user_level = sprintf($starimage, _ff_getImage('rank2', 'ranks'), $_FF_CONF['level2name'], $_FF_CONF['level2name']);
$user_levelname = $_FF_CONF['level2name'];
} elseif ($posts >= $_FF_CONF['level3'] && $posts < $_FF_CONF['level4']) {
$user_level = sprintf($starimage, _ff_getImage('rank3', 'ranks'), $_FF_CONF['level3name'], $_FF_CONF['level3name']);
$user_levelname = $_FF_CONF['level3name'];
} elseif ($posts >= $_FF_CONF['level4'] && $posts < $_FF_CONF['level5']) {
$user_level = sprintf($starimage, _ff_getImage('rank4', 'ranks'), $_FF_CONF['level4name'], $_FF_CONF['level4name']);
$user_levelname = $_FF_CONF['level4name'];
} elseif ($posts > $_FF_CONF['level5']) {
$user_level = sprintf($starimage, _ff_getImage('rank5', 'ranks'), $_FF_CONF['level5name'], $_FF_CONF['level5name']);
$user_levelname = $_FF_CONF['level5name'];
}
if (forum_modPermission($showtopic['forum'], $showtopic['uid'])) {
$user_level = sprintf($starimage, _ff_getImage('rank_mod', 'ranks'), $LANG_GF01['moderator'], $LANG_GF01['moderator']);
$user_levelname = $LANG_GF01['moderator'];
}
if (SEC_inGroup(1, $showtopic['uid'])) {
$user_level = sprintf($starimage, _ff_getImage('rank_admin', 'ranks'), $LANG_GF01['admin'], $LANG_GF01['admin']);
$user_levelname = $LANG_GF01['admin'];
}
$userarray['user_level'] = $user_level;
$userarray['user_levelname'] = $user_levelname;
if ($userarray['photo'] != "") {
$avatar = '<img src="' . USER_getPhoto($showtopic['uid'], '', '', '', '0') . '" alt="" title="" class="forum-userphoto" style="width:' . $_FF_CONF['avatar_width'] . 'px;"/>';
$min_height = $min_height + 150;
} else {
if (!isset($_CONF['default_photo']) || $_CONF['default_photo'] == '') {
$img = $_CONF['site_url'] . '/images/userphotos/default.jpg';
} else {
$img = $_CONF['default_photo'];
}
$avatar = '<img src="' . $img . '" alt="" title="" class="forum-userphoto" style="width:' . $_FF_CONF['avatar_width'] . 'px;"/>';
$min_height = $min_height + 150;
}
if ($_FF_CONF['enable_user_rating_system']) {
if ($showtopic['uid'] > 1) {
$min_height = $min_height + 10;
}
}
if (SEC_inGroup('Root') && function_exists('plugin_cclabel_nettools') && isset($showtopic['ip'])) {
$min_height = $min_height + 5;
}
$udt = new Date(strtotime($userarray['regdate']), $_USER['tzid']);
$regdate = $udt->format($_CONF['shortdate'], true) . '<br/>';
$numposts = $posts;
if (DB_count($_TABLES['sessions'], 'uid', (int) $showtopic['uid']) > 0 and DB_getItem($_TABLES['userprefs'], 'showonline', "uid=" . (int) $showtopic['uid'] . "") == 1) {
$onlinestatus = $LANG_GF01['ONLINE'];
} else {
$onlinestatus = $LANG_GF01['OFFLINE'];
}
$userarray['avatar'] = $avatar;
$userarray['onlinestatus'] = $onlinestatus;
$userarray['min_height'] = $min_height;
$userarray['regdate'] = $regdate;
$userarray['numposts'] = $numposts;
$location = $userarray['location'];
$cacheUserArray[$showtopic['uid']] = $userarray;
$foundUser = 1;
}
}
} else {
if (!isset($_CONF['default_photo']) || $_CONF['default_photo'] == '') {
$img = $_CONF['site_url'] . '/images/userphotos/default.jpg';
} else {
$img = $_CONF['default_photo'];
}
$avatar = '<img src="' . $img . '" alt="" title="" class="forum-userphoto" style="width:' . $_FF_CONF['avatar_width'] . 'px;"/>';
$min_height = $min_height + 150;
}
if ($foundUser) {
$userlink = '<a href="' . $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $showtopic['uid'] . '" ';
$userlink .= 'class="authorname ' . $onetwo . '" rel="nofollow"><strong>' . $username . '</strong></a>';
$uservalid = true;
if ($userarray['sig'] != '' || $userarray['signature'] != '') {
$sig = '';
$sig .= FF_getSignature($userarray['sig'], $userarray['signature'], 'html');
$min_height = $min_height + 30;
}
} else {
$uservalid = false;
$userlink = $LANG_GF01['ANON'] . $showtopic['name'];
}
if ($_FF_CONF['show_moods'] && $showtopic['mood'] != "") {
$moodimage = '<img style="vertical-align:middle;" src="' . _ff_getImage($showtopic['mood'], 'moods') . '" title="' . $showtopic['mood'] . '" alt=""/><br/>';
$min_height = $min_height + 30;
}
$showtopic['comment'] = FF_formatTextBlock($showtopic['comment'], $showtopic['postmode'], $mode, $showtopic['status']);
$showtopic['subject'] = @htmlspecialchars(strip_tags($showtopic['subject']), ENT_QUOTES, COM_getEncodingt());
$showtopic['subject'] = COM_truncate($showtopic['subject'], $_FF_CONF['show_subject_length'], '...');
if ($mode != 'preview' && $uservalid && !COM_isAnonUser() && (isset($_USER['uid']) && $_USER['uid'] == $showtopic['uid'])) {
/* Check if user can still edit this post - within allowed edit timeframe */
$editAllowed = false;
if ($_FF_CONF['allowed_editwindow'] > 0) {
$t1 = $showtopic['date'];
$t2 = $_FF_CONF['allowed_editwindow'];
if (time() - $t2 < $t1) {
$editAllowed = true;
}
} else {
$editAllowed = true;
}
if ($editAllowed) {
$editlink = $_CONF['site_url'] . '/forum/createtopic.php?mode=edittopic&forum=' . $showtopic['forum'] . '&id=' . $showtopic['id'] . '&editid=' . $showtopic['id'] . '&page=' . $page;
$editlinkimg = '<img src="' . _ff_getImage('edit_button') . '" style="vertical-align:middle;" alt="' . $LANG_GF01['EDITICON'] . '" title="' . $LANG_GF01['EDITICON'] . '"/>';
$topictemplate->set_var(array('editlink' => $editlink, 'editlinkimg' => $editlinkimg, 'LANG_edit' => $LANG_GF01['EDITICON']));
}
} else {
$topictemplate->set_var(array('editlink' => '', 'editlinkimg' => '', 'LANG_edit' => ''));
}
if ($highlight != '') {
$showtopic['subject'] = str_replace("{$highlight}", "<span class=\"b\">{$highlight}</span>", $showtopic['subject']);
$showtopic['comment'] = str_replace("{$highlight}", "<span class=\"b\">{$highlight}</span>", $showtopic['comment']);
}
if ($showtopic['pid'] == 0) {
$replytopicid = $showtopic['id'];
$is_lockedtopic = $showtopic['locked'];
$views = $showtopic['views'];
$topictemplate->set_var('read_msg', sprintf($LANG_GF02['msg49'], $views));
if ($is_lockedtopic) {
$topictemplate->set_var('locked_icon', '<img src="' . _ff_getImage('padlock') . '" title="' . $LANG_GF02['msg114'] . '" alt=""/>');
}
} else {
$is_lockedtopic = $showtopic['locked'];
$replytopicid = $showtopic['pid'];
$topictemplate->set_var('read_msg', '');
}
if ($_FF_CONF['allow_user_dateformat']) {
$date = $dt->format($dt->getUserFormat(), true);
} else {
$date = $dt->format($_FF_CONF['default_Topic_Datetime_format'], true);
}
$topictemplate->set_var('posted_date', $date);
if ($mode != 'preview') {
if (!COM_isAnonUser()) {
$bmArray = _ff_cacheBookMarks($_USER['uid']);
if (isset($bmArray[$showtopic['id']])) {
$topictemplate->set_var('bookmark_icon', '<img src="' . _ff_getImage('star_on_sm') . '" title="' . $LANG_GF02['msg204'] . '" alt=""/>');
$topictemplate->set_var('bookmarked', true);
} else {
$topictemplate->set_var('bookmark_icon', '<img src="' . _ff_getImage('star_off_sm') . '" title="' . $LANG_GF02['msg203'] . '" alt=""/>');
$topictemplate->unset_var('bookmarked');
}
}
$topictemplate->clear_var(array('quotelink', 'quotelinkimg', 'LANG_quote'));
if ($is_lockedtopic == 0) {
$is_readonly = $showtopic['is_readonly'];
if ($is_readonly == 0 || forum_modPermission($showtopic['forum'], COM_isAnonUser() ? 1 : $_USER['uid'], 'mod_edit')) {
if ($canPost != 0) {
$quotelink = $_CONF['site_url'] . '/forum/createtopic.php?mode=newreply&forum=' . $showtopic['forum'] . '&id=' . $replytopicid . '&quoteid=' . $showtopic['id'];
$quotelinkimg = '<img src="' . _ff_getImage('quote_button') . '" style="vertical-align:middle;" alt="' . $LANG_GF01['QUOTEICON'] . '" title="' . $LANG_GF01['QUOTEICON'] . '"/>';
$topictemplate->set_var(array('quotelink' => $quotelink, 'quotelinkimg' => $quotelinkimg, 'LANG_quote' => $LANG_GF01['QUOTEICON']));
}
}
}
$topictemplate->set_var(array('topic_post_link_begin' => '<a name="' . $showtopic['id'] . '">', 'topic_post_link_end' => '</a>'));
$mod_functions = _ff_getmodFunctions($showtopic);
$topictemplate->clear_var(array('profilelink', 'profilelinkimg', 'LANG_profile'));
$topictemplate->clear_var(array('pmlink', 'pmlinkimg', 'LANG_pm'));
if ($showtopic['uid'] > 1 && $uservalid) {
$profile_link = $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $showtopic['uid'];
$profile_linkimg = '<img src="' . _ff_getImage('profile_button') . '" style="border:none;vertical-align:middle;" alt="' . $LANG_GF01['ProfileLink'] . '" title="' . $LANG_GF01['ProfileLink'] . '"/>';
$topictemplate->set_var(array('profilelink' => $profile_link, 'profilelinkimg' => $profile_linkimg, 'LANG_profile' => $LANG_GF01['ProfileLink']));
if ($_FF_CONF['use_pm_plugin'] && (!COM_isAnonUser() && $_USER['uid'] != $showtopic['uid'])) {
$pmplugin_link = forumPLG_getPMlink($showtopic['uid']);
if ($pmplugin_link != '') {
$pm_link = $pmplugin_link;
$pm_linkimg = '<img src="' . _ff_getImage('pm_button') . '" style="vertical-align:middle;" alt="' . $LANG_GF01['PMLink'] . '" title="' . $LANG_GF01['PMLink'] . '"/>';
$topictemplate->set_var(array('pmlink' => $pm_link, 'pmlinkimg' => $pm_linkimg, 'LANG_pm' => $LANG_GF01['PMLink']));
}
}
}
$topictemplate->clear_var(array('emaillink', 'emaillinkimg', 'LANG_email'));
if (isset($userarray['email']) && $userarray['email'] != '' && $showtopic["uid"] > 1 && $userarray['emailfromuser'] == 1) {
$email_link = $_CONF['site_url'] . '/profiles.php?uid=' . $showtopic['uid'];
$email_linkimg = '<img src="' . _ff_getImage('email_button') . '" style="vertical-align:middle;" alt="' . $LANG_GF01['EmailLink'] . '" title="' . $LANG_GF01['EmailLink'] . '"/>';
$topictemplate->set_var(array('emaillink' => $email_link, 'emaillinkimg' => $email_linkimg, 'LANG_email' => $LANG_GF01['EmailLink']));
}
$topictemplate->clear_var(array('websitelink', 'websitelinkimg', 'LANG_website'));
if (isset($userarray['homepage']) && $userarray['homepage'] != '') {
$homepage = trim($userarray['homepage']);
if (!preg_match("/http/i", $homepage)) {
$homepage = 'http://' . $homepage;
}
$homepageimg = '<img src="' . _ff_getImage('website_button') . '" style="vertical-align:middle;" alt="' . $LANG_GF01['WebsiteLink'] . '" title="' . $LANG_GF01['WebsiteLink'] . '"/>';
$topictemplate->set_var(array('websitelink' => $homepage, 'websitelinkimg' => $homepageimg, 'LANG_website' => $LANG_GF01['WebsiteLink']));
}
$back2 = $LANG_GF01['back2top'];
$backlink = '<center><a href="' . $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . $replytopicid . '">' . $back2 . '</a></center>';
} else {
if (!isset($_GET['onlytopic']) || $_GET['onlytopic'] != 1) {
$topictemplate->set_var('preview_topic_subject', $showtopic['subject']);
} else {
$topictemplate->set_var('preview_topic_subject', '');
}
$topictemplate->set_var('read_msg', '');
$topictemplate->set_var('locked_icon', '');
// Check and see if there are no [file] bbcode tags in content and reset the show_inline value
// This is needed in case user had used the file bbcode tag and then removed it
$imagerecs = '';
if (is_array($forumfiles)) {
$imagerecs = implode(',', $forumfiles);
}
if (!empty($_POST['uniqueid'])) {
$uniqueid = COM_applyFilter($_POST['uniqueid'], true);
$sql = "UPDATE {$_TABLES['ff_attachments']} SET show_inline = 0 WHERE topic_id=" . (int) $uniqueid . " ";
if ($imagerecs != '') {
$sql .= "AND id NOT IN ({$imagerecs})";
}
DB_query($sql);
} else {
if (isset($_POST['id'])) {
$tid = COM_applyFilter($_POST['id'], true);
$sql = "UPDATE {$_TABLES['ff_attachments']} SET show_inline = 0 WHERE topic_id=" . (int) $tid . " ";
if ($imagerecs != '') {
$sql .= "AND id NOT IN ({$imagerecs})";
}
DB_query($sql);
}
}
}
$uniqueid = isset($_POST['uniqueid']) ? COM_applyFilter($_POST['uniqueid'], true) : 0;
if ($showtopic['id'] > 0 && (!isset($_POST['action']) || $_POST['action'] != 'newreply')) {
$topictemplate->set_var('attachments', _ff_showattachments((int) $showtopic['id']));
} elseif ($uniqueid > 0) {
$topictemplate->set_var('attachments', _ff_showattachments((int) $uniqueid));
}
if (SEC_inGroup('Root') && function_exists('plugin_cclabel_nettools') && isset($showtopic['ip'])) {
$iplink = '<a href="' . $_CONF['site_admin_url'] . '/plugins/nettools/whois.php?domain=' . $showtopic['ip'] . '" target="_new">' . $showtopic['ip'] . '</a>';
$topictemplate->set_var('ipaddress', $iplink);
} else {
$topictemplate->set_var('ipaddress', '');
}
$voteHTML = '';
if ($_FF_CONF['enable_user_rating_system']) {
if ($showtopic['uid'] > 1) {
//not an anonymous poster
// grab the poster's current rating...
$rating = _ff_getUserRating($showtopic['uid']);
if ($rating > 0) {
$grade = '+' . $rating;
} else {
$grade = $rating;
}
//Find out if user has rights to increase / decrease score
if (!COM_isAnonUser() && $_USER['uid'] != $showtopic['uid']) {
//Can't vote for yourself & must be logged in
if (!isset($_user_already_voted[$showtopic['uid']])) {
$_user_already_voted[$showtopic['uid']] = DB_getItem($_TABLES['ff_rating_assoc'], 'grade', "user_id = " . (int) $showtopic['uid'] . ' AND voter_id = ' . (int) $_USER['uid']);
}
if ($_user_already_voted[$showtopic['uid']] == '') {
// user has never voted for this poster
$vote_language = $LANG_GF01['grade_user'];
$plus_vote = '<a href="#" onclick="ajax_voteuser(' . $_USER['uid'] . ',' . $showtopic['uid'] . ',' . $showtopic['id'] . ',1,1);return false;"><img src="' . $_CONF['site_url'] . '/forum/images/plus.png" alt="plus" /></a>';
$minus_vote = '<a href="#" onclick="ajax_voteuser(' . $_USER['uid'] . ',' . $showtopic['uid'] . ',' . $showtopic['id'] . ',-1,1);return false;"><img src="' . $_CONF['site_url'] . '/forum/images/minus.png" alt="minus" /></a>';
$min_height = $min_height + 10;
} else {
// user has already voted for this poster
$vote_language = $LANG_GF01['retract_grade'];
if ($_user_already_voted[$showtopic['uid']] > 0) {
// gave a +1 show the minus to retract
$plus_vote = '';
$minus_vote = '<a href="#" onclick="ajax_voteuser(' . $_USER['uid'] . ',' . $showtopic['uid'] . ',' . $showtopic['id'] . ',-1,0);return false;"><img src="' . $_CONF['site_url'] . '/forum/images/minus.png" alt="minus" /></a>';
$min_height = $min_height + 10;
} else {
// gave a -1 show the plus to retract
$minus_vote = '';
$plus_vote = '<a href="#" onclick="ajax_voteuser(' . $_USER['uid'] . ',' . $showtopic['uid'] . ',' . $showtopic['id'] . ',1,0);return false;"><img src="' . $_CONF['site_url'] . '/forum/images/plus.png" alt="plus" /></a>';
$min_height = $min_height + 10;
}
}
$voteHTML = '<div class="c' . $showtopic['uid'] . '"><span id="vote' . $showtopic['id'] . '">' . $vote_language . '<br />' . $minus_vote . $plus_vote . '<br />' . $LANG_GF01['grade'] . ': ' . $grade . '</span></div>';
} else {
// display 'rating'
$voteHTML = $LANG_GF01['grade'] . ': ' . $grade;
}
}
}
$topictemplate->set_var(array('user_name' => isset($username) ? $username : '******', 'vote_html' => $voteHTML, 'csscode' => $onetwo, 'postmode' => $showtopic['postmode'], 'userlink' => $userlink, 'lang_forum' => $LANG_GF01['FORUM'], 'user_levelname' => isset($user_levelname) ? $user_levelname : '', 'user_level' => isset($user_level) ? $user_level : '', 'magical_image' => isset($moodimage) ? $moodimage : '', 'avatar' => isset($avatar) ? $avatar : '', 'onlinestatus' => isset($onlinestatus) ? $onlinestatus : '', 'regdate' => isset($regdate) ? $regdate : '', 'numposts' => isset($numposts) ? $numposts : '', 'location' => isset($location) ? wordwrap(COM_truncate($location, 100), 20, '<br />') : '', 'topic_subject' => $showtopic['subject'], 'LANG_ON2' => $LANG_GF01['ON2'], 'mod_functions' => isset($mod_functions) ? $mod_functions : '', 'topic_comment' => $showtopic['comment'], 'subject' => $showtopic['subject'], 'comment_minheight' => "min-height:{$min_height}px", 'forumid' => $showtopic['forum'], 'topic_id' => $showtopic['id'], 'parent_id' => $replytopicid, 'back_link' => isset($backlink) ? $backlink : '', 'member_badge' => forumPLG_getMemberBadge($showtopic['uid'])));
if ($replytopicid != 0) {
$topictemplate->set_var('prefix', $LANG_GF01['RE']);
} else {
$topictemplate->set_var('prefix', '');
}
if (isset($sig) && trim($sig) != '') {
$topictemplate->set_var('sig', PLG_replaceTags($sig, 'forum', 'signature'));
} else {
$topictemplate->set_var('sig', '');
}
}
/**
* used for the lists of submissions and draft stories in admin/moderation.php
*
* @param string $fieldName
* @param string $fieldValue
* @param array $A
* @param array $icon_arr
* @return string
*/
function ADMIN_getListField_moderation($fieldName, $fieldValue, $A, $icon_arr)
{
global $_CONF, $_TABLES, $LANG_ADMIN;
$type = '';
if (isset($A['_moderation_type'])) {
$type = $A['_moderation_type'];
}
switch ($fieldName) {
case 'edit':
$retval = COM_createLink($icon_arr['edit'], $A['edit']);
break;
case 'delete':
$retval = "<input type=\"radio\" name=\"action[{$A['row']}]\" value=\"delete\"" . XHTML . ">";
break;
case 'approve':
$retval = "<input type=\"radio\" name=\"action[{$A['row']}]\" value=\"approve\"" . XHTML . ">" . "<input type=\"hidden\" name=\"id[{$A['row']}]\" value=\"{$A[0]}\"" . XHTML . ">";
break;
case 'day':
$retval = strftime($_CONF['daytime'], $A['day']);
break;
case 'tid':
$retval = DB_getItem($_TABLES['topics'], 'topic', "tid = '{$A['tid']}'");
break;
case 'uid':
$name = '';
if ($A['uid'] == 1) {
$name = htmlspecialchars(COM_stripslashes(DB_getItem($_TABLES['commentsubmissions'], 'name', "cid = '{$A['id']}'")));
}
if (empty($name)) {
$name = COM_getDisplayName($A['uid']);
}
if ($A['uid'] == 1) {
$retval = $name;
} else {
$retval = COM_createLink($name, $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $A['uid']);
}
break;
case 'publishfuture':
if (!SEC_inGroup('Comment Submitters', $A['uid']) && $A['uid'] > 1) {
$retval = "<input type=\"checkbox\" name=\"publishfuture[]\" value=\"{$A['uid']}\"" . XHTML . ">";
} else {
$retval = $LANG_ADMIN['na'];
}
break;
default:
if ($fieldName == 4 && ($type === 'story' || $type === 'story_draft')) {
$retval = TOPIC_getTopicAdminColumn('article', $A[0]);
} elseif ($fieldName == 2 && $type === 'comment') {
$commentText = COM_getTextContent($A['comment']);
$excerpt = htmlspecialchars(COM_truncate($commentText, 140, '...'));
// try to provide a link to the parent item (e.g. article, poll)
$info = PLG_getItemInfo($A['type'], $A['sid'], 'title,url');
if (empty($info) || empty($info[0]) || empty($info[1])) {
// if not available, display excerpt from the comment
$retval = htmlspecialchars(COM_truncate($commentText, 40, '...'));
if (strlen($commentText) > 40) {
$retval = '<span title="' . $excerpt . '">' . $retval . '</span>';
}
} else {
$retval = COM_createLink($info[0], $info[1], array('title' => $excerpt));
}
} else {
$retval = COM_makeClickableLinks(stripslashes($fieldValue));
}
break;
}
return $retval;
}
/**
* Return list of articles for the Related Items block
*
* @param array $tids list of topic ids
* @param int $max maximum number of items to return
* @param int $trim max length of text
* @return array array of links to related articles with unix timestamp as key
*/
function plugin_getrelateditems_story($tids, $max, $trim)
{
global $_CONF, $_TABLES;
$where_sql = '';
$archivetid = DB_getItem($_TABLES['topics'], 'tid', "archive_flag=1");
if (!empty($archivetid)) {
$where_sql = " AND (ta.tid <> '{$archivetid}')";
}
// Find the newest stories the user has access too
$sql = "SELECT sid, title, UNIX_TIMESTAMP(date) s_date\n FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta\n WHERE ta.type = 'article' AND ta.id = sid AND (ta.tid IN ('" . implode("','", $tids) . "'))\n AND (date <= NOW()) AND (draft_flag = 0)" . $where_sql . COM_getPermSQL('AND') . COM_getLangSQL('sid', 'AND') . "\n GROUP BY sid ORDER BY s_date DESC LIMIT {$max}";
$result = DB_query($sql);
$nrows = DB_numRows($result);
$newstories = array();
if ($nrows > 0) {
for ($x = 0; $x < $nrows; $x++) {
$A = DB_fetchArray($result);
$url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']);
$title = COM_undoSpecialChars(stripslashes($A['title']));
if ($trim > 0) {
$titletouse = COM_truncate($title, $trim, '...');
} else {
$titletouse = $title;
}
if ($title != $titletouse) {
$attr = array('title' => htmlspecialchars($title));
} else {
$attr = array();
}
$astory = str_replace('$', '$', $titletouse);
$astory = str_replace(' ', ' ', $astory);
$newstories[$A['s_date']] = COM_createLink($astory, $url, $attr);
}
}
return $newstories;
}
$subject = '';
$is_forum = $LANG_GF02['msg138'];
$topic_link = '<a href="' . $_CONF['site_url'] . '/forum/index.php?forum=' . $forum_id . '" title="' . $subject . '">' . $subject . '</a>';
} else {
if ($topic_id < 0) {
$neg_subscription = true;
$topic_id = -$topic_id;
} else {
$neg_subscription = false;
}
$result = DB_query("SELECT subject,name,replies,views,uid,id FROM {$_TABLES['forum_topic']} WHERE id = '{$topic_id}'");
$A = DB_fetchArray($result);
if ($A['subject'] == '') {
$subject = $LANG_GF01['MISSINGSUBJECT'];
} elseif (strlen($A['subject']) > 50) {
$subject = htmlspecialchars(COM_truncate($A['subject'], 50, '...'), ENT_QUOTES, $CONF_FORUM['charset']);
} else {
$subject = htmlspecialchars($A['subject'], ENT_QUOTES, $CONF_FORUM['charset']);
}
$topic_link = '<a href="' . $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . $topic_id . '" title="';
$topic_link .= $subject . '">' . $subject . '</a>';
}
$report->set_var('id', $notify_recid);
$report->set_var('csscode', $i % 2 + 1);
$report->set_var('forum', $forum_name);
$report->set_var('linksubject', htmlspecialchars($subject, ENT_QUOTES, $CONF_FORUM['charset']));
$report->set_var('is_forum', $is_forum);
$report->set_var('topic_link', $topic_link);
$report->set_var('topicauthor', $A['name']);
$report->set_var('date_added', $date_added);
$report->set_var('uid', $A['uid']);
function getPath_ul($hot = 0, $sortOrder = 0, $page = 0)
{
global $MG_albums, $_MG_CONF;
$path = '<li>' . ($hot ? '<a href="' . $_MG_CONF['site_url'] . '/album.php?aid=' . $this->id . '&sort=' . $sortOrder . '&page=' . $page . '">' : '') . ($_MG_CONF['truncate_breadcrumb'] > 0 ? COM_truncate(strip_tags($this->title), $_MG_CONF['truncate_breadcrumb'], '...') : strip_tags($this->title)) . '</li>';
$tree = $MG_albums[$this->parent];
while ($tree->id != 0) {
$path = '<li><a href="' . $_MG_CONF['site_url'] . '/album.php?aid=' . $tree->id . '&sort=' . $sortOrder . '">' . ($_MG_CONF['truncate_breadcrumb'] > 0 ? COM_truncate(strip_tags($tree->title), $_MG_CONF['truncate_breadcrumb'], '...') : strip_tags($tree->title)) . '</a></li>' . $path;
$tree = $MG_albums[$tree->parent];
}
return $path;
}
/**
* Callback function to help format links in COM_makeClickableLinks
*
* @param string $http set to 'http://' when not already in the url
* @param string $link the url
* @return string link enclosed in <a>...</a> tags
*
*/
function COM_makeClickableLinksCallback($http, $link)
{
global $_CONF;
static $encoding = null;
if ($encoding === null) {
$encoding = COM_getEncodingt();
}
if (substr($link, -1) === '.') {
$link = substr($link, 0, -1);
$end = '.';
} else {
$end = '';
}
if (isset($_CONF['linktext_maxlen']) && $_CONF['linktext_maxlen'] > 0) {
$text = COM_truncate($link, $_CONF['linktext_maxlen'], '...', 10);
} else {
$text = $link;
}
$text = htmlspecialchars($text, ENT_QUOTES, $encoding);
return '<a href="' . $http . $link . '">' . $text . '</a>' . $end;
}
// Check for SPAM
$spamcheck = '<h1>' . $_POST['subject'] . '</h1><p>' . $_POST['comment'] . '</p>';
$result = PLG_checkforSpam($spamcheck, $_CONF['spamx']);
// Now check the result and redirect to index.php if spam action was taken
if ($result > 0) {
// then tell them to get lost ...
$display .= COM_showMessage($result, 'spamx');
$display = gf_createHTMLDocument($display);
COM_output($display);
exit;
}
}
$postmode = gf_chkpostmode($postmode, $mode_switch);
$subject = gf_preparefordb(strip_tags($_POST['subject']), 'text');
if (strlen($subject) > 100) {
$subject = COM_truncate($subject, 99, '...');
}
$comment = gf_preparefordb($_POST['comment'], $postmode);
$locked = 0;
$sticky = 0;
if ($_POST['modedit'] == 1) {
if ($_POST['locked_switch'] == 1) {
$locked = 1;
}
if ($_POST['sticky_switch'] == 1) {
$sticky = 1;
}
}
$fields = "forum,name,date,lastupdated,subject,comment,postmode,ip,mood,uid,pid,sticky,locked";
$sql = "INSERT INTO {$_TABLES['forum_topic']} ({$fields}) ";
$sql .= "VALUES ('{$forum}','{$name}','{$date}',{$date},'{$subject}','{$comment}', ";
/**
* return a field value for the block administration list
*
*/
function BLOCK_getListField($fieldname, $fieldvalue, $A, $icon_arr, $token)
{
global $_CONF, $LANG_ADMIN, $LANG21, $_IMAGE_TYPE;
$retval = false;
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
$enabled = $A['is_enabled'] == 1 ? true : false;
if ($access > 0 && BLOCK_hasTopicAccess($A['tid']) > 0) {
switch ($fieldname) {
case 'edit':
$retval = '';
if ($access == 3) {
$attr['title'] = $LANG_ADMIN['edit'];
$retval .= COM_createLink($icon_arr['edit'], $_CONF['site_admin_url'] . '/block.php?edit=x&bid=' . $A['bid'], $attr);
}
break;
case 'blockorder':
$order = $A['blockorder'];
$retval = $enabled ? $order : '<span class="disabledfield">' . $order . '</span>';
break;
case 'move':
if ($access == 3) {
if ($A['onleft'] == 1) {
$side = $LANG21[40];
$blockcontrol_image = 'block-right.' . $_IMAGE_TYPE;
$moveTitleMsg = $LANG21[59];
$switchside = '1';
} else {
$blockcontrol_image = 'block-left.' . $_IMAGE_TYPE;
$moveTitleMsg = $LANG21[60];
$switchside = '0';
}
$retval .= "<img src=\"{$_CONF['layout_url']}/images/admin/{$blockcontrol_image}\" width=\"45\" height=\"20\" usemap=\"#arrow{$A['bid']}\" alt=\"\">" . "<map id=\"arrow{$A['bid']}\" name=\"arrow{$A['bid']}\">" . "<area coords=\"0,0,12,20\" title=\"{$LANG21[58]}\" href=\"{$_CONF['site_admin_url']}/block.php?move=1&bid={$A['bid']}&where=up&" . CSRF_TOKEN . "={$token}\" alt=\"{$LANG21[58]}\">" . "<area coords=\"13,0,29,20\" title=\"{$moveTitleMsg}\" href=\"{$_CONF['site_admin_url']}/block.php?move=1&bid={$A['bid']}&where={$switchside}&" . CSRF_TOKEN . "={$token}\" alt=\"{$moveTitleMsg}\">" . "<area coords=\"30,0,43,20\" title=\"{$LANG21[57]}\" href=\"{$_CONF['site_admin_url']}/block.php?move=1&bid={$A['bid']}&where=dn&" . CSRF_TOKEN . "={$token}\" alt=\"{$LANG21[57]}\">" . "</map>";
}
break;
case 'name':
$name = COM_truncate($A['name'], 20, ' ...', true);
$retval = $enabled ? $name : '<span class="disabledfield">' . $name . '</span>';
break;
case 'title':
$title = COM_truncate(strip_tags($A['title']), 20, ' ...', true);
$retval = $enabled ? $title : '<span class="disabledfield">' . $title . '</span>';
break;
case 'tid':
$topic = COM_truncate($A['tid'], 20, ' ...', true);
$retval = $enabled ? $topic : '<span class="disabledfield">' . $topic . '</span>';
break;
case 'delete':
$retval = '';
if ($access == 3 && $A['type'] != 'gldefault') {
$attr['title'] = $LANG_ADMIN['delete'];
$attr['onclick'] = "return confirm('" . $LANG21[69] . "');";
$retval .= COM_createLink($icon_arr['delete'], $_CONF['site_admin_url'] . '/block.php' . '?delete=x&bid=' . $A['bid'] . '&' . CSRF_TOKEN . '=' . $token, $attr);
}
break;
case 'is_enabled':
if ($access == 3) {
if ($enabled) {
$switch = ' checked="checked"';
$title = 'title="' . $LANG_ADMIN['disable'] . '" ';
} else {
$title = 'title="' . $LANG_ADMIN['enable'] . '" ';
$switch = '';
}
$retval = '<input class="blk-clicker" type="checkbox" id="enabledblocks[' . $A['bid'] . ']" name="enabledblocks[' . $A['bid'] . ']" ' . $title . 'onclick="submit()" value="' . $A['bid'] . '"' . $switch . '>';
$retval .= '<input type="hidden" name="bidarray[' . $A['bid'] . ']" value="' . $A['onleft'] . '" >';
}
break;
default:
$retval = $enabled ? $fieldvalue : '<span class="disabledfield">' . $fieldvalue . '</span>';
break;
}
}
return $retval;
}
/**
* Display a monthly calendar.
* Dates that have events scheduled are highlighted.
*
* @param integer $year Year to display, default is current year
* @param integer $month Starting month
* @param integer $day Starting day
* @param integer $cat Event category
* @plaram integer $cal Calendar ID
* @return string HTML for calendar page
*/
function EVLIST_monthview($year = 0, $month = 0, $day = 0, $cat = 0, $cal = 0, $opt = '')
{
global $_CONF, $_EV_CONF, $LANG_MONTH;
EVLIST_setViewSession('month', $year, $month, $day);
$retval = '';
list($currentyear, $currentmonth, $currentday) = explode('-', $_EV_CONF['_today']);
// Default to the current month
if ($year == 0) {
$year = $currentyear;
}
if ($month == 0) {
$month = $currentmonth;
}
if ($day == 0) {
$day = $currentday;
}
$cat = (int) $cat;
$cal = (int) $cal;
// Set the calendar header.
$cal_header = EVLIST_calHeader($year, $month, $day, 'month', $cat, $cal);
// Get all the dates in the month
$calendarView = Date_Calc::getCalendarMonth($month, $year, '%Y-%m-%d');
$x = count($calendarView) - 1;
$y = count($calendarView[$x]) - 1;
$starting_date = $calendarView[0][0];
$ending_date = $calendarView[$x][$y];
$daynames = EVLIST_getDayNames();
$events = EVLIST_getEvents($starting_date, $ending_date, array('cat' => $cat, 'cal' => $cal));
$nextmonth = $month + 1;
$nextyear = $year;
if ($nextmonth > 12) {
$nextmonth = 1;
$nextyear = $year + 1;
}
$prevmonth = $month - 1;
$prevyear = $year;
if ($prevmonth < 1) {
$prevmonth = 12;
$prevyear = $year - 1;
}
$tplpath = EVLIST_PI_PATH . '/templates/monthview';
$tpl = 'monthview';
if ($opt == 'print') {
$tpl .= '_print';
} elseif ($_EV_CONF['cal_tmpl'] == 'json') {
$tpl .= '_json';
}
$T = new Template($tplpath);
$T->set_file(array('monthview' => $tpl . '.thtml', 'allday_event' => 'event_allday.thtml', 'timed_event' => 'event_timed.thtml'));
foreach ($daynames as $key => $dayname) {
$T->set_var('dayname' . $key, $dayname);
}
list($y, $m, $d) = explode('-', $starting_date);
$weekOfYear = Date_Calc::weekOfYear($d, $m, $y);
$calendars_used = array();
$i = 0;
$T->set_block('monthview', 'weekBlock', 'wBlock');
foreach ($calendarView as $weeknum => $weekdata) {
list($weekYear, $weekMonth, $weekDay) = explode('-', $weekdata[0]);
$T->set_var(array('wyear' => $weekYear, 'wmonth' => $weekMonth, 'wday' => $weekDay, 'urlfilt_cat' => $cat, 'urlfilt_cal' => $cal, 'weeknum' => $weekOfYear, $tplx => 'true'));
$weekOfYear++;
foreach ($weekdata as $daynum => $daydata) {
list($y, $m, $d) = explode('-', $daydata);
if ($daydata == $_EV_CONF['_today']) {
$dayclass = 'today';
} elseif ($m == $month) {
$dayclass = 'on';
} else {
$dayclass = 'other-month';
}
$T->set_var('cal_day_anchortags', COM_createLink(sprintf("%02d", $d), EVLIST_URL . '/index.php?view=day&' . "cat={$cat}&cal={$cal}" . "&day={$d}&month={$m}&year={$y}", array('class' => 'cal-date')));
if (!isset($events[$daydata])) {
// Just to avoid foreach() errors
$events[$daydata] = array();
}
$dayentries = '';
$T->clear_var('cal_day_entries');
$T->set_block('monthview', 'dayBlock', 'dBlock');
foreach ($events[$daydata] as $event) {
if (empty($event['title'])) {
continue;
}
$ev_hover = '';
$ev_title = COM_truncate($event['title'], 40, '...');
// Sanitize fields for display. No HTML in the popup.
$title = htmlentities(strip_tags($event['title']));
$summary = htmlentities(strip_tags($event['summary']));
// add the calendar to the array to create the JS checkboxes
$calendars_used[$event['cal_id']] = array('cal_name' => $event['cal_name'], 'cal_ena_ical' => $event['cal_ena_ical'], 'cal_id' => $event['cal_id'], 'fgcolor' => $event['fgcolor'], 'bgcolor' => $event['bgcolor']);
// Create the hover tooltip. Timed events show the times first
if ($event['allday'] == 0) {
$ev_hover = date($_CONF['timeonly'], strtotime($event['rp_date_start'] . ' ' . $event['rp_time_start1']));
if ($event['split'] == 1 && !empty($event['rp_time_start2'])) {
$ev_hover .= ' & ' . date($_CONF['timeonly'], strtotime($event['rp_date_start'] . ' ' . $event['rp_time_start2']));
}
$ev_hover .= ' - ';
} else {
$ev_hover = '';
}
// All events show the summary or title, if available
if (!empty($summary)) {
$ev_hover .= $summary;
} else {
$ev_hover .= $title;
}
$T->set_var(array('cal_id' => $event['cal_id'], 'cal_id_url' => $cal_id, 'cat_id' => $cat, 'ev_hover' => $ev_hover, 'ev_title' => $ev_title, 'eid' => $event['rp_id'], 'fgcolor' => $event['fgcolor'], 'bgcolor' => $event['bgcolor'], 'pi_url' => EVLIST_URL));
if ($event['allday'] == 1) {
$dayentries .= $T->parse('output', 'allday_event', true);
} else {
$dayentries .= $T->parse('output', 'timed_event', true);
}
}
// Now set the vars for the entire day block
$T->set_var(array('year' => $y, 'month' => $m, 'day' => $d, 'cal_day_style' => $dayclass, 'pi_url' => EVLIST_URL, 'cal_day_entries' => $dayentries));
//if ($_EV_CONF['_can_add']) {
if (EVLIST_canSubmit()) {
// Add the "Add Event" link for the day
$T->set_var('can_add', 'true');
}
$T->parse('dBlock', 'dayBlock', true);
}
$T->parse('wBlock', 'weekBlock', true);
$T->clear_var('dBlock');
}
$T->set_var(array('pi_url' => EVLIST_URL, 'thisyear' => $year, 'thismonth' => $month, 'thismonth_str' => $LANG_MONTH[(int) $month], 'prevmonth' => $prevmonth, 'prevyear' => $prevyear, 'nextmonth' => $nextmonth, 'nextyear' => $nextyear, 'urlfilt_cat' => (int) $cat, 'urlfilt_cal' => (int) $cal, 'cal_header' => $cal_header, 'cal_footer' => EVLIST_calFooter($calendars_used), 'cal_checkboxes' => EVLIST_cal_checkboxes($calendars_used), 'site_name' => $_CONF['site_name'], 'site_slogan' => $_CONF['site_slogan']));
$T->parse('output', 'monthview');
return $T->finish($T->get_var('output'));
}
function buildAlbumBox(&$album_selectbox, $selected, $access = 1, $hide = 0, $type = 'upload', $level = 0)
{
global $_USER, $_MG_CONF;
$_MG_USERPREFS = MG_getUserPrefs();
$mgadmin = SEC_hasRights('mediagallery.admin');
$count = 0;
$indent = '';
$z = 0;
while ($z < $level) {
$indent .= " ";
$z++;
}
if ($type == 'upload') {
if ($_MG_CONF['member_albums'] && $this->isMemberAlbum() && $this->owner_id == $_USER['uid'] && $_MG_USERPREFS['active'] || $this->member_uploads && $this->access >= 2 || $this->access >= $access || $mgadmin) {
if ($this->id != $hide) {
if (!$this->hidden || $this->hidden && $mgadmin) {
if ($this->id != 0) {
$album_selectbox .= '<option value="' . $this->id . '"' . ($this->id == $selected ? ' selected="selected" ' : '') . '>' . $indent;
$tatitle = strip_tags($this->title);
if (strlen($tatitle) > 50) {
$aTitle = COM_truncate($tatitle, 50) . '...';
} else {
$aTitle = $tatitle;
}
$album_selectbox .= $aTitle . '</option>';
$count++;
}
}
}
}
}
if ($type == 'edit') {
if ($this->id == $selected || $_MG_CONF['member_albums'] && $_MG_CONF['member_album_root'] == $this->id && $_MG_CONF['member_create_new'] && $_MG_USERPREFS['active'] || $this->access >= $access) {
if ($this->id != $hide) {
if (!$this->hidden || $mgadmin) {
$album_selectbox .= '<option value="' . $this->id . '"' . ($this->id == $selected ? ' selected="selected" ' : '') . '>' . $indent;
$tatitle = strip_tags($this->title);
if (strlen($tatitle) > 50) {
$aTitle = COM_truncate($tatitle, 50) . '...';
} else {
$aTitle = $tatitle;
}
//$aTitle = $tatitle; // . '(' . $this->access . ')';
$album_selectbox .= $aTitle . '</option>';
$count++;
}
}
}
}
if ($type == 'create') {
if ($_MG_CONF['member_albums'] && $_MG_CONF['member_album_root'] == $this->id && $_MG_CONF['member_create_new'] && $_MG_USERPREFS['active'] || $this->access >= $access) {
if ($this->id != $hide) {
if (!$this->hidden || $this->hidden && $mgadmin) {
if ($this->id != 0 || ($mgadmin || $_MG_CONF['member_albums'] == 1 && $_MG_CONF['member_album_root'] == 0 && $_MG_CONF['member_create_new'])) {
$album_selectbox .= '<option value="' . $this->id . '"' . ($this->id == $selected ? ' selected="selected" ' : '') . '>' . $indent;
$tatitle = strip_tags($this->title);
if (strlen($tatitle) > 50) {
$aTitle = COM_truncate($tatitle, 50) . '...';
} else {
$aTitle = $tatitle;
}
$album_selectbox .= $aTitle . '</option>';
$count++;
}
}
}
}
}
if ($type == 'manage') {
if ($this->access >= $access) {
if (!$this->hidden || $this->hidden && $mgadmin) {
if ($this->id != 0 || ($mgadmin || $_MG_CONF['member_albums'] == 1 && $_MG_CONF['member_album_root'] == 0 && $_MG_CONF['member_create_new'])) {
$album_selectbox .= '<option ' . ($this->id == $hide ? 'disabled="disabled" ' : '') . ' value="' . $this->id . '"' . ($this->id == $selected && $this->id != $hide ? ' selected="selected" ' : '') . '>' . $indent;
$tatitle = strip_tags($this->title);
if (strlen($tatitle) > 50) {
$aTitle = COM_truncate($tatitle, 50) . '...';
} else {
$aTitle = $tatitle;
}
$album_selectbox .= $aTitle . '</option>';
$count++;
}
}
}
}
if ($this->id != $hide || $this->id == $hide && $type == 'manage') {
$children = $this->getChildren();
foreach ($children as $child) {
$child_album = new mgAlbum($child);
$count += $child_album->buildAlbumBox($album_selectbox, $selected, $access, $hide, $type, $level + 1);
}
}
return $count;
}
function phpblock_storypicker()
{
global $_TABLES, $_CONF, $topic;
$LANG_STORYPICKER = array('choose' => 'Choose a story');
$max_stories = 5;
//how many stories to display in the list
$topicsql = '';
$sid = '';
if (isset($_GET['story'])) {
$sid = COM_applyFilter($_GET['story']);
$stopic = DB_getItem($_TABLES['stories'], 'tid', 'sid = \'' . DB_escapeString($sid) . '\'');
if (!empty($stopic)) {
$topic = $stopic;
} else {
$sid = '';
}
}
if (empty($topic)) {
if (isset($_GET['topic'])) {
$topic = COM_applyFilter($_GET['topic']);
} elseif (isset($_POST['topic'])) {
$topic = COM_applyFilter($_POST['topic']);
} else {
$topic = '';
}
}
if (!empty($topic)) {
$topicsql = " AND tid = '" . DB_escapeString($topic) . "'";
}
if (empty($topicsql)) {
$topic = DB_getItem($_TABLES['topics'], 'tid', 'archive_flag = 1');
if (empty($topic)) {
$topicsql = '';
} else {
$topicsql = " AND tid <> '" . DB_escapeString($topic) . "'";
}
}
$sql = 'SELECT sid, title FROM ' . $_TABLES['stories'] . ' WHERE draft_flag = 0 AND date <= now()' . COM_getPermSQL(' AND') . COM_getTopicSQL(' AND') . $topicsql . ' ORDER BY date DESC LIMIT ' . $max_stories;
$res = DB_query($sql);
$list = '';
while ($A = DB_fetchArray($res)) {
$url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']);
$list .= '<li><a href=' . $url . '>' . htmlspecialchars(COM_truncate($A['title'], 41, '...')) . "</a></li>\n";
}
return $list;
}
/**
* return a field value for the topic administration list
*
*/
function TOPIC_getListField($fieldname, $fieldvalue, $A, $icon_arr, $token)
{
global $_CONF, $LANG_ADMIN, $LANG27, $_IMAGE_TYPE;
$retval = false;
$access = SEC_inGroup('Topic Admin') ? 3 : SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
if ($access > 0) {
switch ($fieldname) {
case 'edit':
$retval = '';
if ($access == 3) {
$attr['title'] = $LANG_ADMIN['edit'];
$retval .= COM_createLink($icon_arr['edit'], $_CONF['site_admin_url'] . '/topic.php?edit=x&tid=' . $A['tid'], $attr);
}
break;
case 'tid':
$retval = COM_truncate($fieldvalue, 20, ' ...', true);
break;
case 'topic':
$retval = COM_truncate($fieldvalue, 28, ' ...', true);
break;
case 'sort_by':
$retval = $LANG27[30 + $fieldvalue];
break;
case 'is_default':
case 'archive_flag':
$retval = $fieldvalue != 0 ? $icon_arr['check'] : '';
break;
case 'move':
if ($access == 3) {
if ($A['onleft'] == 1) {
$side = $LANG21[40];
$blockcontrol_image = 'block-right.' . $_IMAGE_TYPE;
$moveTitleMsg = $LANG21[59];
$switchside = '1';
} else {
$blockcontrol_image = 'block-left.' . $_IMAGE_TYPE;
$moveTitleMsg = $LANG21[60];
$switchside = '0';
}
$retval .= "<img src=\"{$_CONF['layout_url']}/images/admin/{$blockcontrol_image}\" width=\"45\" height=\"20\" usemap=\"#arrow{$A['bid']}\" alt=\"\"" . XHTML . ">" . "<map id=\"arrow{$A['bid']}\" name=\"arrow{$A['bid']}\">" . "<area coords=\"0,0,12,20\" title=\"{$LANG21[58]}\" href=\"{$_CONF['site_admin_url']}/block.php?move=1&bid={$A['bid']}&where=up&" . CSRF_TOKEN . "={$token}\" alt=\"{$LANG21[58]}\"" . XHTML . ">" . "<area coords=\"13,0,29,20\" title=\"{$moveTitleMsg}\" href=\"{$_CONF['site_admin_url']}/block.php?move=1&bid={$A['bid']}&where={$switchside}&" . CSRF_TOKEN . "={$token}\" alt=\"{$moveTitleMsg}\"" . XHTML . ">" . "<area coords=\"30,0,43,20\" title=\"{$LANG21[57]}\" href=\"{$_CONF['site_admin_url']}/block.php?move=1&bid={$A['bid']}&where=dn&" . CSRF_TOKEN . "={$token}\" alt=\"{$LANG21[57]}\"" . XHTML . ">" . "</map>";
}
break;
case 'delete':
$retval = '';
if ($access == 3) {
$attr['title'] = $LANG_ADMIN['delete'];
$attr['onclick'] = 'return doubleconfirm(\'' . $LANG27[40] . '\',\'' . $LANG27[6] . ' ' . $LANG27[56] . '\');';
$retval .= COM_createLink($icon_arr['delete'], $_CONF['site_admin_url'] . '/topic.php' . '?delete=x&tid=' . $A['tid'] . '&' . CSRF_TOKEN . '=' . $token, $attr);
}
break;
default:
$retval = $fieldvalue;
break;
}
}
return $retval;
}
/**
* Callback function to help format links in COM_makeClickableLinks
*
* @param string $http set to 'http://' when not already in the url
* @param string $link the url
* @return string link enclosed in <a>...</a> tags
*
*/
function COM_makeClickableLinksCallback($http, $link)
{
$text = COM_truncate($link, 50, '...', '10');
return "<a href=\"{$http}{$link}\">{$text}</a>";
}
/**
* Saves the user's information back to the database
*
* @A array User's data
*
*/
function saveuser($A)
{
global $_CONF, $_TABLES, $_USER, $LANG04, $LANG24, $_US_VERBOSE;
if ($_US_VERBOSE) {
COM_errorLog('**** Inside saveuser in usersettings.php ****', 1);
}
$reqid = DB_getItem($_TABLES['users'], 'pwrequestid', "uid = " . (int) $_USER['uid']);
if ($reqid != $A['uid']) {
DB_change($_TABLES['users'], 'pwrequestid', "NULL", 'uid', (int) $_USER['uid']);
COM_accessLog("An attempt was made to illegally change the account information of user {$_USER['uid']}.");
return COM_refresh($_CONF['site_url'] . '/index.php');
}
if (isset($_POST['merge'])) {
if (COM_applyFilter($_POST['remoteuid'], true) != $_USER['uid']) {
echo COM_refresh($_CONF['site_url'] . '/usersettings.php?mode=edit');
}
USER_mergeAccounts();
}
// If not set or possibly removed from template - initialize variable
if (!isset($A['cooktime'])) {
$A['cooktime'] = 0;
} else {
$A['cooktime'] = COM_applyFilter($A['cooktime'], true);
}
// If empty or invalid - set to user default
// So code after this does not fail the user password required test
if ($A['cooktime'] < 0) {
// note that == 0 is allowed!
$A['cooktime'] = $_USER['cookietimeout'];
}
// to change the password, email address, or cookie timeout,
// we need the user's current password
$account_type = DB_getItem($_TABLES['users'], 'account_type', "uid = {$_USER['uid']}");
$service = DB_getItem($_TABLES['users'], 'remoteservice', "uid = {$_USER['uid']}");
if ($service == '') {
$current_password = DB_getItem($_TABLES['users'], 'passwd', "uid = {$_USER['uid']}");
if (!empty($A['newp']) || $A['email'] != $_USER['email'] || $A['cooktime'] != $_USER['cookietimeout']) {
if (empty($A['passwd']) || !SEC_check_hash($A['passwd'], $current_password)) {
return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=83');
} elseif ($_CONF['custom_registration'] && function_exists('CUSTOM_userCheck')) {
$ret = CUSTOM_userCheck($A['username'], $A['email']);
if (!empty($ret)) {
// Need a numeric return for the default message handler
// - if not numeric use default message
if (!is_numeric($ret)) {
$ret['number'] = 97;
}
return COM_refresh("{$_CONF['site_url']}/usersettings.php?msg={$ret}");
}
}
} elseif ($_CONF['custom_registration'] && function_exists('CUSTOM_userCheck')) {
$ret = CUSTOM_userCheck($A['username'], $A['email']);
if (!empty($ret)) {
// Need a numeric return for the default message hander - if not numeric use default message
// - if not numeric use default message
if (!is_numeric($ret)) {
$ret = 97;
}
return COM_refresh("{$_CONF['site_url']}/usersettings.php?msg={$ret}");
}
}
}
// Let plugins have a chance to decide what to do before saving the user, return errors.
$msg = PLG_itemPreSave('useredit', $A['username']);
if (!empty($msg)) {
// need a numeric return value - otherwise use default message
if (!is_numeric($msg)) {
$msg = 97;
}
return COM_refresh("{$_CONF['site_url']}/usersettings.php?msg={$msg}");
}
// no need to filter the password as it's encoded anyway
if ($_CONF['allow_username_change'] == 1) {
$A['new_username'] = $A['new_username'];
if (!empty($A['new_username']) && USER_validateUsername($A['new_username']) && $A['new_username'] != $_USER['username']) {
$A['new_username'] = DB_escapeString($A['new_username']);
if (DB_count($_TABLES['users'], 'username', $A['new_username']) == 0) {
if ($_CONF['allow_user_photo'] == 1) {
$photo = DB_getItem($_TABLES['users'], 'photo', "uid = " . (int) $_USER['uid']);
if (!empty($photo) && strstr($photo, $_USER['username']) !== false) {
$newphoto = preg_replace('/' . $_USER['username'] . '/', $_USER['uid'], $photo, 1);
$imgpath = $_CONF['path_images'] . 'userphotos/';
@rename($imgpath . $photo, $imgpath . $newphoto);
DB_change($_TABLES['users'], 'photo', DB_escapeString($newphoto), "uid", (int) $_USER['uid']);
}
}
DB_change($_TABLES['users'], 'username', $A['new_username'], "uid", (int) $_USER['uid']);
} else {
return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=51');
}
}
}
// a quick spam check with the unfiltered field contents
$profile = '<h1>' . $LANG04[1] . ' ' . $_USER['username'] . '</h1><p>';
// this is a hack, for some reason remoteservice links made SPAMX SLV check barf
if (empty($service)) {
$profile .= COM_createLink($A['homepage'], $A['homepage']) . '<br />';
}
$profile .= $A['location'] . '<br />' . $A['sig'] . '<br />' . $A['about'] . '<br />' . $A['pgpkey'] . '</p>';
$result = PLG_checkforSpam($profile, $_CONF['spamx']);
if ($result > 0) {
COM_displayMessageAndAbort($result, 'spamx', 403, 'Forbidden');
}
$A['email'] = COM_applyFilter($A['email']);
$A['email_conf'] = COM_applyFilter($A['email_conf']);
$A['homepage'] = COM_applyFilter($A['homepage']);
// basic filtering only
$A['fullname'] = COM_truncate(trim(USER_sanitizeName($A['fullname'])), 80);
$A['location'] = strip_tags($A['location']);
$A['sig'] = strip_tags($A['sig']);
$A['about'] = strip_tags($A['about']);
$A['pgpkey'] = strip_tags($A['pgpkey']);
if (!COM_isEmail($A['email'])) {
return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=52');
} else {
if ($A['email'] !== $A['email_conf']) {
return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=78');
} else {
if (emailAddressExists($A['email'], $_USER['uid'])) {
return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=56');
} else {
if ($service == '') {
if (!empty($A['newp'])) {
$A['newp'] = trim($A['newp']);
$A['newp_conf'] = trim($A['newp_conf']);
if ($A['newp'] == $A['newp_conf'] && SEC_check_hash($A['passwd'], $current_password)) {
$passwd = SEC_encryptPassword($A['newp']);
DB_change($_TABLES['users'], 'passwd', DB_escapeString($passwd), "uid", (int) $_USER['uid']);
if ($A['cooktime'] > 0) {
$cooktime = $A['cooktime'];
$token_ttl = $A['cooktime'];
} else {
$cooktime = 0;
$token_ttl = 14400;
}
$ltToken = SEC_createTokenGeneral('ltc', $token_ttl);
SEC_setCookie($_CONF['cookie_password'], $ltToken, time() + $cooktime);
} elseif (!SEC_check_hash($A['passwd'], $current_password)) {
return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=68');
} elseif ($A['newp'] != $A['newp_conf']) {
return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=67');
}
}
} else {
// Cookie
if ($A['cooktime'] > 0) {
$cooktime = $A['cooktime'];
} else {
$cooktime = 0;
}
$ltToken = SEC_createTokenGeneral('ltc', $cooktime);
SEC_setCookie($_CONF['cookie_password'], $ltToken, time() + $cooktime);
}
if ($_US_VERBOSE) {
COM_errorLog('cooktime = ' . $A['cooktime'], 1);
}
if ($A['cooktime'] <= 0) {
$cookie_timeout = 0;
$token_ttl = 14400;
} else {
$cookie_timeout = time() + $A['cooktime'];
$token_ttl = $A['cooktime'];
}
SEC_setCookie($_CONF['cookie_name'], $_USER['uid'], $cookie_timeout, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], true);
DB_query("DELETE FROM {$_TABLES['tokens']} WHERE owner_id=" . (int) $_USER['uid'] . " AND urlfor='ltc'");
if ($cookie_timeout > 0) {
$ltToken = SEC_createTokenGeneral('ltc', $token_ttl);
SEC_setCookie($_CONF['cookie_password'], $ltToken, $cookie_timeout, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], true);
} else {
SEC_setCookie($_CONF['cookie_password'], '', -10000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], true);
}
if ($_CONF['allow_user_photo'] == 1) {
$delete_photo = '';
if (isset($A['delete_photo'])) {
$delete_photo = $A['delete_photo'];
}
$filename = handlePhotoUpload($delete_photo);
}
if (!empty($A['homepage'])) {
$pos = MBYTE_strpos($A['homepage'], ':');
if ($pos === false) {
$A['homepage'] = 'http://' . $A['homepage'];
} else {
$prot = substr($A['homepage'], 0, $pos + 1);
if ($prot != 'http:' && $prot != 'https:') {
$A['homepage'] = 'http:' . substr($A['homepage'], $pos + 1);
}
}
$A['homepage'] = DB_escapeString($A['homepage']);
}
$A['fullname'] = DB_escapeString($A['fullname']);
$A['email'] = DB_escapeString($A['email']);
$A['location'] = DB_escapeString($A['location']);
$A['sig'] = DB_escapeString($A['sig']);
$A['about'] = DB_escapeString($A['about']);
$A['pgpkey'] = DB_escapeString($A['pgpkey']);
if (!empty($filename)) {
if (!file_exists($_CONF['path_images'] . 'userphotos/' . $filename)) {
$filename = '';
}
}
DB_query("UPDATE {$_TABLES['users']} SET fullname='{$A['fullname']}',email='{$A['email']}',homepage='{$A['homepage']}',sig='{$A['sig']}',cookietimeout=" . (int) $A['cooktime'] . ",photo='" . DB_escapeString($filename) . "' WHERE uid=" . (int) $_USER['uid']);
DB_query("UPDATE {$_TABLES['userinfo']} SET pgpkey='{$A['pgpkey']}',about='{$A['about']}',location='{$A['location']}' WHERE uid=" . (int) $_USER['uid']);
// Call custom registration save function if enabled and exists
if ($_CONF['custom_registration'] and function_exists('CUSTOM_userSave')) {
CUSTOM_userSave($_USER['uid']);
}
PLG_userInfoChanged((int) $_USER['uid']);
// at this point, the user information has been saved, but now we're going to check to see if
// the user has requested resynchronization with their remoteservice account
$msg = 5;
// default msg = Your account information has been successfully saved
if (isset($A['resynch'])) {
if ($_CONF['user_login_method']['oauth'] && strpos($_USER['remoteservice'], 'oauth.') === 0) {
$modules = SEC_collectRemoteOAuthModules();
$active_service = count($modules) == 0 ? false : in_array(substr($_USER['remoteservice'], 6), $modules);
if (!$active_service) {
$status = -1;
$msg = 115;
// Remote service has been disabled.
} else {
require_once $_CONF['path_system'] . 'classes/oauthhelper.class.php';
$service = substr($_USER['remoteservice'], 6);
$consumer = new OAuthConsumer($service);
$callback_url = $_CONF['site_url'];
$consumer->setRedirectURL($callback_url);
$user = $consumer->authenticate_user();
$consumer->doSynch($user);
}
}
if ($msg != 5) {
$msg = 114;
// Account saved but re-synch failed.
COM_errorLog($MESSAGE[$msg]);
}
}
PLG_profileExtrasSave();
PLG_profileSave();
if ($_US_VERBOSE) {
COM_errorLog('**** Leaving saveuser in usersettings.php ****', 1);
}
return COM_refresh($_CONF['site_url'] . '/users.php?mode=profile&uid=' . $_USER['uid'] . '&msg=' . $msg);
}
}
}
}
function getPathUL($hot = 0, $sortOrder = 0, $page = 0)
{
global $MG_albums, $_MG_CONF;
$retval = '';
$tree = $MG_albums[$this->parent];
while ($tree->id != 0) {
$retval .= '<li>';
$retval .= ' <a href="' . $_MG_CONF['site_url'] . '/album.php?aid=' . $tree->id . '&sort=' . $sortOrder . '">';
$retval .= $_MG_CONF['truncate_breadcrumb'] > 0 ? COM_truncate(strip_tags($tree->title), $_MG_CONF['truncate_breadcrumb'], '...') : strip_tags($tree->title);
$retval .= '</a>';
$tree = $MG_albums[$tree->parent];
}
$retval .= '<li>';
if ($hot) {
$retval .= '<a href="' . $_MG_CONF['site_url'] . '/album.php?aid=' . $this->id . '&sort=' . $sortOrder . '&page=' . $page . '">';
}
$retval .= $_MG_CONF['truncate_breadcrumb'] > 0 ? COM_truncate(strip_tags($this->title), $_MG_CONF['truncate_breadcrumb'], '...') : strip_tags($this->title);
if ($hot) {
$retval .= '</a>';
}
$retval .= '</li>';
return $retval;
}
/**
* Callback function to help format links in COM_makeClickableLinks
*
* @param string $http set to 'http://' when not already in the url
* @param string $link the url
* @return string link enclosed in <a>...</a> tags
*
*/
function COM_makeClickableLinksCallback($http, $link)
{
global $_CONF;
static $encoding = null;
if ($encoding === null) {
$encoding = COM_getEncodingt();
}
// When $link ends with a period, the period will be moved out of the link
// text (bug #0001675)
if (substr($link, -1) === '.') {
$link = substr($link, 0, -1);
$end = '.';
} else {
$end = '';
}
if ($_CONF['linktext_maxlen'] > 0) {
$text = COM_truncate($link, $_CONF['linktext_maxlen'], '...', 10);
} else {
$text = $link;
}
$text = htmlspecialchars($text, ENT_QUOTES, $encoding);
return '<a href="' . $http . $link . '">' . $text . '</a>' . $end;
}
function createuser()
{
global $_CONF, $_TABLES, $LANG01, $LANG04, $MESSAGE, $REMOTE_ADDR;
$retval = '';
$retval = '';
$passwd = '';
$passwd_conf = '';
if ($_CONF['disable_new_user_registration']) {
COM_setMsg($LANG04[122], 'error');
echo COM_refresh($_CONF['site_url']);
}
$email = isset($_POST['email']) ? COM_applyFilter($_POST['email']) : '';
$email_conf = isset($_POST['email_conf']) ? COM_applyFilter($_POST['email_conf']) : '';
$username = isset($_POST['username']) ? $_POST['username'] : '';
if (isset($_POST['passwd'])) {
$passwd = trim($_POST['passwd']);
}
if (isset($_POST['passwd_conf'])) {
$passwd_conf = trim($_POST['passwd_conf']);
}
$username = COM_truncate(trim($username), 48);
if (!USER_validateUsername($username)) {
$retval .= newuserform($LANG04[162]);
return $retval;
}
$email = COM_truncate(trim($email), 96);
$email_conf = trim($email_conf);
if ($_CONF['registration_type'] == 1) {
if (empty($passwd) || $passwd != $passwd_conf) {
$retval .= newuserform($MESSAGE[67]);
return $retval;
}
}
$fullname = '';
if (!empty($_POST['fullname'])) {
$fullname = COM_truncate(trim(USER_sanitizeName($_POST['fullname'])), 80);
}
if (!isset($_CONF['disallow_domains'])) {
$_CONF['disallow_domains'] = '';
}
if (COM_isEmail($email) && !empty($username) && $email === $email_conf && !USER_emailMatches($email, $_CONF['disallow_domains']) && strlen($username) <= 48) {
$ucount = DB_count($_TABLES['users'], 'username', DB_escapeString($username));
$ecount = DB_count($_TABLES['users'], 'email', DB_escapeString($email));
if ($ucount == 0 and $ecount == 0) {
// For glFusion, it would be okay to create this user now. But check
// with a custom userform first, if one exists.
if ($_CONF['custom_registration'] && function_exists('CUSTOM_userCheck')) {
$msg = CUSTOM_userCheck($username, $email);
if (!empty($msg)) {
// no, it's not okay with the custom userform
$retval = CUSTOM_userForm($msg);
return $retval;
}
}
// Let plugins have a chance to decide what to do before creating the user, return errors.
$spamCheckData = array('username' => $username, 'email' => $email, 'ip' => $REMOTE_ADDR);
$msg = PLG_itemPreSave('registration', $spamCheckData);
if (!empty($msg)) {
$retval .= newuserform($msg);
return $retval;
}
if ($_CONF['registration_type'] == 1 && !empty($passwd)) {
$encryptedPasswd = SEC_encryptPassword($passwd);
} else {
$encryptedPasswd = '';
}
$uid = USER_createAccount($username, $email, $encryptedPasswd, $fullname);
if ($_CONF['usersubmission'] == 1) {
if (DB_getItem($_TABLES['users'], 'status', "uid = " . (int) $uid) == USER_ACCOUNT_AWAITING_APPROVAL) {
echo COM_refresh($_CONF['site_url'] . '/index.php?msg=48');
} else {
$retval = emailpassword($username, $passwd, 1);
}
} else {
$retval = emailpassword($username, $passwd);
}
return $retval;
} else {
$retval .= newuserform($LANG04[19]);
}
} else {
if ($email !== $email_conf) {
$msg = $LANG04[125];
$retval .= newuserform($msg);
} else {
// invalid username or email address
if (empty($username) || strlen($username) > 48) {
$msg = $LANG01[32];
// invalid username
} else {
$msg = $LANG04[18];
// invalid email address
}
$retval .= newuserform($msg);
}
}
return $retval;
}
function MG_getBirdseed($album_id, $hot = 0, $sortOrder = 0, $page = 0)
{
global $_CONF, $_MG_CONF, $LANG_MG03;
$items = array();
$aid = $album_id;
while ($aid != 0) {
$album_data = MG_getAlbumData($aid, array('album_title', 'album_parent'));
$url = NULL;
if ($hot == 1) {
$url = $_MG_CONF['site_url'] . '/album.php?aid=' . $aid . '&sort=' . $sortOrder;
if ($aid == $album_id && $page > 1) {
$url .= '&page=' . $page;
}
}
$title = strip_tags($album_data['album_title']);
if ($_MG_CONF['truncate_breadcrumb'] > 0) {
$title = COM_truncate($title, $_MG_CONF['truncate_breadcrumb'], '...');
}
$items[] = array('href' => $url, 'title' => $title);
$hot = 1;
$aid = $album_data['album_parent'];
}
if ($_MG_CONF['gallery_only'] != 1) {
$url = NULL;
if ($hot == 1) {
$url = $_MG_CONF['site_url'] . '/index.php';
if ($album_id == 0 && $page > 1) {
$url .= '?page=' . $page;
}
}
$items[] = array('href' => $url, 'title' => $_MG_CONF['root_album_name']);
}
$items[] = array('href' => $_CONF['site_url'] . '/index.php', 'title' => $LANG_MG03['home']);
$retval = '';
$count = count($items) - 1;
foreach ($items as $key => $item) {
$birdseed = '';
if ($key < $count) {
}
if ($item['href'] !== NULL) {
$birdseed .= "<li>" . COM_createLink($item['title'], $item['href']) . "</li>";
} else {
$birdseed .= "<li>" . $item['title'] . "</li>";
}
$retval = $birdseed . $retval;
}
return $retval;
}
$folder_msg = $LANG_GF02['msg61'];
} elseif ($record['locked'] == 1) {
$folderimg = '<img src="' . _ff_getImage('locked') . '" style="vertical-align:middle;" alt="' . $LANG_GF02['msg114'] . '" title="' . $LANG_GF02['msg114'] . '"/>';
$folder_icon = _ff_getImage('locked');
$folder_msg = $LANG_GF02['msg114'];
} else {
$folderimg = '<img src="' . _ff_getImage('noposts') . '" style="vertical-align:middle;" alt="' . $LANG_GF02['msg59'] . '" title="' . $LANG_GF02['msg59'] . '"/>';
$folder_icon = _ff_getImage('noposts');
$folder_msg = $LANG_GF02['msg59'];
}
$lastposter = $lastreply['name'];
$moved = '';
if ($record['moved'] == 1) {
$moved = "{$LANG_GF01['MOVED']}: ";
}
$subject = COM_truncate($record['subject'], $_FF_CONF['show_subject_length'], '...');
if ($_FF_CONF['use_censor']) {
$subject = COM_checkWords($subject);
$record['subject'] = COM_checkWords($record['subject']);
}
if ($record['attachments'] > 0) {
$subject = $subject . ' <img src="' . $_CONF['site_url'] . '/forum/images/document_sm.gif" alt=""/>';
}
$firstposterName = $record['name'];
$topicinfo = htmlspecialchars($record['subject']) . '::' . htmlspecialchars(preg_replace('#\\r?\\n#', '<br/>', substr(strip_tags($record['comment']), 0, $_FF_CONF['contentinfo_numchars']) . '...'));
$topiclisting->set_var(array('folderimg' => $folderimg, 'folder_icon' => $folder_icon, 'folder_msg' => $folder_msg, 'topicinfo' => $topicinfo, 'topic_id' => $record['id'], 'subject' => $subject, 'author' => $record['uid'] > 1 ? '<a href="' . $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $record['uid'] . '">' . $record['name'] . '</a>' : $record['name'], 'fullsubject' => $record['subject'], 'gotomsg' => $gotomsg, 'displaypageslink' => $displaypageslink, 'showuserlink' => $showuserlink, 'lastposter' => $lastposter, 'LANG_lastpost' => $LANG_GF02['msg188'], 'moved' => $moved, 'views' => $record['views'], 'replies' => $record['replies'], 'lastdate' => $lastdate, 'lastpostid' => $record['lpid'], 'LANG_BY' => $LANG_GF01['BY'], 'startdate' => $firstdate));
$topiclisting->parse('trow', 'topicrows', true);
$displayCount++;
}
$topiclisting->set_var('pagenavigation', forum_pagination($base_url, $page, $numpages));
$topiclisting->set_var('page', $page);
/**
* Display latest forum posts in the center block.
*
* @param where int where the block will be displayed (0..2)
* @param page int page number
* @param topic string topic ID
* @return string HTML for the center blcok (can be empty)
*/
function CUSTOM_centerblock_forum($limit = '')
{
global $_CONF, $_USER, $_TABLES, $LANG_GF01, $CONF_FORUM;
global $LANG_GF02, $mode, $order;
//$TIMER = new timerobject();
//$TIMER->startTimer();
//$exectime = $TIMER->stopTimer();
if ($CONF_FORUM['installed_version'] < 2.6) {
return;
}
if ($CONF_FORUM['registration_required'] && $_USER['uid'] < 2) {
return;
}
$retval = '';
$cb_enable = $CONF_FORUM['show_centerblock'];
$cb_where = $CONF_FORUM['centerblock_where'];
// If enabled only for homepage and this is not page 1 or a topic page,
// then set disable flag
if ($CONF_FORUM['centerblock_homepage'] == 1 and ($page > 1 or !empty($topic))) {
$cb_enable = 0;
} elseif ($CONF_FORUM['centerblock_homepage'] == 0 and $page > 1) {
$cb_where = 1;
// Top of Page
}
// Check if there are no featured articles in this topic
// and if so then place it at the top of the page
if (!empty($topic)) {
$fromsql = ", {$_TABLES['topic_assignments']} ta";
$wheresql = "WHERE ta.id = sid AND ta.tid='{$topic}' AND featured > 0";
} else {
$fromsql = '';
$wheresql = 'WHERE featured = 1';
}
$query = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} {$fromsql} {$wheresql}");
$result = DB_fetchArray($query);
if ($result['count'] == 0 and $cb_where == 2) {
$cb_where = 1;
}
$block = new Template($_CONF['path'] . 'system/custom/forum');
$block->set_file(array('block' => 'centerblock.thtml', 'record' => 'centerblock_displayline.thtml'));
$block->set_var('xhtml', XHTML);
$block->set_var('phpself', $_CONF['site_url'] . '/index.php');
$block->set_var('startblock', COM_startBlock($LANG_GF02['msg170']));
$block->set_var('endblock', COM_endBlock());
$block->set_var('site_url', $_CONF['site_url']);
$block->set_var('layout_url', $CONF_FORUM['layout_url']);
$block->set_var('LANG_title', $LANG_GF02['msg170']);
$block->set_var('LANG_FORUM', $LANG_GF01['FORUM']);
$block->set_var('LANG_TOPIC', $LANG_GF01['TOPIC']);
$block->set_var('LANG_LASTPOST', $LANG_GF01['LASTPOST']);
$block->set_var('LANG_viewlastpost', $LANG_GF02['msg160']);
$block->set_var('LANG_forumjump', $LANG_GF02['msg195']);
$groups = array();
$usergroups = SEC_getUserGroups();
foreach ($usergroups as $group) {
$groups[] = $group;
}
$grouplist = implode(',', $groups);
if ($limit != '') {
$CONF_FORUM['centerblock_numposts'] = $limit;
}
$sql = "SELECT a.id, a.forum, a.name, a.date, a.lastupdated, a.last_reply_rec, a.subject, ";
$sql .= "a.comment, a.uid, a.name, a.pid, a.replies, a.views, b.forum_name ";
$sql .= "FROM {$_TABLES['forum_topic']} a ";
$sql .= "LEFT JOIN {$_TABLES['forum_forums']} b ON a.forum=b.forum_id ";
$sql .= "WHERE pid=0 AND b.grp_id IN ({$grouplist}) AND b.no_newposts = 0 ";
$sql .= "ORDER BY lastupdated DESC LIMIT {$CONF_FORUM['centerblock_numposts']}";
$result = DB_query($sql);
if (DB_numRows($result) == 0) {
return;
}
$f_tooltip = function_exists('COM_getTooltip');
$cssid = 0;
while ($A = DB_fetchArray($result)) {
// $fullsubject = "{$A['subject']}\n{$LANG_GF01['POSTEDBY']}:{$A['name']}{$LANG_GF01['VIEWS']}:{$A['views']}, {$LANG_GF01['REPLIES']}:{$A['replies']}";
$fullsubject = "{$LANG_GF01['POSTEDBY']}:{$A['name']}{$LANG_GF01['VIEWS']}:{$A['views']}";
if (strlen($A['subject']) > $CONF_FORUM['cb_subject_size']) {
$A['subject'] = COM_truncate($A['subject'], $CONF_FORUM['cb_subject_size'], '...');
}
if ($CONF_FORUM['allow_user_dateformat']) {
$firstdate = COM_getUserDateTimeFormat($A['date']);
$firstdate = $firstdate[0];
$lastdate = COM_getUserDateTimeFormat($A['lastupdated']);
$lastdate = $lastdate[0];
} else {
$firstdate = strftime($CONF_FORUM['default_Datetime_format'], $A['date']);
$lastdate = strftime($CONF_FORUM['default_Datetime_format'], $A['lastupdated']);
}
if ($A['uid'] > 1) {
$topicinfo = COM_getDisplayName($A['uid']);
//$topicinfo .= sprintf($LANG_GF01['LASTREPLYBY'],COM_getDisplayName($A['uid']));
} else {
$topicinfo = "{$A['name']}";
}
// $topicinfo .= "{$firstdate} " . " {$LANG_GF01['VIEWS']}:{$A['views']}, {$LANG_GF01['REPLIES']}:{$A['replies']}</span>";
// $topicinfo .= "{$firstdate} " . " {$LANG_GF01['VIEWS']}:{$A['views']}"."</span>";
if (empty($A['last_reply_rec']) or $A['last_reply_rec'] < 1) {
$lastid = $A['id'];
$lastcomment = $A['comment'];
} else {
$qlreply = DB_query("SELECT id,uid,name,comment FROM {$_TABLES['forum_topic']} WHERE id={$A['last_reply_rec']}");
$B = DB_fetchArray($qlreply);
$lastid = $B['id'];
$lastcomment = $B['comment'];
if ($B['uid'] > 1) {
$lastpostuser = sprintf("%s", COM_getDisplayName($B['uid']));
} else {
$lastpostuser = sprintf("%s", $B['name']);
}
}
$lastpostinfo = strip_tags(COM_truncate($lastcomment, $CONF_FORUM['contentinfo_numchars'], '...'));
$lastpostinfo = str_replace(LB, "<br" . XHTML . ">", forum_mb_wordwrap($lastpostinfo, $CONF_FORUM['linkinfo_width'], LB));
$cssid = $cssid == 1 ? 2 : 1;
$f_tooltip = 0;
if ($f_tooltip) {
$lastpostlink = "{$_CONF['site_url']}/forum/viewtopic.php?showtopic={$A['id']}&lastpost=true#{$lastid}";
$block->set_var('tooltip_date', COM_getTooltip($lastdate, $lastpostinfo, $lastpostlink));
$topiclink = "{$_CONF['site_url']}/forum/viewtopic.php?showtopic={$A['id']}";
$block->set_var('tooltip_topic_subject', COM_getTooltip($A['subject'], $topicinfo, $topiclink));
} else {
$block->set_var('lastpostinfo', $lastpostinfo);
$block->set_var('topicinfo', $topicinfo);
$block->set_var('date', $firstdate);
$block->set_var('lastdate', $lastdate);
$block->set_var('topic_subject', $A['subject']);
}
$block->set_var('lastpostuser', $lastpostuser);
$block->set_var('lastpostid', $lastid);
$block->set_var('cssid', $cssid);
$block->set_var('img_dir', $CONF_FORUM['imgset']);
$block->set_var('forum_id', $A['forum']);
$block->set_var('forum_name', $A['forum_name']);
$block->set_var('topic_id', $A['id']);
$block->set_var('fullsubject', $fullsubject);
$block->set_var('views', $A['views']);
$block->set_var('replies', $A['replies']);
$block->set_var('posts', $A['replies'] + 1);
$block->set_var('lastpostby', $A['name']);
$block->parse('block_records', 'record', true);
}
$block->parse('output', 'block');
$retval .= $block->finish($block->get_var('output'));
//$exectime = $TIMER->stopTimer();
//COM_errorLog("Centerblock Execution Time: $exectime seconds");
return $retval;
}
