/**
  * Here we do the work
  */
 function execute($comment)
 {
     global $_CONF, $_USER, $_TABLES, $LANG_SX00;
     if (isset($_USER['uid']) && $_USER['uid'] > 1) {
         $uid = $_USER['uid'];
     } else {
         $uid = 1;
     }
     /**
      * Include Blacklist Data
      */
     $result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name = 'MTBlacklist'", 1);
     $nrows = DB_numRows($result);
     // named entities
     $comment = html_entity_decode($comment);
     // decimal notation
     $comment = preg_replace('/&#(\\d+);/me', "chr(\\1)", $comment);
     // hex notation
     $comment = preg_replace('/&#x([a-f0-9]+);/mei', "chr(0x\\1)", $comment);
     $ans = 0;
     // Found Flag
     for ($i = 1; $i <= $nrows; $i++) {
         list($val) = DB_fetchArray($result);
         if (@preg_match("#{$val}#i", $comment)) {
             $ans = 1;
             // quit on first positive match
             SPAMX_log($LANG_SX00['fsc'] . $val . $LANG_SX00['fsc1'] . $uid . $LANG_SX00['fsc2'] . $_SERVER['REMOTE_ADDR']);
             break;
         }
     }
     return $ans;
 }
Пример #2
0
function MG_displaySessions()
{
    global $_CONF, $_MG_CONF, $_TABLES, $_USER, $LANG_MG00, $LANG_MG01;
    $retval = '';
    $T = new Template($_MG_CONF['template_path'] . '/admin');
    $T->set_file(array('sessions' => 'sessions.thtml', 'empty' => 'sess_noitems.thtml', 'sessitems' => 'sessitems.thtml'));
    $T->set_var(array('site_url' => $_CONF['site_url'], 'lang_select' => $LANG_MG01['select'], 'lang_checkall' => $LANG_MG01['check_all'], 'lang_uncheckall' => $LANG_MG01['uncheck_all']));
    $sql = "SELECT * FROM {$_TABLES['mg_sessions']} WHERE session_status=1";
    $result = DB_query($sql);
    $numRows = DB_numRows($result);
    $rowclass = 0;
    if ($numRows == 0) {
        // we have no active sessions
        $T->set_var(array('lang_no_sessions' => $LANG_MG01['no_sessions']));
        $T->parse('noitems', 'empty');
    } else {
        $totalSess = $numRows;
        $T->set_block('sessitems', 'sessRow', 'sRow');
        for ($x = 0; $x < $numRows; $x++) {
            $row = DB_fetchArray($result);
            $res2 = DB_query("SELECT COUNT(id) FROM {$_TABLES['mg_session_items']} WHERE session_id='" . $row['session_id'] . "' AND status=0");
            list($count) = DB_fetchArray($res2);
            $T->set_var(array('row_class' => $rowclass % 2 ? '1' : '2', 'session_id' => $row['session_id'], 'session_owner' => DB_getItem($_TABLES['users'], 'username', "uid={$row['session_uid']}"), 'session_description' => $row['session_description'], 'session_continue' => $_MG_CONF['site_url'] . '/batch.php?mode=continue&amp;sid=' . $row['session_id'], 'count' => $count));
            $T->parse('sRow', 'sessRow', true);
            $rowclass++;
        }
        $T->parse('sessitems', 'sessitems');
    }
    $T->set_var(array('s_form_action' => $_MG_CONF['admin_url'] . 'sessions.php', 'mode' => 'sessions', 'lang_category_manage_help' => $LANG_MG01['category_manage_help'], 'lang_catid' => $LANG_MG01['cat_id'], 'lang_cat_name' => $LANG_MG01['cat_name'], 'lang_cat_description' => $LANG_MG01['cat_description'], 'lang_save' => $LANG_MG01['save'], 'lang_cancel' => $LANG_MG01['cancel'], 'lang_delete' => $LANG_MG01['delete'], 'lang_select' => $LANG_MG01['select'], 'lang_checkall' => $LANG_MG01['check_all'], 'lang_uncheckall' => $LANG_MG01['uncheck_all'], 'lang_session_id' => $LANG_MG01['cat_id'], 'lang_session_description' => $LANG_MG01['description'], 'lang_session_owner' => $LANG_MG01['owner'], 'lang_session_count' => $LANG_MG01['count'], 'lang_action' => $LANG_MG01['action']));
    $T->parse('output', 'sessions');
    $retval .= $T->finish($T->get_var('output'));
    return $retval;
}
Пример #3
0
function nexform_importForm($_SQL, $cntr)
{
    global $CONF_FE, $_TABLES;
    DB_query($_SQL[0], '1');
    if (DB_error()) {
        COM_errorLog("nexform SQL error importing form: {$_SQL[0]}");
    }
    $newformid = DB_insertID();
    /* Delete any previous imported form field definition records
          New field definition records will have a formid of '99999' assigned
          Insert the new records and then update to match the new form definition
       */
    DB_query("DELETE FROM {$_TABLES['nxform_fields']} WHERE formid='{$cntr}'");
    next($_SQL);
    // Increment to the field definition records
    for ($i = 1; $i < count($_SQL); $i++) {
        DB_query(current($_SQL), '1');
        if (DB_error()) {
            COM_errorLog("executing " . current($_SQL));
            COM_errorLog("Error executing SQL", 1);
            exit;
        }
        next($_SQL);
    }
    DB_query("UPDATE {$_TABLES['nxform_fields']} set formid='{$newformid}' WHERE formid='{$cntr}'");
    // Need to cycle thru the fields now and update any fieldnames if auto fieldname used
    $query = DB_query("SELECT id,type FROM {$_TABLES['nxform_fields']} WHERE formid='{$newformid}' AND field_name LIKE '%_frm%'");
    while (list($fieldid, $fieldtype) = DB_fetchArray($query)) {
        $fieldname = "{$CONF_FE['fieldtypes'][$fieldtype][0]}{$newformid}_{$fieldid}";
        DB_query("UPDATE {$_TABLES['nxform_fields']} set field_name='{$fieldname}' WHERE id='{$fieldid}'");
    }
}
Пример #4
0
/**
 * Update array if need be with correct topic.
 *
 * @param    array  $A        Array of articles from db
 * @param    string $tid_list List of child topics of current topic
 */
function fixTopic(&$A, $tid_list)
{
    global $_TABLES, $topic;
    if (!empty($topic)) {
        // This case may happen if a article belongs to the current topic but the default topic for the article is a child  of the current topic.
        $sql = "SELECT t.topic, t.imageurl\n            FROM {$_TABLES['topics']} t, {$_TABLES['topic_assignments']} ta\n            WHERE t.tid = ta.tid\n            AND ta.type = 'article' AND ta.id = '{$A['sid']}' AND ta.tid = '{$topic}'\n            " . COM_getLangSQL('tid', 'AND', 't') . COM_getPermSQL('AND', 0, 2, 't');
        $result = DB_query($sql);
        $nrows = DB_numRows($result);
        if ($nrows > 0) {
            $B = DB_fetchArray($result);
            $A['topic'] = $B['topic'];
            $A['imageurl'] = $B['imageurl'];
        } else {
            // Does not belong to current topic so check inherited
            // Make sure sort order the same as in TOPIC_getTopic or articles with multiple topics might not display in the right topic when clicked
            $sql = "SELECT t.topic, t.imageurl\n                FROM {$_TABLES['topics']} t, {$_TABLES['topic_assignments']} ta\n                WHERE t.tid = ta.tid\n                AND ta.type = 'article' AND ta.id = '{$A['sid']}'\n                AND (ta.tid IN({$tid_list}) AND (ta.inherit = 1 OR (ta.inherit = 0 AND ta.tid = '{$topic}')))\n                " . COM_getLangSQL('tid', 'AND', 't') . COM_getPermSQL('AND', 0, 2, 't') . "\n                ORDER BY ta.tdefault DESC, ta.tid ASC";
            $result = DB_query($sql);
            $nrows = DB_numRows($result);
            if ($nrows > 0) {
                $B = DB_fetchArray($result);
                $A['topic'] = $B['topic'];
                $A['imageurl'] = $B['imageurl'];
            }
        }
    }
}
Пример #5
0
function MG_selectUsers($page)
{
    global $glversion, $_CONF, $_MG_CONF, $_TABLES, $_USER, $LANG_MG00, $LANG_MG01;
    $retval = '';
    $T = new Template($_MG_CONF['template_path']);
    $T->set_file('admin', 'createmembers.thtml');
    $T->set_var(array('site_admin_url' => $_CONF['site_admin_url'], 'site_url' => $_CONF['site_url'], 'xhtml' => XHTML));
    $T->set_block('admin', 'UserRow', 'uRow');
    $start = $page * 50;
    $end = 50;
    $sql = "SELECT COUNT(gl.uid) AS count " . "FROM {$_TABLES['users']} AS gl " . "LEFT JOIN {$_TABLES['mg_userprefs']} AS mg ON gl.uid=mg.uid " . "WHERE gl.status = 3 AND gl.uid > 2 AND (mg.member_gallery IS NULL OR mg.member_gallery < 1)";
    $result = DB_query($sql);
    list($total_records) = DB_fetchArray($result);
    $sql = "SELECT gl.uid, gl.status, gl.username, gl.fullname, mg.member_gallery " . "FROM {$_TABLES['users']} AS gl " . "LEFT JOIN {$_TABLES['mg_userprefs']} AS mg ON gl.uid=mg.uid " . "WHERE gl.status = 3 AND gl.uid > 2 AND (mg.member_gallery IS NULL OR mg.member_gallery < 1) " . "ORDER BY gl.username ASC LIMIT {$start},{$end}";
    $result = DB_query($sql);
    while ($row = DB_fetchArray($result)) {
        if ($glversion[1] < 4) {
            $row['status'] = 3;
        }
        $uid = $row['uid'];
        $remote = SEC_inGroup("Remote Users", $uid) ? '(r)' : '';
        $username = $row['username'];
        $member_gallery = $row['member_gallery'];
        $T->set_var(array('uid' => $uid, 'username' => $username . ' ' . $remote . ' - ' . $row['fullname'], 'select' => '<input type="checkbox" name="user[]" value="' . $uid . '"' . XHTML . '>'));
        $T->parse('uRow', 'UserRow', true);
    }
    $T->set_var(array('lang_userid' => $LANG_MG01['userid'], 'lang_username' => $LANG_MG01['username'], 'lang_select' => $LANG_MG01['select'], 'lang_checkall' => $LANG_MG01['check_all'], 'lang_uncheckall' => $LANG_MG01['uncheck_all'], 'lang_save' => $LANG_MG01['save'], 'lang_cancel' => $LANG_MG01['cancel'], 'lang_reset' => $LANG_MG01['reset'], 's_form_action' => $_MG_CONF['admin_url'] . 'createmembers.php', 'pagenav' => COM_printPageNavigation($_MG_CONF['admin_url'] . 'createmembers.php', $page + 1, ceil($total_records / 50))));
    $retval .= $T->finish($T->parse('output', 'admin'));
    return $retval;
}
/**
* Disable incompatible plugins to prevent an error which will occur during
* the upgrade process.
*
* @link  http://code.google.com/p/geeklog-jp/wiki/manage151
*/
function GEEKLOGJP_disablePlugins()
{
    global $_TABLES;
    /**
     * Geeklog-1.5.xで動作確認の取れているプラグインのリスト。
     * $allowed_plugins['プラグイン英語名'] = '動作する最低バージョン' のフォー
     * マット。Geeklogに同梱されているプラグインはチェック不要なので、バージョン
     * は '*' とする。
     */
    $allowed_plugins = array('staticpages' => '*', 'links' => '*', 'polls' => '*', 'calendar' => '*', 'autotags' => '1.01', 'calendarjp' => '1.1.6', 'captcha' => '3.5.5', 'custommenu' => '0.2.2', 'dataproxy' => '2.0.0', 'dbman' => '0.7.1', 'filemgmt' => '1.6.0.jp3', 'forum' => '2.9.0hg', 'japanize' => '2.1.0', 'mycaljp' => '2.0.5', 'nmoxtopicown' => '1.0.12', 'sitemap' => '1.1.2', 'themedit' => '1.2.1');
    $sqls = array();
    $sql = "SELECT pi_name, pi_version " . "FROM {$_TABLES['plugins']} " . "WHERE (pi_enabled = '1') ";
    $result = DB_query($sql);
    if (!DB_error()) {
        while (($A = DB_fetchArray($result)) !== false) {
            $pi_name = $A['pi_name'];
            $pi_version = $A['pi_version'];
            if (array_key_exists($pi_name, $allowed_plugins)) {
                if ($allowed_plugins[$pi_name] == '*' or version_compare($pi_version, $allowed_plugins[$pi_name]) >= 0) {
                    continue;
                }
            }
            $sqls[] = "UPDATE {$_TABLES['plugins']} " . "SET pi_enabled = '0' " . "WHERE (pi_name = '" . addslashes($pi_name) . "') ";
        }
        if (count($sqls) > 0) {
            foreach ($sqls as $sql) {
                DB_query($sql);
            }
        }
    }
}
 function unlockTimesheet($startDateStamp, $endDateStamp, $uid)
 {
     $lockedRanges = array();
     $errorMargin = 4 * 3600;
     // allow for 8 hour deviation (4 both ways), should be ok since all times should be around nidnight anyways
     $sql = "SELECT `startdate`, `enddate` FROM {$this->fulltablename} WHERE `uid`={$uid}";
     $result = DB_query($sql);
     while ($data = DB_fetchArray($result)) {
         if ($startDateStamp >= $data['startdate'] - $errorMargin && $startDateStamp <= $data['startdate'] + $errorMargin && ($endDateStamp >= $data['enddate'] - $errorMargin && $endDateStamp <= $data['enddate'] + $errorMargin)) {
             $lockedRanges[] = array('startdate' => $data['startdate'], 'enddate' => $data['enddate']);
         }
     }
     // this should probably only ever have one entry, but just in case there are issues with setting the timestamps and they're slightly off, we'll loop
     if ($lockedRanges) {
         $sql = "DELETE FROM {$this->fulltablename} WHERE `uid`={$uid} AND (";
         foreach ($lockedRanges as $range) {
             $sql .= "(`startdate`={$range['startdate']} AND `enddate`={$range['enddate']}) OR ";
         }
         $sql = substr($sql, 0, -4) . ")";
     }
     //$sql="DELETE FROM {$this->fulltablename} WHERE uid={$uid} AND startdate={$startDateStamp} AND enddate={$endDateStamp}";
     DB_query($sql);
     if (DB_error()) {
         return false;
     } else {
         return true;
     }
 }
Пример #8
0
function draw_user_information($error)
{
    global $_USER, $_CONF, $LANG_ECOM;
    $res = get_user_row($_USER['uid']);
    #If it's users first time to enter there information will have to add them to database.
    if (DB_numRows($res) <= 0) {
        add_user_row($_USER['uid']);
        #Create the row to hold ecom_userinfo
        $res = get_user_row($_USER['uid']);
    }
    $user_info = DB_fetchArray($res);
    #load template for editing user
    $T = new Template($_CONF['path'] . 'plugins/ecommerce/templates');
    $T->set_file('text', 'user_info.thtml');
    $T->set_var('site_url', $PHP_SELF);
    $T->set_var('error', $error);
    $T->set_var('full_name', $user_info['fullname']);
    $T->set_var('email', $user_info['email']);
    $T->set_var('phone_number', $user_info['ecom_phone_number']);
    $T->set_var('dob_month', $user_info['ecom_dob_month']);
    $T->set_var('dob_day', $user_info['ecom_dob_day']);
    $T->set_var('dob_year', $user_info['ecom_dob_year']);
    $T->set_var('driver_license_number', $user_info['ecom_drivers_license_number']);
    $T->set_var('driver_license_state', $user_info['ecom_drivers_license_state']);
    $T->set_var('msg_1', $LANG_ECOM[1]);
    $T->set_var('msg_12', $LANG_ECOM[12]);
    $T->set_var('msg_146', $LANG_ECOM[146]);
    $T->set_var('msg_147', $LANG_ECOM[147]);
    $T->set_var('msg_148', $LANG_ECOM[148]);
    $T->set_var('msg_149', $LANG_ECOM[149]);
    $T->set_var('msg_150', $LANG_ECOM[150]);
    echo $T->parse('output', 'text');
}
Пример #9
0
 function view()
 {
     global $_CONF, $_TABLES;
     $retval = '';
     $sql = "SELECT L.tag_id, L.tag, COUNT(m.tag_id) AS cnt, L.hits " . "FROM {$_TABLES['tag_list']} AS L " . "LEFT JOIN {$_TABLES['tag_map']} AS m " . "ON L.tag_id = m.tag_id " . "GROUP BY m.tag_id " . "ORDER BY cnt DESC, tag";
     $result = DB_query($sql);
     if (DB_error()) {
         return $retval . '<p>' . TAG_str('db_error') . '</p>';
     } else {
         if (DB_numRows($result) == 0) {
             return $retval . '<p>' . TAG_str('no_tag') . '</p>';
         }
     }
     $T = new Template($_CONF['path'] . 'plugins/tag/templates');
     $T->set_file('stats', 'admin_stats.thtml');
     $T->set_var('xhtml', XHTML);
     $T->set_var('this_script', COM_buildURL($_CONF['site_admin_url'] . '/plugins/tag/index.php'));
     $T->set_var('lang_desc_admin_stats', TAG_str('desc_admin_stats'));
     $T->set_var('lang_lbl_tag', TAG_str('lbl_tag'));
     $T->set_var('lang_lbl_count', TAG_str('lbl_count'));
     $T->set_var('lang_lbl_hit_count', TAG_str('lbl_hit_count'));
     $T->set_var('lang_delete_checked', TAG_str('delete_checked'));
     $T->set_var('lang_ban_checked', TAG_str('ban_checked'));
     $sw = 1;
     $body = '';
     while (($A = DB_fetchArray($result)) !== false) {
         $tag_id = $A['tag_id'];
         $body .= '<tr class="pluginRow' . $sw . '">' . '<td><input id="tag' . TAG_escape($tag_id) . '" name="tag_ids[]" ' . 'type="checkbox" value="' . TAG_escape($A['tag_id']) . '"' . XHTML . '><label for="tag' . TAG_escape($tag_id) . '">' . TAG_escape($A['tag']) . '</label></td>' . '<td style="text-align: right;">' . TAG_escape($A['cnt']) . '</td><td style="text-align: right;">' . TAG_escape($A['hits']) . '</td></tr>' . LB;
         $sw = $sw == 1 ? 2 : 1;
     }
     $T->set_var('body', $body);
     $T->parse('output', 'stats');
     $retval = $T->finish($T->get_var('output'));
     return $retval;
 }
Пример #10
0
function MG_editUser($uid)
{
    global $_CONF, $_MG_CONF, $_TABLES, $_USER, $LANG_MG00, $LANG_MG01;
    $retval = '';
    $active = 0;
    $quota = 0;
    $username = DB_getItem($_TABLES['users'], 'username', "uid=" . $uid);
    $result = DB_query("SELECT active,quota FROM {$_TABLES['mg_userprefs']} WHERE uid=" . $uid);
    $nRows = DB_numRows($result);
    if ($nRows > 0) {
        $row = DB_fetchArray($result);
        $active = $row['active'];
        $quota = $row['quota'] / 1048576;
    } else {
        $active = 1;
        $quota = $_MG_CONF['member_quota'] / 1048576;
    }
    $T = new Template($_MG_CONF['template_path'] . '/admin');
    $T->set_file('admin', 'useredit.thtml');
    $T->set_var('site_url', $_CONF['site_url']);
    $T->set_var('site_admin_url', $_CONF['site_admin_url']);
    $active_select = '<input type="checkbox" name="active" value="1" ' . ($active ? ' CHECKED' : '') . '/>';
    $T->set_var(array('s_form_action' => $_MG_CONF['admin_url'] . 'edituser.php', 'lang_user_edit' => $LANG_MG01['edit_user'], 'lang_username' => $LANG_MG01['username'], 'lang_active' => $LANG_MG01['active'], 'lang_quota' => $LANG_MG01['quota'], 'lang_save' => $LANG_MG01['save'], 'lang_cancel' => $LANG_MG01['cancel'], 'lang_reset' => $LANG_MG01['reset'], 'lang_unlimited' => $LANG_MG01['zero_unlimited'], 'uid' => $uid, 'active' => $active_select, 'quota' => $quota, 'username' => $username));
    $T->parse('output', 'admin');
    $retval .= $T->finish($T->get_var('output'));
    return $retval;
}
Пример #11
0
/**
* Automatic uninstall function for plugins
*
* @return   array
*
* This code is automatically uninstalling the plugin.
* It passes an array to the core code function that removes
* tables, groups, features and php blocks from the tables.
* Additionally, this code can perform special actions that cannot be
* foreseen by the core code (interactions with other plugins for example)
*
*/
function plugin_autouninstall_nexproject()
{
    global $_PRJCONF, $_TABLES;
    $out = array('tables' => array('prj_category', 'prj_department', 'prj_location', 'prj_objective', 'prj_permissions', 'prj_users', 'prj_projects', 'prj_sorting', 'prj_task_users', 'prj_tasks', 'prj_statuslog', 'prj_session', 'prj_filters', 'prj_lockcontrol', 'prj_projPerms', 'prj_taskSemaphore', 'prj_config'), 'groups' => array('nexProject Admin'), 'features' => array('nexproject.admin'), 'php_blocks' => array('phpblock_projectFilter'), 'vars' => array());
    if (prj_forumExists()) {
        //using this row's config value, we'll delete all forums with this ID as the parent and then chuck out the category itself...
        $sql = "SELECT * FROM {$_TABLES['gf_forums']} where forum_cat={$_PRJCONF['forum_parent']}";
        $forumres = DB_query($sql);
        while ($X = DB_fetchArray($forumres)) {
            forum_deleteForum($X['forum_id']);
        }
        DB_query("DELETE FROM {$_TABLES['gf_categories']} where id={$_PRJCONF['forum_parent']}");
    }
    if (prj_nexFileExists()) {
        PLG_itemDeleted($_PRJCONF['nexfile_parent'], 'nexproject_filefolder');
    }
    DB_query("DELETE FROM {$_TABLES['nexlistitems']} WHERE lid={$_PRJCONF['nexlist_locations']}");
    DB_query("DELETE FROM {$_TABLES['nexlistfields']} WHERE lid={$_PRJCONF['nexlist_locations']}");
    DB_query("DELETE FROM {$_TABLES['nexlist']} WHERE id={$_PRJCONF['nexlist_locations']}");
    DB_query("DELETE FROM {$_TABLES['nexlistitems']} WHERE lid={$_PRJCONF['nexlist_departments']}");
    DB_query("DELETE FROM {$_TABLES['nexlistfields']} WHERE lid={$_PRJCONF['nexlist_departments']}");
    DB_query("DELETE FROM {$_TABLES['nexlist']} WHERE id={$_PRJCONF['nexlist_departments']}");
    DB_query("DELETE FROM {$_TABLES['nexlistitems']} WHERE lid={$_PRJCONF['nexlist_category']}");
    DB_query("DELETE FROM {$_TABLES['nexlistfields']} WHERE lid={$_PRJCONF['nexlist_category']}");
    DB_query("DELETE FROM {$_TABLES['nexlist']} WHERE id={$_PRJCONF['nexlist_category']}");
    DB_query("DELETE FROM {$_TABLES['nexlistitems']} WHERE lid={$_PRJCONF['nexlist_objective']}");
    DB_query("DELETE FROM {$_TABLES['nexlistfields']} WHERE lid={$_PRJCONF['nexlist_objective']}");
    DB_query("DELETE FROM {$_TABLES['nexlist']} WHERE id={$_PRJCONF['nexlist_objective']}");
    return $out;
}
Пример #12
0
/**
* Adds an event to the user's calendar
*
* The user has asked that an event be added to their personal
* calendar.  Show a confirmation screen.
*
* @param    string  $eid    event ID to add to user's calendar
* @return   string          HTML for confirmation form
*
*/
function adduserevent($eid)
{
    global $_CONF, $_TABLES, $LANG_CALJP_1;
    $retval = '';
    $eventsql = "SELECT * FROM {$_TABLES['eventsjp']} WHERE eid='{$eid}'" . COM_getPermSql('AND');
    $result = DB_query($eventsql);
    $nrows = DB_numRows($result);
    if ($nrows == 1) {
        $retval .= COM_startBlock(sprintf($LANG_CALJP_1[11], COM_getDisplayName()));
        $A = DB_fetchArray($result);
        $cal_template = COM_newTemplate($_CONF['path'] . 'plugins/calendarjp/templates/');
        $cal_template->set_file(array('addevent' => 'addevent.thtml'));
        $cal_template->set_var('intro_msg', $LANG_CALJP_1[8]);
        $cal_template->set_var('lang_event', $LANG_CALJP_1[12]);
        $event_title = stripslashes($A['title']);
        if (!empty($A['url']) && $A['url'] != 'http://') {
            $event_title_and_url = COM_createLink($event_title, $A['url'], array('class' => 'url'));
            $cal_template->set_var('event_url', $A['url']);
            $cal_template->set_var('event_begin_anchortag', '<a href="' . $A['url'] . '" class="url">');
            $cal_template->set_var('event_end_anchortag', '</a>');
        } else {
            $event_title_and_url = $event_title;
            $cal_template->set_var('event_url', '');
            $cal_template->set_var('event_begin_anchortag', '');
            $cal_template->set_var('event_end_anchortag', '');
        }
        $cal_template->set_var('event_title', $event_title_and_url);
        $cal_template->set_var('event_title_only', $event_title);
        $cal_template->set_var('lang_starts', $LANG_CALJP_1[13]);
        $cal_template->set_var('lang_ends', $LANG_CALJP_1[14]);
        $thestart = COM_getUserDateTimeFormat($A['datestart'] . ' ' . $A['timestart']);
        $theend = COM_getUserDateTimeFormat($A['dateend'] . ' ' . $A['timeend']);
        if ($A['allday'] == 0) {
            $cal_template->set_var('event_start', $thestart[0]);
            $cal_template->set_var('event_end', $theend[0]);
        } else {
            $cal_template->set_var('event_start', strftime($_CONF['shortdate'], $thestart[1]));
            $cal_template->set_var('event_end', strftime($_CONF['shortdate'], $theend[1]));
        }
        $cal_template->set_var('lang_where', $LANG_CALJP_1[4]);
        $location = stripslashes($A['location']) . '<br' . XHTML . '>' . stripslashes($A['address1']) . '<br' . XHTML . '>' . stripslashes($A['address2']) . '<br' . XHTML . '>' . stripslashes($A['city']) . ', ' . stripslashes($A['state']) . ' ' . $A['zipcode'];
        $cal_template->set_var('event_location', $location);
        $cal_template->set_var('lang_description', $LANG_CALJP_1[5]);
        $description = stripslashes($A['description']);
        if (empty($A['postmode']) || $A['postmode'] == 'plaintext') {
            $description = COM_nl2br($description);
        }
        $cal_template->set_var('event_description', PLG_replaceTags($description));
        $cal_template->set_var('event_id', $eid);
        $cal_template->set_var('lang_addtomycalendar', $LANG_CALJP_1[9]);
        $cal_template->set_var('gltoken_name', CSRF_TOKEN);
        $cal_template->set_var('gltoken', SEC_createToken());
        $cal_template->parse('output', 'addevent');
        $retval .= $cal_template->finish($cal_template->get_var('output'));
        $retval .= COM_endBlock();
    } else {
        $retval .= COM_showMessage(23);
    }
    return $retval;
}
Пример #13
0
function MG_adminEXIF()
{
    global $_TABLES, $_MG_CONF, $_CONF, $LANG_MG01, $LANG_MG04;
    $retval = '';
    $T = new Template($_MG_CONF['template_path'] . '/admin/');
    $T->set_file('admin', 'exif_tags.thtml');
    $T->set_var('site_url', $_CONF['site_url']);
    $T->set_var('site_admin_url', $_CONF['site_admin_url']);
    $T->set_block('admin', 'exifRow', 'eRow');
    $sql = "SELECT * FROM {$_TABLES['mg_exif_tags']}";
    $result = DB_query($sql);
    $nRows = DB_numRows($result);
    for ($i = 0; $i < $nRows; $i++) {
        $row = DB_fetchArray($result);
        $properties[] = $row['name'];
        $tag[$row['name']][] = $row['selected'];
    }
    $exifKeys = getExifKeys();
    $x = 0;
    foreach ($properties as $property) {
        $title = $exifKeys[$property][0];
        $T->set_var(array('exif_tag' => $title, 'selected' => $tag[$property][0] ? ' checked="checked"' : '', 'tag' => $property, 'rowcounter' => $x % 2));
        $T->parse('eRow', 'exifRow', true);
        $x++;
    }
    $T->set_var(array('lang_select' => $LANG_MG01['select'], 'lang_exiftag' => $LANG_MG01['exiftag'], 'lang_exif_admin_help' => $LANG_MG01['exif_admin_help'], 'lang_check_all' => $LANG_MG01['check_all'], 'lang_uncheck_all' => $LANG_MG01['uncheck_all'], 'lang_save' => $LANG_MG01['save'], 'lang_cancel' => $LANG_MG01['cancel'], 's_form_action' => $_MG_CONF['admin_url'] . 'exif_admin.php'));
    $T->parse('output', 'admin');
    $retval .= $T->finish($T->get_var('output'));
    return $retval;
}
Пример #14
0
 /**
  * Here we do the work
  */
 public function execute($comment)
 {
     global $_CONF, $_TABLES, $_USER, $LANG_SX00;
     if (isset($_USER['uid']) && $_USER['uid'] > 1) {
         $uid = $_USER['uid'];
     } else {
         $uid = 1;
     }
     /**
      * Include Blacklist Data
      */
     $result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name='Personal'", 1);
     $nrows = DB_numRows($result);
     // named entities
     $comment = html_entity_decode($comment);
     // decimal notation
     $comment = preg_replace_callback('/&#(\\d+);/m', array($this, 'callbackDecimal'), $comment);
     // hex notation
     $comment = preg_replace_callback('/&#x([a-f0-9]+);/mi', array($this, 'callbackHex'), $comment);
     $ans = 0;
     for ($i = 1; $i <= $nrows; $i++) {
         list($val) = DB_fetchArray($result);
         $val = str_replace('#', '\\#', $val);
         if (preg_match("#{$val}#i", $comment)) {
             $ans = 1;
             // quit on first positive match
             SPAMX_log($LANG_SX00['foundspam'] . $val . $LANG_SX00['foundspam2'] . $uid . $LANG_SX00['foundspam3'] . $_SERVER['REMOTE_ADDR']);
             break;
         }
     }
     return $ans;
 }
Пример #15
0
/**
 * Plugin function to delete a comment
 * $cid    Comment to be deleted
 * $id     Item id to which $cid belongs
 *
 */
function _mg_deletecomment($cid, $id)
{
    global $_CONF, $_MG_CONF, $_TABLES, $MG_albums;
    // find the album that holds this peice of media
    $sql = "SELECT album_id FROM {$_TABLES['mg_media_albums']} WHERE media_id='" . DB_escapeString($id) . "'";
    $result = DB_query($sql);
    $nRows = DB_numRows($result);
    if ($nRows > 0) {
        $row = DB_fetchArray($result);
        $aid = $row['album_id'];
        if ($MG_albums[0]->owner_id) {
            $access = 3;
        } else {
            $access = $MG_albums[$aid]->access;
        }
    } else {
        $access = 0;
    }
    if ($access == 3 || SEC_hasRights('mediagallery.admin')) {
        if (CMT_deleteComment($cid, $id, 'mediagallery') == 0) {
            //reduce count in media table
            $comments = DB_count($_TABLES['comments'], array('sid', 'type'), array(DB_escapeString($id), 'mediagallery'));
            DB_change($_TABLES['mg_media'], 'media_comments', $comments, 'media_id', DB_escapeString($id));
            // Now redirect the program flow to the view of the file and its comments
            return COM_refresh($_MG_CONF['site_url'] . "/media.php?s={$id}");
        } else {
            return false;
        }
    } else {
        return false;
    }
}
 /**
  * Here we do the work
  *
  * @param  string $comment
  * @return int
  */
 public function execute($comment)
 {
     global $_TABLES, $_USER, $LANG_SX00, $LANG28;
     $uid = COM_isAnonUser() ? 1 : $_USER['uid'];
     // Get homepage URLs of all banned users
     $result = DB_query("SELECT DISTINCT homepage FROM {$_TABLES['users']} WHERE status = 0 AND homepage IS NOT NULL AND homepage <> ''");
     $numRows = DB_numRows($result);
     // named entities
     $comment = html_entity_decode($comment);
     // decimal notation
     $comment = preg_replace_callback('/&#(\\d+);/m', array($this, 'callbackDecimal'), $comment);
     // hex notation
     $comment = preg_replace_callback('/&#x([a-f0-9]+);/mi', array($this, 'callbackHex'), $comment);
     $ans = 0;
     for ($i = 0; $i < $numRows; $i++) {
         list($val) = DB_fetchArray($result);
         $val = str_replace('#', '\\#', $val);
         if (preg_match("#{$val}#i", $comment)) {
             $ans = 1;
             // quit on first positive match
             SPAMX_log($LANG_SX00['foundspam'] . $val . ' (' . $LANG28[42] . ')' . $LANG_SX00['foundspam2'] . $uid . $LANG_SX00['foundspam3'] . $_SERVER['REMOTE_ADDR']);
             break;
         }
     }
     $this->result = $ans;
     return $ans;
 }
Пример #17
0
 function view()
 {
     global $_CONF, $_TABLES;
     $body = '';
     $T = new Template($_CONF['path'] . 'plugins/tag/templates');
     $T->set_file('badword', 'admin_badword.thtml');
     $T->set_var('xhtml', XHTML);
     $T->set_var('this_script', COM_buildURL($_CONF['site_admin_url'] . '/plugins/tag/index.php'));
     $T->set_var('lang_desc_admin_badword', TAG_str('desc_admin_badword'));
     $T->set_var('lang_add', TAG_str('add'));
     $T->set_var('lang_lbl_tag', TAG_str('lbl_tag'));
     $T->set_var('lang_delete_checked', TAG_str('delete_checked'));
     $sql = "SELECT * FROM {$_TABLES['tag_badwords']}";
     $result = DB_query($sql);
     if (DB_error()) {
         return $retval . '<p>' . TAG_str('db_error') . '</p>';
     } else {
         if (DB_numRows($result) == 0) {
             $T->set_var('msg', '<p>' . TAG_str('no_badword') . '</p>');
         } else {
             $sw = 1;
             while (($A = DB_fetchArray($result)) !== false) {
                 $word = TAG_escape($A['badword']);
                 $body .= '<tr><td>' . '<input id="' . $word . '" name="words[]" type="checkbox" ' . 'value="' . $word . '"><label for="' . $word . '">' . $word . '</label></td></tr>' . LB;
                 $sw = $sw == 1 ? 2 : 1;
             }
         }
     }
     $T->set_var('body', $body);
     $T->parse('output', 'badword');
     $retval = $T->finish($T->get_var('output'));
     return $retval;
 }
Пример #18
0
/**
* Add "root" category and fix categories
*
*/
function links_update_set_categories()
{
    global $_TABLES, $_LI_CONF;
    if (empty($_LI_CONF['root'])) {
        $_LI_CONF['root'] = 'site';
    }
    $root = DB_escapeString($_LI_CONF['root']);
    DB_query("INSERT INTO {$_TABLES['linkcategories']} (cid, pid, category, description, tid, created, modified, group_id, owner_id, perm_owner, perm_group, perm_members, perm_anon) VALUES ('{$root}', 'root', 'Root', 'Website root', NULL, NOW(), NOW(), 5, 2, 3, 3, 2, 2)");
    // get Links admin group number
    $group_id = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Links Admin'");
    // loop through adding to category table, then update links table with cids
    $result = DB_query("SELECT DISTINCT cid AS category FROM {$_TABLES['links']}");
    $nrows = DB_numRows($result);
    for ($i = 0; $i < $nrows; $i++) {
        $A = DB_fetchArray($result);
        $category = DB_escapeString($A['category']);
        $cid = $category;
        DB_query("INSERT INTO {$_TABLES['linkcategories']} (cid,pid,category,description,tid,owner_id,group_id,created,modified) VALUES ('{$cid}','{$root}','{$category}','{$category}','all',2,'{$group_id}',NOW(),NOW())", 1);
        if ($cid != $category) {
            // still experimenting ...
            DB_query("UPDATE {$_TABLES['links']} SET cid='{$cid}' WHERE cid='{$category}'", 1);
        }
        if (DB_error()) {
            echo "Error inserting categories into linkcategories table";
            return false;
        }
    }
}
Пример #19
0
 /**
  * Here we do the work
  */
 public function execute($comment)
 {
     global $_CONF, $_TABLES, $LANG_SX00;
     $uid = $this->getUid();
     /**
      * Check for IP of url in blacklist
      */
     /*
      * regex to find urls $2 = fqd
      */
     $regx = '(ftp|http|file)://([^/\\s]+)';
     $num = preg_match_all("#{$regx}#", html_entity_decode($comment), $urls);
     $result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name='IPofUrl'", 1);
     $nrows = DB_numRows($result);
     $ans = PLG_SPAM_NOT_FOUND;
     for ($j = 1; $j <= $nrows; $j++) {
         list($val) = DB_fetchArray($result);
         for ($i = 0; $i < $num; $i++) {
             $ip = gethostbyname($urls[2][$i]);
             if ($val == $ip) {
                 $ans = PLG_SPAM_FOUND;
                 // quit on first positive match
                 $this->updateStat('IPofUrl', $val);
                 SPAMX_log($LANG_SX00['foundspam'] . $urls[2][$i] . $LANG_SX00['foundspam2'] . $uid . $LANG_SX00['foundspam3'] . $_SERVER['REMOTE_ADDR']);
                 break;
             }
         }
         if ($ans == PLG_SPAM_FOUND) {
             break;
         }
     }
     return $ans;
 }
Пример #20
0
 /**
  *   Get an address
  *
  *   @param  integer $add_id     DB Id of address
  *   @return array               Array of address values
  */
 public function getAddress($add_id)
 {
     global $_TABLES;
     $sql = "SELECT * FROM {$_TABLES['paypal.address']}\n                WHERE id='" . (int) $add_id . "'";
     $A = DB_fetchArray(DB_query($sql), false);
     return $A;
 }
Пример #21
0
function draw()
{
    global $_TABLES, $_CONF, $LANG_ECOM;
    $T = new Template($_CONF['path'] . 'plugins/ecommerce/templates/admin');
    $T->set_file(array('sales_tax' => 'sales_tax.thtml', 'sales_tax_row' => 'sales_tax_row.thtml'));
    $T->set_var('msg_112', $LANG_ECOM[112]);
    $T->set_var('msg_113', $LANG_ECOM[113]);
    //Get left colunm
    $res = DB_query("SELECT ecom_tax_code, ecom_tax_id FROM {$_TABLES['ecom_tax']} WHERE ecom_tax_enabled = false");
    while ($row = DB_fetchArray($res)) {
        $T->set_var('tax_code', $row['ecom_tax_code']);
        $T->set_var('link', 'index.php?op=tax&add=');
        $T->set_var('tax_id', $row['ecom_tax_id']);
        $T->set_var('display', 'add');
        $T->parse('disabled_tax', 'sales_tax_row', true);
    }
    //Get right colunm
    $T->set_var('msg_114', $LANG_ECOM[114]);
    $res = DB_query("SELECT ecom_tax_code, ecom_tax_id FROM {$_TABLES['ecom_tax']} WHERE ecom_tax_enabled = true");
    while ($row = DB_fetchArray($res)) {
        $T->set_var('tax_code', $row['ecom_tax_code']);
        $T->set_var('link', 'index.php?op=tax&remove=');
        $T->set_var('tax_id', $row['ecom_tax_id']);
        $T->set_var('display', 'remove');
        $T->parse('enabled_tax', 'sales_tax_row', true);
    }
    $T->parse('output', 'sales_tax');
    echo $T->finish($T->get_var('output'));
}
Пример #22
0
function MG_getItems($mode = 'sv')
{
    global $MG_albums, $_TABLES, $_MG_CONF;
    $retval = '';
    $aid = 0;
    if (isset($_REQUEST['aid'])) {
        $aid = COM_applyFilter($_REQUEST['aid'], true);
    }
    $src = 'disp';
    if (isset($_REQUEST['src'])) {
        $src = COM_applyFilter($_REQUEST['src']);
    }
    $type = 'mini';
    if (isset($_REQUEST['type'])) {
        $type = COM_applyFilter($_REQUEST['type']);
    }
    if ($src != 'disp' && $src != 'orig') {
        $src = 'tn';
    }
    if ($type != 'full' || $type != 'mini') {
        $type = 'mini';
    }
    if (isset($MG_albums[$aid]->id)) {
        if ($MG_albums[$aid]->access >= 1) {
            $orderBy = MG_getSortOrder($aid, 0);
            $sql = "SELECT * FROM {$_TABLES['mg_media_albums']} as ma INNER JOIN " . $_TABLES['mg_media'] . " as m " . " ON ma.media_id=m.media_id WHERE ma.album_id=" . (int) $aid . " AND m.include_ss=1 " . $orderBy;
            $result = DB_query($sql);
            $nRows = DB_numRows($result);
            $mediaRows = 0;
            if ($nRows > 0) {
                while ($row = DB_fetchArray($result)) {
                    if ($row['media_type'] == 0) {
                        foreach ($_MG_CONF['validExtensions'] as $ext) {
                            if (file_exists($_MG_CONF['path_mediaobjects'] . $src . '/' . $row['media_filename'][0] . '/' . $row['media_filename'] . $ext)) {
                                $PhotoURL = $_MG_CONF['mediaobjects_url'] . '/' . $src . '/' . $row['media_filename'][0] . '/' . $row['media_filename'] . $ext;
                                $PhotoPath = $_MG_CONF['path_mediaobjects'] . $src . '/' . $row['media_filename'][0] . '/' . $row['media_filename'] . $ext;
                                break;
                            }
                        }
                        if ($row['remote_url'] != '') {
                            $viewURL = $row['remote_url'];
                        } else {
                            $viewURL = $_MG_CONF['site_url'] . "/media.php?s=" . $row['media_id'];
                        }
                        $imgsize = @getimagesize($PhotoPath);
                        if ($imgsize == false && $row['remote_media'] != 1) {
                            continue;
                        }
                        if ($row['remote_media'] == 1) {
                            $PhotoURL = $row['remote_url'];
                        }
                        $retval .= '<slide src="' . $PhotoURL . '" caption="' . htmlentities(strip_tags($row['media_title']), ENT_QUOTES, COM_getEncodingt()) . '"/>' . "\n";
                    }
                }
            }
        }
        return $retval;
    }
}
Пример #23
0
function forum_admin_list()
{
    global $_TABLES, $LANG_ADMIN, $LANG_GF00, $LANG_GF91, $LANG_GF06, $_CONF, $_FF_CONF;
    USES_lib_admin();
    $retval = '';
    $selected = '';
    $menu_arr = array();
    $admin_list = new Template($_CONF['path'] . 'plugins/forum/templates/admin/');
    $admin_list->set_file('admin-list', 'index.thtml');
    $admin_list->set_var('block_start', COM_startBlock($LANG_GF91['gfstats']));
    $menu_arr = FF_adminNav($LANG_GF06['1']);
    $admin_list->set_var('admin_menu', ADMIN_createMenu($menu_arr, $LANG_GF00['instructions'], $_CONF['site_url'] . '/forum/images/forum.png'));
    // CATEGORIES
    $numcats = DB_query("SELECT id FROM {$_TABLES['ff_categories']}");
    $totalcats = DB_numRows($numcats);
    // FORUMS
    $numforums = DB_query("SELECT forum_id FROM {$_TABLES['ff_forums']}");
    $totalforums = DB_numRows($numforums);
    // TOPICS
    $numtopics = DB_query("SELECT id FROM {$_TABLES['ff_topic']} WHERE pid = 0");
    $totaltopics = DB_numRows($numtopics);
    // POSTS
    $numposts = DB_query("SELECT id FROM {$_TABLES['ff_topic']}");
    $totalposts = DB_numRows($numposts);
    // VIEWS
    $numviews = DB_query("SELECT SUM(views) AS TOTAL FROM {$_TABLES['ff_topic']}");
    $totalviews = DB_fetchArray($numviews);
    // AVERAGE POSTS
    if ($totalposts != 0) {
        $avgcposts = $totalposts / $totalcats;
        $avgcposts = round($avgcposts);
        $avgfposts = $totalposts / $totalforums;
        $avgfposts = round($avgfposts);
        $avgtposts = $totalposts / $totaltopics;
        $avgtposts = round($avgtposts);
    } else {
        $avgcposts = 0;
        $avgfposts = 0;
        $avgtposts = 0;
    }
    // AVERAGE VIEWS
    if ($totalviews['TOTAL'] != 0) {
        $avgcviews = $totalviews['TOTAL'] / $totalcats;
        $avgcviews = round($avgcviews);
        $avgfviews = $totalviews['TOTAL'] / $totalforums;
        $avgfviews = round($avgfviews);
        $avgtviews = $totalviews['TOTAL'] / $totaltopics;
        $avgtviews = round($avgtviews);
    } else {
        $avgcviews = 0;
        $avgfviews = 0;
        $avgtviews = 0;
    }
    $admin_list->set_var(array('statsmsg' => $LANG_GF91['statsmsg'], 'totalcatsmsg' => $LANG_GF91['totalcats'], 'totalcats' => $totalcats, 'totalforumsmsg' => $LANG_GF91['totalforums'], 'totalforums' => $totalforums, 'totaltopicsmsg' => $LANG_GF91['totaltopics'], 'totaltopics' => $totaltopics, 'totalpostsmsg' => $LANG_GF91['totalposts'], 'totalposts' => $totalposts, 'totalviewsmsg' => $LANG_GF91['totalviews'], 'totalviews' => $totalviews['TOTAL'], 'category' => $LANG_GF91['category'], 'forum' => $LANG_GF91['forum'], 'topic' => $LANG_GF91['topic'], 'avgpmsg' => $LANG_GF91['avgpmsg'], 'avgcposts' => $avgcposts, 'avgfposts' => $avgfposts, 'avgtposts' => $avgtposts, 'avgvmsg' => $LANG_GF91['avgvmsg'], 'avgcviews' => $avgcviews, 'avgfviews' => $avgfviews, 'avgtviews' => $avgtviews));
    $admin_list->set_var('block_end', COM_endBlock());
    $admin_list->parse('output', 'admin-list');
    $retval .= $admin_list->finish($admin_list->get_var('output'));
    return $retval;
}
Пример #24
0
function COMJ_dltbldt($filenm, $fld, $tbl, $where = "", $order = "")
{
    global $_CONF;
    $retval = "";
    //file output open
    $outfile = tempnam($_CONF['path_data'] . "tmp", $filenm);
    $file = @fopen($outfile, 'w');
    if ($file === false) {
        $retval .= "ERR! " . $outfile . " is not writable!<br />" . LB;
        return $retval;
    }
    //-----
    $sql = "SELECT DISTINCT ";
    foreach ($fld as $k => $v) {
        $sql .= $k . ",";
    }
    $sql = rtrim($sql, ",");
    $sql .= " FROM " . $tbl;
    if (!empty($where)) {
        $sql .= " WHERE " . $where;
    }
    if (!empty($order)) {
        $sql .= " ORDER BY " . $order;
    }
    //-----
    $result = DB_query($sql);
    //-----1行目ヘッダ
    $w = "";
    foreach ($fld as $k => $v) {
        $w .= $v . ",";
    }
    $w = rtrim($w, ",");
    $w = str_replace(array('<?', '?>'), array('(@', '@)'), $w);
    $encode = mb_detect_encoding($w, "EUC-JP,UTF-8,JIS,SJIS");
    $w2 = mb_convert_encoding($w, "SJIS", $encode);
    $w2 = str_replace(array('<?', '?>'), array('(@', '@)'), $w2);
    fputs($file, $w2 . LB);
    //-----2行目以降
    while ($A = DB_fetchArray($result)) {
        $w = "";
        foreach ($fld as $k => $v) {
            $w .= $A[$k] . ",";
        }
        $w = rtrim($w, ",");
        $w = str_replace(array('<?', '?>'), array('(@', '@)'), $w);
        $encode = mb_detect_encoding($w, "EUC-JP,UTF-8,JIS,SJIS");
        $w2 = mb_convert_encoding($w, "SJIS", "UTF-8");
        $w2 = str_replace(array('<?', '?>'), array('(@', '@)'), $w2);
        fputs($file, $w2 . LB);
    }
    $filename = basename($outfile) . ".csv";
    $dir = dirname($outfile);
    header("Content-Disposition: attachment; filename={$filename}");
    header("Content-type: application/x-csv");
    readfile($outfile);
    $rt = unlink($outfile);
    return $retval;
}
Пример #25
0
function subscribe_topic()
{
    global $_CONF, $_FF_CONF, $_TABLES, $_USER, $LANG_GF01, $LANG_GF02;
    $retval = '';
    if (COM_isAnonUser()) {
        $retval['statusMessage'] = 'Invalid Request';
        $retval['errorCode'] = 1;
        $return["json"] = json_encode($retval);
        echo json_encode($return);
        exit;
    }
    $forum = COM_applyFilter($_POST['id'], true);
    $topic = COM_applyFilter($_POST['topic_id'], true);
    $notify_id = COM_applyFilter($_POST['notify_id'], true);
    $sql = "SELECT * FROM {$_TABLES['subscriptions']}\n            WHERE ((type='forum' AND id=" . (int) $topic . ") AND (uid=" . (int) $_USER['uid'] . ")\n            OR ";
    $sql .= "((type='forum' AND category=" . (int) $forum . ") AND (id=0) and (uid=" . (int) $_USER['uid'] . ")))";
    $notifyquery = DB_query("{$sql}");
    $pid = DB_getItem($_TABLES['ff_topic'], 'pid', "id=" . (int) $topic);
    if ($pid == 0) {
        $pid = $topic;
    }
    $ntopic = -$topic;
    if (DB_numRows($notifyquery) > 0) {
        $A = DB_fetchArray($notifyquery);
        if ($A['id'] == 0) {
            // User has subscribed to complete forum
            // Check and see if user has a non-subscribe record for this topic id
            $query = DB_query("SELECT sub_id FROM {$_TABLES['subscriptions']} WHERE type='forum' AND uid=" . (int) $_USER['uid'] . " AND category=" . (int) $forum . " AND id = " . $ntopic);
            if (DB_numRows($query) > 0) {
                list($watchrec) = DB_fetchArray($query);
                DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE sub_id=" . (int) $watchrec);
                $retval['statusMessage'] = $LANG_GF02['msg142'];
            } else {
                $forum_name = DB_getItem($_TABLES['ff_forums'], 'forum_name', 'forum_id=' . (int) $forum);
                $topic_name = DB_getItem($_TABLES['ff_topic'], 'subject', 'id=' . (int) $pid);
                DB_query("INSERT INTO {$_TABLES['subscriptions']} (type,category,category_desc,id,id_desc,uid,date_added) VALUES ('forum'," . (int) $forum . ",'" . DB_escapeString($forum_name) . "'," . (int) $pid . ",'" . DB_escapeString($topic_name) . "'," . (int) $_USER['uid'] . ",now() )");
                $retval['statusMessage'] = $LANG_GF02['msg142'];
            }
        } else {
            $retval['statusMessage'] = $LANG_GF02['msg40'];
        }
    } else {
        $forum_name = DB_getItem($_TABLES['ff_forums'], 'forum_name', 'forum_id=' . (int) $forum);
        $topic_name = DB_getItem($_TABLES['ff_topic'], 'subject', 'id=' . (int) $pid);
        DB_query("INSERT INTO {$_TABLES['subscriptions']} (type,category,category_desc,id,id_desc,uid,date_added) VALUES ('forum'," . (int) $forum . ",'" . DB_escapeString($forum_name) . "'," . (int) $pid . ",'" . DB_escapeString($topic_name) . "'," . (int) $_USER['uid'] . ",now() )");
        $nid = -$notify_id;
        DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE type='forum' AND uid=" . (int) $_USER['uid'] . " AND category=" . (int) $forum . " AND id = " . $nid);
        $retval['statusMessage'] = $LANG_GF02['msg142'];
    }
    $retval['errorCode'] = 0;
    $retval['icon'] = 'uk-icon-bookmark';
    $retval['subOption'] = 'unsubscribe_topic';
    $retval['label'] = $LANG_GF01['unSubscribeLink'];
    $return["json"] = json_encode($retval);
    echo json_encode($return);
    exit;
}
Пример #26
0
function DB_getItem($table, $what, $selection = '')
{
    if (!empty($selection)) {
        $result = DB_query("SELECT {$what} FROM {$table} WHERE {$selection}");
    } else {
        $result = DB_query("SELECT {$what} FROM {$table}");
    }
    $ITEM = DB_fetchArray($result);
    return $ITEM[0];
}
Пример #27
0
function MG_rebuildQuota()
{
    global $_TABLES, $_MG_CONF, $_CONF;
    $result = DB_query("SELECT album_id FROM {$_TABLES['mg_albums']}");
    while ($row = DB_fetchArray($result)) {
        MG_updateQuotaUsage($row['album_id']);
    }
    echo COM_refresh($_MG_CONF['admin_url'] . 'index.php?msg=16');
    exit;
}
Пример #28
0
function update_list_itemorder($listid)
{
    global $_TABLES;
    $new_order = 0;
    $listrecs = DB_query("SELECT * FROM {$_TABLES['nexlistitems']} WHERE lid={$listid} ORDER BY itemorder asc, id asc;");
    while ($LIST_RES = DB_fetchArray($listrecs)) {
        $new_order += 10;
        DB_query("UPDATE {$_TABLES['nexlistitems']} SET itemorder={$new_order} WHERE id={$LIST_RES['id']};");
    }
}
Пример #29
0
function qz_updateQuestionOrder($quizid)
{
    global $_TABLES;
    $query = DB_query("SELECT qid,qorder FROM {$_TABLES['quiz_questions']} WHERE quizid={$quizid} ORDER by qorder asc");
    $order = 0;
    while (list($id, $qorder) = DB_fetchArray($query)) {
        $order++;
        DB_query("UPDATE {$_TABLES['quiz_questions']} SET qorder='{$order}' WHERE qid={$id}");
    }
}
Пример #30
0
 /**
  *   Load the orderstatus into the global workflow array.
  */
 public function Load()
 {
     global $_PP_CONF, $_TABLES;
     $_PP_CONF['orderstatus'] = array();
     $sql = "SELECT name, notify_buyer\n                FROM {$_TABLES[self::$table]}\n                WHERE enabled = 1\n                ORDER BY orderby ASC";
     //echo $sql;die;
     $res = DB_query($sql);
     while ($A = DB_fetchArray($res, false)) {
         $_PP_CONF['orderstatus'][$A['name']] = array('notify_buyer' => $A['notify_buyer']);
     }
 }