function __wps__forum($atts) {
global $wpdb, $current_user;
$level = __wps__get_current_userlevel();
$html = '';
$topic_id = '';
extract( shortcode_atts( array(
'cat' => ''
), $atts, WPS_SHORTCODE_PREFIX.'-forum' ) );
$cat_id = $cat;
// resolve stubs if using permalinks
if ( get_option(WPS_OPTIONS_PREFIX.'_permalink_structure') && get_query_var('stub')) {
$stubs = explode('/', get_query_var('stub'));
$stub0 = $stubs[0];
$stub1 = $stubs[1];
if (WPS_DEBUG) echo $stub0.'/'.$stub1.'<br />';
if ($stub0 && get_option(WPS_OPTIONS_PREFIX.'_permalinks_cats')) {
// Two parameters, so go to topic
$cat_id = __wps__get_stub_id($stub0, 'forum-cat');
$topic_id = __wps__get_stub_id($stub1, 'forum-topic');
if (!$cat_id) $cat_id = '';
if (!$topic_id) $topic_id = '';
if (WPS_DEBUG) echo '(1):'.$cat_id.'/'.$topic_id.' ('.$stub0.'/'.$stub1.')<br />';
} else {
// One parameter, so go to category
if ($stub0) $stub1 = $stub0;
$cat_id = __wps__get_stub_id($stub1, 'forum-cat');
if (WPS_DEBUG) echo '(2):'.$cat_id.' ('.$stub1.')<br />';
if (!$cat_id) {
// Couldn't find category, so look for topic instead
$cat_id = '';
$topic_id = __wps__get_stub_id($stub1, 'forum-topic');
if (WPS_DEBUG) echo '(3):'.$topic_id.' ('.$stub1.')<br />';
if (!$topic_id) $topic_id = '';
}
}
$html .= "<div id='symposium_perma_cat_id' style='display:none'>".$cat_id."</div>";
$html .= "<div id='symposium_perma_topic_id' style='display:none'>".$topic_id."</div>";
}
// not using AJAX (or permalinks not found, for backward compatibility with old links)
if ( ( $topic_id == '' && $cat_id == '') || ( !$cat_id != '' && get_option(WPS_OPTIONS_PREFIX.'_forum_ajax') && !get_option(WPS_OPTIONS_PREFIX.'_permalink_structure') ) ) {
$cat_id = isset($_GET['cid']) ? $_GET['cid'] : 0;
$topic_id = isset($_GET['show']) ? $_GET['show'] : 0;
}
// Wrapper
$html .= "<div class='__wps__wrapper'>";
// Check to see if this member is in the included list of roles
$user = get_userdata( $current_user->ID );
$can_view = false;
$viewer = str_replace('_', '', str_replace(' ', '', strtolower(get_option(WPS_OPTIONS_PREFIX.'_viewer'))));
if (is_user_logged_in()) {
$capabilities = $user->{$wpdb->base_prefix.'capabilities'};
if ($capabilities) {
foreach ( $capabilities as $role => $name ) {
if ($role) {
$role = strtolower($role);
$role = str_replace(' ', '', $role);
$role = str_replace('_', '', $role);
if (WPS_DEBUG) $html .= 'Checking global forum (symposium_forum) role '.$role.' against '.$viewer.'<br />';
if (strpos($viewer, $role) !== FALSE) $can_view = true;
}
}
} else {
// No WordPress role stored
}
}
$everyone = str_replace(' ', '', strtolower(__('everyone', WPS_TEXT_DOMAIN))); // Deal with some foreign translations of 'everyone'
if ( $can_view || strpos($viewer, $everyone) !== FALSE ) {
$html .= "<div id='__wps__forum_div'>";
if ( get_option(WPS_OPTIONS_PREFIX.'_permalink_structure') || !get_option(WPS_OPTIONS_PREFIX.'_forum_ajax') ) {
if ($topic_id == 0) {
$forum = __wps__getForum($cat_id);
if (($x = strpos($forum, '[|]')) !== FALSE) $forum = substr($forum, $x+3);
$html .= $forum;
} else {
$html .= __wps__getTopic($topic_id);
}
}
$html .= "</div>";
} else {
$html .= "<p>".__("Sorry, but you are not permitted to view the forum.", WPS_TEXT_DOMAIN)."</p>";
if (__wps__get_current_userlevel() == 5) $html .= sprintf(__('Permissions are set via the WordPress admin dashboard->%s->Options->Forum.', WPS_TEXT_DOMAIN), WPS_WL_SHORT);
}
$html .= "</div>";
// End Wrapper
$html .= "<div style='clear: both'></div>";
// Send HTML
return $html;
}
echo 'NOT LOGGED IN';
exit;
}
}
// Get Topic ****************************************************************
if ($_POST['action'] == 'getTopic') {
$topic_id = $_POST['topic_id'];
$group_id = $_POST['group_id'];
if (is_int($topic_id) && is_int($group_id)):
echo __wps__getTopic($topic_id, $group_id);
else:
echo 'Possible SQL injection (forum_functions.php): '.$topic_id.'|'.$group_id;
endif;
exit;
}
// Get Forum ****************************************************************
if ($_POST['action'] == 'getForum') {
$cat_id = $_POST['cat_id'];
if (isset($_POST['limit_from'])) { $limit_from = $_POST['limit_from']; } else { $limit_from = 0; }
$group_id = $_POST['group_id'];
