/**
* display
*
* @return void
*/
public function display()
{
$id = (int) $_GET['avatar'];
// Get user info
$sql = "SELECT `id`, `fname`, `lname`, `maiden`, `avatar`, `gravatar`\n FROM `fcms_users`\n WHERE `id` = ?";
$row = $this->fcmsDatabase->getRow($sql, $id);
if ($row === false) {
$this->fcmsError->displayError();
return;
}
$name = cleanOutput($row['fname']) . ' ' . cleanOutput($row['lname']);
echo '
<form id="frm" name="frm" enctype="multipart/form-data" action="?avatar=' . $id . '" method="post">
<fieldset>
<legend><span>' . sprintf(T_pgettext('%s is a persons full name', 'Picture for %s'), $name) . '</span></legend>
<div class="field-row">
<div class="field-label"><b>' . T_('Current Picture') . '</b></div>
<div class="field-widget">
<img src="' . getCurrentAvatar($id) . '"/>
</div>
</div>';
$this->displayUploadArea();
echo '
<p>
<input type="hidden" name="avatar_orig" value="' . cleanOutput($row['avatar']) . '"/>
<input class="sub1" type="submit" name="submitUpload" id="submitUpload" value="' . T_('Submit') . '"/>
<a href="familytree.php">' . T_('Cancel') . '</a>
</p>
</fieldset>
</form>';
}
/**
* Constructor
*
* @return void
*/
public function __construct($fcmsError, $fcmsDatabase, $fcmsUser)
{
$this->fcmsError = $fcmsError;
$this->fcmsDatabase = $fcmsDatabase;
$this->fcmsUser = $fcmsUser;
$this->fcmsTemplate = array('currentUserId' => $this->fcmsUser->id, 'sitename' => cleanOutput(getSiteName()), 'nav-link' => getAdminNavLinks(), 'pagetitle' => T_('Dashboard'), 'path' => URL_PREFIX, 'displayname' => $this->fcmsUser->displayName, 'version' => getCurrentVersion(), 'year' => date('Y'));
$this->control();
}
/**
* getWhatsNewDataObject
*
* @param array $data
*
* @return array
*/
function getWhatsNewDataObject($data)
{
$title = '';
$details = '';
switch ($data['type']) {
case 'CALENDAR':
$title = '<a href="calendar.php?event=' . $data['id'] . '">' . cleanOutput($data['title']) . '</a>';
$details = date('F j, Y', strtotime($data['id2']));
break;
case 'DOCS':
$title = '<a href="documents.php">' . cleanOutput($data['title']) . '</a>';
$details = cleanOutput($data['details']);
break;
case 'GALCOM':
foreach ($data['photos'] as $p) {
$photoSrc = $this->fcmsPhotoGallery->getPhotoSource($p);
$title = '<a href="gallery/index.php?uid=0&cid=comments&pid=' . (int) $data['id'] . '"><img src="' . $photoSrc . '"/></a>';
}
$details = cleanOutput($data['title']);
break;
case 'GALLERY':
$title = '<a href="gallery/index.php?uid=' . (int) $data['userid'] . '&cid=' . $data['id'] . '">' . cleanOutput($data['title']) . '</a>';
$details = '';
foreach ($data['photos'] as $p) {
$photoSrc = $this->fcmsPhotoGallery->getPhotoSource($p);
$details .= '
<a href="gallery/index.php?uid=' . (int) $data['userid'] . '&cid=' . $data['id'] . '&pid=' . (int) $p['id'] . '">
<img src="' . $photoSrc . '" alt="' . cleanOutput($p['caption']) . '"/>
</a> ';
}
break;
case 'NEWS':
$name = !empty($data['title']) ? cleanOutput($data['title']) : T_('untitled');
$title = '<a href="familynews.php?getnews=' . $data['userid'] . '&newsid=' . $data['id'] . '">' . $name . '</a>';
$details = removeBBCode($data['details']);
$details = cleanOutput($details);
if (strlen($details) > 300) {
$details = substr($details, 0, 300);
$details .= '...<br/><br/><a href="familynews.php?getnews=' . $data['userid'] . '&newsid=' . (int) $data['id'] . '">' . T_('Read More') . '</a>';
}
break;
case 'POLL':
$title = '<a href="polls.php?id=' . (int) $data['id'] . '">' . cleanOutput($data['title']) . '</a>';
break;
case 'PRAYERS':
$title = '<a href="prayers.php">' . cleanOutput($data['title']) . '</a>';
$details = cleanOutput($data['details']);
break;
case 'RECIPES':
$title = '<a href="recipes.php?category=' . $data['id2'] . '&id=' . $data['id'] . '">' . cleanOutput($data['title']) . '</a>';
break;
case 'THREAD':
$subject = $data['title'];
$pos = strpos($subject, '#ANOUNCE#');
if ($pos !== false) {
$subject = substr($subject, 9, strlen($subject) - 9);
}
$subject = cleanOutput($subject);
$title = '<a href="messageboard.php?thread=' . (int) $data['id2'] . '" title="' . $subject . '">' . $subject . '</a>';
$details = removeBBCode($data['details']);
$details = cleanOutput($details);
if (strlen($details) > 300) {
$details = substr($details, 0, 300);
$details .= '...<br/><br/><a href="messageboard.php?thread=' . (int) $data['id2'] . '">' . T_('Read More') . '</a>';
}
break;
case 'VIDEO':
$title = '<a href="video.php?u=' . (int) $data['userid'] . '&id=' . (int) $data['id'] . '"><img src="http://i.ytimg.com/vi/' . $data['id2'] . '/default.jpg"/></a>';
break;
default:
$title = '';
$details = '';
break;
}
return array('title' => $title, 'details' => $details);
}
/**
* displayPolls
*
* @return void
*/
function displayPolls()
{
$this->displayHeader();
$page = isset($_GET['page']) ? (int) $_GET['page'] : 1;
$pollsData = $this->fcmsPoll->getPolls($page);
if ($pollsData === false) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
$ids = $pollsData['ids'];
unset($pollsData['ids']);
$votesLkup = $this->fcmsPoll->getPollsTotalVotes($ids);
if ($votesLkup === false) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
$pollParams = array();
foreach ($pollsData as $row) {
$pollParams[] = array('url' => '?id=' . (int) $row['id'], 'question' => cleanOutput($row['question'], 'html'), 'date' => fixDate(T_('M. j, Y, g:i a'), $this->fcmsUser->tzOffset, $row['started']), 'vote' => $votesLkup[$row['id']]);
}
$templateParams = array('textPastPolls' => T_('Past Polls'), 'textQuestion' => T_('Question'), 'textDate' => T_('Date'), 'textVotes' => T_('Votes'), 'polls' => $pollParams);
loadTemplate('poll', 'polls', $templateParams);
$this->displayFooter();
}
/**
* displayAward
*
* Displays details about the given award type.
* Along with who the award was awarded to and any other awards they own.
*
* @param int $userid
* @param int $type
*
* @return void
*/
function displayAward($userid, $type)
{
$userid = (int) $userid;
$sql = "SELECT a.`id`, a.`user`, a.`award`, a.`month`, a.`date`, a.`item_id`, a.`count`, u.`fname`\n FROM `fcms_user_awards` AS a,\n `fcms_users` AS u\n WHERE a.`user` = '{$userid}'\n AND a.`award` = '{$type}'\n AND a.`user` = u.`id`";
$rows = $this->fcmsDatabase->getRows($sql, array($userid, $type));
if ($rows === false) {
$this->fcmsError->displayError();
return;
}
if (count($rows) <= 0) {
echo '
<p class="error-alert">' . T_('Invalid Member/Award.') . '</p>';
return;
}
$awardList = array();
foreach ($rows as $r) {
$awardList[] = $r;
$fname = $r['fname'];
}
$currentAward = array('id' => $awardList[0]['id'], 'award' => $awardList[0]['award'], 'month' => $awardList[0]['month'], 'date' => $awardList[0]['date'], 'item_id' => $awardList[0]['item_id'], 'count' => $awardList[0]['count']);
$awardsInfo = $this->getAwardsInfoList();
$totalTimesAwarded = count($awardList);
$string = T_ngettext('%s has been given this award %d time.', '%s has been given this award %d times.', $totalTimesAwarded);
$awardedCount = sprintf($string, $fname, $totalTimesAwarded) . '</h5>';
if ($userid == $this->fcmsUser->id) {
$string = T_ngettext('You have been given this award %d time.', 'You have been given this award %d times.', $totalTimesAwarded);
$awardedCount = sprintf($string, $totalTimesAwarded) . '</h5>';
}
echo '
<div id="current-award">
<div class="' . $currentAward['award'] . '"></div>
<h1>' . $awardsInfo[$currentAward['award']]['name'] . '</h1>
<h2>' . $awardsInfo[$currentAward['award']]['description'] . '</h2>
</div>
<h5 class="times-awarded">' . $awardedCount . '</h5>';
foreach ($awardList as $r) {
$details = '';
$date = '';
if (strlen($r['month']) == 6) {
$year = substr($r['month'], 0, 4);
$month = substr($r['month'], 4, 2);
$date = date('F, Y', strtotime("{$year}-{$month}-01"));
}
switch ($r['award']) {
case 'board':
$details = sprintf(T_pgettext('Ex: December, 2011 - 10 posts', '%s - %s posts'), $date, $r['count']);
break;
case 'gallery':
$details = sprintf(T_pgettext('Ex: December, 2011 - 10 photos', '%s - %s photos'), $date, $r['count']);
break;
case 'recipes':
$details = sprintf(T_pgettext('Ex: December, 2011 - 10 recipes', '%s - %s recipes'), $date, $r['count']);
break;
case 'news':
$details = sprintf(T_pgettext('Ex: December, 2011 - 10 posts', '%s - %s posts'), $date, $r['count']);
break;
case 'docs':
$details = sprintf(T_pgettext('Ex: December, 2011 - 10 documents', '%s - %s documents'), $date, $r['count']);
break;
case 'icebreaker':
$thread = (int) $r['item_id'];
$replies = sprintf(T_pgettext('Ex: 21 replies', '%d replies'), $r['count']);
$details = $date . ' - <a href="messageboard.php?thread=' . $thread . '">' . $this->fcmsMessageBoard->getThreadSubject($thread) . '</a> - ' . $replies;
break;
case 'shutterbug':
$id = (int) $r['item_id'];
$photo = $this->fcmsPhotoGallery->getPhotoInfo($id);
$views = sprintf(T_pgettext('Ex: 210 views', '%d views'), $r['count']);
$photoSrc = $this->fcmsPhotoGallery->getPhotoSource($photo);
$details = $date . ' - ' . $views . '<br/>';
$details .= '<a href="gallery/index.php?uid=' . $photo['user'] . '&cid=' . $photo['category'] . '&pid=' . $photo['id'] . '">';
$details .= '<img src="' . $photoSrc . '"/>';
$details .= '</a>';
break;
case 'interesting':
$id = (int) $r['item_id'];
$views = sprintf(T_pgettext('Ex: 21 comments', '%d comments'), $r['count']);
$sql = "SELECT `title`\n FROM `fcms_news`\n WHERE `id` = '{$id}'";
$news = $this->fcmsDatabase->getRow($sql, $id);
if ($news === false) {
$this->fcmsError->displayError();
return;
}
$title = cleanOutput($news['title']);
$details = $date . ' - <a href="familynews.php?getnews=' . $r['user'] . '&newsid=' . $id . '">' . $title . '</a> - ' . $views;
break;
case 'secretive':
$views = sprintf(T_pgettext('Ex: 210 private messages', '%d private messages'), $r['count']);
$details = $date . ' - ' . $views . '<br/>';
break;
case 'planner':
$views = sprintf(T_pgettext('Ex: 53 events', '%d events'), $r['count']);
$details = $date . ' - ' . $views . '<br/>';
break;
case 'photogenic':
$views = sprintf(T_pgettext('Ex: 53 photos', '%d photos'), $r['count']);
$details = $date . ' - ' . $views . '<br/>';
break;
}
echo '
<p>' . $details . '</p>';
}
}
/**
* displayEditForm
*
* @return void
*/
function displayEditForm()
{
$this->displayHeader();
$id = (int) $_GET['edit'];
$cat = cleanOutput($_GET['cat']);
$this->fcmsBook->displayEditForm($id, 'addressbook.php?cat=' . $cat . '&address=' . $id);
$this->displayFooter();
}
/**
* displayConfirmDeleteCommentForm
*
* @return void
*/
function displayConfirmDeleteCommentForm()
{
$uid = (int) $_GET['uid'];
$cid = $_GET['cid'];
// not always an #
$pid = (int) $_GET['pid'];
$id = (int) $_POST['id'];
$this->displayHeader();
echo '
<div class="info-alert">
<form action="index.php?confirmed=1" method="post">
<h2>' . T_('Are you sure you want to DELETE this Comment?') . '</h2>
<p><b><i>' . T_('This can NOT be undone.') . '</i></b></p>
<div>
<input type="hidden" name="uid" value="' . $uid . '"/>
<input type="hidden" name="cid" value="' . cleanOutput($cid) . '"/>
<input type="hidden" name="pid" value="' . $pid . '"/>
<input type="hidden" name="id" value="' . $id . '"/>
<input style="float:left;" type="submit" id="delcom" name="delcom" value="' . T_('Yes') . '"/>
<a style="float:right;" href="index.php?uid=' . $uid . '&cid=' . cleanOutput($cid) . '&pid=' . $pid . '">' . T_('Cancel') . '</a>
</div>
</form>
</div>';
$this->displayFooter();
}
/**
* getMembersInCategory
*
* @param int $cid
*
* @return string
*/
function getMembersInCategory($uid, $cid)
{
$retVal = '';
$sql = "SELECT u.`id`, u.`fname`, u.`lname`, u.`avatar`, u.`gravatar`\n FROM `fcms_gallery_photos_tags` AS t\n LEFT JOIN `fcms_gallery_photos` AS p ON t.`photo` = p.`id`\n LEFT JOIN `fcms_category` AS c ON p.`category` = c.`id`\n LEFT JOIN `fcms_users` AS u ON t.`user` = u.`id`\n WHERE p.`category` = ?\n AND p.`user` = ?\n GROUP BY u.`id`";
$rows = $this->fcmsDatabase->getRows($sql, array($cid, $uid));
if ($rows === false) {
$this->fcmsError->displayError();
return $retVal;
}
if (count($rows) <= 0) {
if ($uid == $this->fcmsUser->id || $this->fcmsUser->access < 2) {
$retVal .= '<a href="?tag=' . $cid . '&user='******'">' . T_('Tag Members In Photos') . '</a>';
}
return $retVal;
}
$retVal .= '
<ul class="avatar-member-list-small">';
foreach ($rows as $row) {
$id = (int) $row['id'];
$displayname = cleanOutput($row['fname']) . ' ' . cleanOutput($row['lname']);
$avatarPath = getAvatarPath($row['avatar'], $row['gravatar'], '../');
$retVal .= '
<li>
<a href="index.php?uid=0&cid=' . $id . '" class="tooltip" title="" onmouseover="showTooltip(this)" onmouseout="hideTooltip(this)">
<img class="avatar" alt="avatar" src="' . $avatarPath . '"/>
</a>
<div class="tooltip" style="display:none;">
<h5>' . $displayname . '</h5>
<span>' . sprintf(T_('Click to view more photos of %s.'), $displayname) . '</span>
</div>
</li>';
}
$retVal .= '
</ul>';
return $retVal;
}
/**
* displayMembersTreeList
*
* Displays the list of members for viewing their family tree
*
* @return void
*/
function displayMembersTreeList()
{
// Get list of available users
$sql = "SELECT `id`, `fname`, `mname`, `lname`, `maiden`\n FROM `fcms_users` \n WHERE `id` != ?\n ORDER BY `lname`, `fname`";
$rows = $this->fcmsDatabase->getRows($sql, $this->fcmsUser->id);
if ($rows === false) {
$this->fcmsError->displayError();
return;
}
if (count($rows) < 1) {
return;
}
echo '
<form action="familytree.php" method="get" id="view_tree_form">
<p>
<select name="view">
<option value="' . $this->fcmsUser->id . '">' . T_('View Family Tree for...') . '</option>
<option value="' . $this->fcmsUser->id . '">----------</option>';
foreach ($rows as $r) {
$selected = $this->currentTreeUserId == $r['id'] ? ' selected="selected"' : '';
$maiden = empty($r['maiden']) ? ', ' : ' (' . $r['maiden'] . '), ';
echo '
<option value="' . $r['id'] . '"' . $selected . '>' . cleanOutput($r['lname']) . $maiden . ' ' . cleanOutput($r['fname']) . ' ' . cleanOutput($r['mname']) . '</option>';
}
echo '
</select>
<input type="submit" value="' . T_('View') . '"/>
</p>
</form>';
}
/**
* displayGeneralForm
*
* @return void
*/
function displayGeneralForm()
{
$this->displayHeader();
$sql = "SELECT `name`, `value`\n FROM `fcms_config`";
$rows = $this->fcmsDatabase->getRows($sql);
if ($rows === false) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
$row = array();
foreach ($rows as $r) {
$row[$r['name']] = $r['value'];
}
// Activate Options
$activateList = array('0' => T_('Admin Activation'), '1' => T_('Auto Activation'));
$activateOptions = buildHtmlSelectOptions($activateList, $row['auto_activate']);
// Register Options
$registerList = array('0' => T_('Off'), '1' => T_('On'));
$registerOptions = buildHtmlSelectOptions($registerList, $row['registration']);
// Start of week
$startSun = $row['start_week'] == 0 ? 'checked' : '';
$startMon = $row['start_week'] == 1 ? 'checked' : '';
$startTue = $row['start_week'] == 2 ? 'checked' : '';
$startWed = $row['start_week'] == 3 ? 'checked' : '';
$startThr = $row['start_week'] == 4 ? 'checked' : '';
$startFri = $row['start_week'] == 5 ? 'checked' : '';
$startSat = $row['start_week'] == 6 ? 'checked' : '';
// Site Off Options
// TODO - config table or file?
$siteOffYes = '';
$siteOffNo = '';
if ($row['site_off'] == 1) {
$siteOffYes = 'checked';
} else {
$siteOffNo = 'checked';
}
// Debug
$debugList = array('0' => T_('Off'), '1' => T_('On'));
$debugOptions = buildHtmlSelectOptions($debugList, $row['debug']);
$message = '';
if (isset($_SESSION['success'])) {
$message = '<div class="alert-message success">';
$message .= '<a class="close" href="#" onclick="$(this).up(\'div\').hide(); return false;">×</a>';
$message .= T_('Changes Updated Successfully') . '</div>';
unset($_SESSION['success']);
}
echo '
<form action="config.php?view=general" method="post">
<fieldset>
<legend>' . T_('General Configuration') . '</legend>
' . $message . '
<div class="clearfix">
<label for="sitename">' . T_('Site Name') . '</label>
<div class="input">
<input class="xlarge span8" id="sitename" name="sitename" type="text" value="' . cleanOutput($row['sitename']) . '">
</div>
</div>
<div class="clearfix">
<label for="contact">' . T_('Contact Email') . '</label>
<div class="input">
<input class="xlarge span8" id="contact" name="contact" type="text" value="' . cleanOutput($row['contact']) . '">
</div>
<script type="text/javascript">
var email = new LiveValidation(\'contact\', {onlyOnSubmit: true});
email.add(Validate.Email, {failureMessage: "' . T_('That\'s not a valid email address is it?') . '"});
email.add(Validate.Length, {minimum: 10});
</script>
</div>
<div class="clearfix">
<label for="registration">' . T_('Registration') . '</label>
<div class="input">
<select id="registration" name="registration">
' . $registerOptions . '
</select>
</div>
</div>
<div class="clearfix">
<label for="activation">' . T_('Account Activation') . '</label>
<div class="input">
<select id="activation" name="activation">
' . $activateOptions . '
</select>
</div>
</div>
<div class="clearfix">
<label>' . T_('Start of the Week') . '</label>
<div class="input">
<ul class="inputs-list">
<li>
<label>
<input type="radio" ' . $startSun . ' id="start_sun" name="start_week" value="0">
<span>' . T_('Sunday') . '</span>
</label>
</li>
<li>
<label>
<input type="radio" ' . $startMon . ' id="start_mon" name="start_week" value="1">
<span>' . T_('Monday') . '</span>
</label>
</li>
<li>
<label>
<input type="radio" ' . $startTue . ' id="start_tue" name="start_week" value="2">
<span>' . T_('Tuesday') . '</span>
</label>
</li>
<li>
<label>
<input type="radio" ' . $startWed . ' id="start_wed" name="start_week" value="3">
<span>' . T_('Wednesday') . '</span>
</label>
</li>
<li>
<label>
<input type="radio" ' . $startThr . ' id="start_thr" name="start_week" value="4">
<span>' . T_('Thursday') . '</span>
</label>
</li>
<li>
<label>
<input type="radio" ' . $startFri . ' id="start_fri" name="start_week" value="5">
<span>' . T_('Friday') . '</span>
</label>
</li>
<li>
<label>
<input type="radio" ' . $startSat . ' id="start_sat" name="start_week" value="6">
<span>' . T_('Saturday') . '</span>
</label>
</li>
</ul>
</div>
</div>
<div class="clearfix">
<label>' . T_('Turn Off Site?') . '</label>
<div class="input">
<ul class="inputs-list">
<li>
<label>
<input type="radio" ' . $siteOffYes . ' id="site_off_yes" name="site_off" value="yes">
<span>' . T_('Yes, turn the site off, so no one can access it.') . '</span>
</label>
</li>
<li>
<label>
<input type="radio" ' . $siteOffNo . ' id="site_off_no" name="site_off" value="no">
<span>' . T_('No, keep the site on and running.') . '</span>
</label>
</li>
</ul>
</div>
</div>
<div class="clearfix">
<label for="debug">' . T_('Debug') . '</label>
<div class="input">
<select id="debug" name="debug">
' . $debugOptions . '
</select>
</div>
</div>
<div class="actions">
<input type="submit" class="btn primary" id="submit-sitename" name="submit-sitename" value="' . T_('Save') . '">
</div>
</fieldset>
</form>';
$this->displayFooter();
}
/**
* displayDetails
*
* @return void
*/
function displayDetails()
{
$this->displayHeader(array('jsOnload' => 'initAddRelative();'));
$id = (int) $_GET['details'];
$sql = "SELECT *\n FROM `fcms_users`\n WHERE `id` = ?";
$user = $this->fcmsDatabase->getRow($sql, $id);
if ($user === false) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
$canEdit = false;
$editLink = '';
if ($user['phpass'] == 'NONMEMBER' || $this->fcmsUser->access == 1) {
$canEdit = true;
$editLink = '<li><a href="?edit=' . $id . '">' . T_('Edit This Person') . '</a></li>';
}
$avatarPath = getAvatarPath($user['avatar'], $user['gravatar']);
$status = $user['phpass'] == 'NONMEMBER' ? T_('Non-member') : T_('Member');
// Bio
if (strlen($user['bio']) > 0) {
$bio = cleanOutput($user['bio']);
} elseif ($canEdit) {
$bio = '<a href="?edit=' . $id . '">' . T_('Share some information about this person.') . '</a>';
} else {
$bio = T_('This user does not have a bio.');
}
// Get Parents
$parents = $this->fcmsFamilyTree->getParentsOfUsers(array($user['id']));
if ($parents === false) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
$father = array();
$mother = array();
foreach ($parents as $parent) {
if ($parent['sex'] == 'M') {
$father[] = $parent;
} else {
$mother[] = $parent;
}
}
// Get spouse
$spouse = $this->fcmsFamilyTree->getSpousesOfUsers(array($user['id']));
if ($spouse === false) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
// Get children
$children = $this->fcmsFamilyTree->getChildrenOfUsers($spouse);
if ($children === false) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
list($bday, $death) = $this->fcmsFamilyTree->getFormattedBirthdayAndDeath($user);
echo '
<div id="sections_menu">
<ul>
<li><a href="?view=' . $id . '">' . T_('View Family Tree') . '</a></li>
</ul>
</div>
<div id="actions_menu">
<ul class="tools">
' . $editLink . '
<li><a class="add" href="#' . $id . '">' . T_('Add Family Member') . '</a></li>
</ul>
</div>
<div class="person-details">
<img class="avatar" src="' . $avatarPath . '"/>
<h1>' . $user['fname'] . ' ' . $user['lname'] . '</h1>
<p class="member_status">' . $status . '</p>
</div>
<p>
' . $bday . '<br/>
' . $death . '
</p>
<h3>' . T_('Bio') . '</h3>
<p>' . $bio . '</p>
<h3>' . T_('Immediate Family') . '</h3>
<ul id="immediate-family">';
// Print parents, spouses, and children
$types = array('father' => array('M' => T_('Father')), 'mother' => array('F' => T_('Mother')), 'spouse' => array('M' => T_('Spouse'), 'F' => T_('Spouse')), 'children' => array('M' => T_('Son'), 'F' => T_('Daughter')));
foreach ($types as $type => $i18n) {
foreach (${$type} as $relative) {
if (!empty($relative)) {
$relAvatarPath = getAvatarPath($relative['avatar'], $relative['gravatar']);
$maiden = strlen($relative['maiden']) > 0 ? '(' . $relative['maiden'] . ')' : '';
echo '
<li>
<img class="small-avatar" src="' . $relAvatarPath . '"/>
<p>
<a href="?details=' . $relative['id'] . '">
' . $relative['fname'] . ' ' . $relative['mname'] . ' ' . $relative['lname'] . ' ' . $maiden . '
</a>
<i>' . $i18n[$relative['sex']] . '</i>
</p>
</li>';
}
}
}
$this->displayFooter();
}
/**
* displayImages
*
* @return void
*/
function displayImages()
{
global $fcmsUser;
displayHeader();
if (isset($_SESSION['delete_ok'])) {
unset($_SESSION['delete_ok']);
echo '<p class="ok-alert">' . T_('Image was Deleted Successfully') . '</p>';
}
echo '
<h2>' . T_('Upload Image') . '</h2>
<form enctype="multipart/form-data" action="upimages.php" method="post">
<p><input type="file" name="upfile" id="upfile" size="30" title="' . T_('Choose the image you want to upload.') . '"/></p>
<div><input type="submit" name="upload" id="upload" value="' . T_('Upload Image') . '"/></div>
</form>
<p> </p>
<h2>' . T_('Uploaded Images') . '</h2>
<table>';
$uploadsPath = getUploadsAbsolutePath();
$img_dir = opendir($uploadsPath . 'upimages');
while ($file = readdir($img_dir)) {
if ($file !== 'index.htm') {
$images_in_dir[] = $file;
}
}
natcasesort($images_in_dir);
reset($images_in_dir);
$i = 0;
$total_size = 0;
foreach ($images_in_dir as $file) {
// Skip directories that start with a period
if ($file[0] === '.') {
continue;
}
$img_name_arr = explode(".", $file);
$img_type = end($img_name_arr);
$this_size = filesize($uploadsPath . 'upimages/' . $file);
$total_size += $this_size;
$img_info = getimagesize($uploadsPath . 'upimages/' . $file);
$win_w = $img_info[0] + 50;
$win_h = $img_info[1] + 50;
$path = 'uploads/upimages/';
if (defined('UPLOADS')) {
$path = 'file.php?u=';
}
$i++;
echo '
<tr';
if ($i % 2 != 0) {
echo 'class="alt"';
}
echo '>
<td class="v">
<button class="viewbtn" onclick="window.open(\'' . URL_PREFIX . $path . basename($file) . '\',\'file\',
\'width=' . $win_w . ',height=' . $win_h . ',resizable=no,location=no,menubar=no,status=no\'); return false;"/>
</td>
<td class="file">
<a href="#" onclick="insertUpImage(\'[IMG=' . $path . basename($file) . ']\')"
title="' . T_('Click to insert image into message.') . '">' . $file . '</a>
</td>
<td>';
if ($fcmsUser->access < 2) {
echo '
<form method="post" action="upimages.php">
<div>
<input type="hidden" name="img" value="' . cleanOutput($file) . '"/>
<input type="submit" name="delimg" value="' . T_('Delete') . '" class="delbtn" title="' . T_('Delete this Image') . '"
onclick="javascript:return confirm(\'' . T_('Are you sure you want to DELETE this image?') . '\');"/>
</div>
</form>';
}
echo '
</td>
<td class="n">' . $img_info[0] . 'x' . $img_info[1] . '</td>
<td class="n">' . formatSize($this_size) . '</td>
</tr>';
}
echo '
<tr>
<td></td>
<td></td>
<td></td>
<td class="n">' . T_('Total Size') . '</td>
<td class="n">' . formatSize($total_size) . '</td>
</tr>
</table>';
displayFooter();
}
/**
* getDisplayNameFromData
*
* @param array $data
*
* @return string
*/
private function getDisplayNameFromData($data)
{
$ret = '';
switch ($data['displayname']) {
case '1':
$ret = cleanOutput($data['fname']);
break;
case '2':
$ret = cleanOutput($data['fname']) . ' ' . cleanOutput($data['lname']);
break;
case '3':
$ret = cleanOutput($data['username']);
break;
default:
$ret = cleanOutput($data['username']);
break;
}
return $ret;
}
/**
* displayFormPage
*
* @param string $displayMessage
*
* @return void
*/
function displayFormPage($displayMessage = '')
{
$this->displayHeader();
if (isset($_SESSION['success'])) {
echo '
<div class="alert-message success">
<a class="close" href="#" onclick="$(this).up(\'div\').hide(); return false;">×</a>
' . T_('Changes Updated Successfully') . '
</div>';
unset($_SESSION['success']);
}
$r = getFoursquareConfigData();
$id = isset($r['fs_client_id']) ? cleanOutput($r['fs_client_id']) : '';
$secret = isset($r['fs_client_secret']) ? cleanOutput($r['fs_client_secret']) : '';
$url = isset($r['fs_callback_url']) ? cleanOutput($r['fs_callback_url']) : '';
if (empty($id) || empty($secret) || empty($url)) {
echo '
<div class="row">
<div class="span4">
<h2>' . T_('Step 1') . '</h2>
<p>' . T_('Go to Foursquare and register a new app.') . '</p>
</div>
<div class="span12">
<h3><a href="https://foursquare.com/developers/register">' . T_('Register a new foursquare app.') . '</a></h3>
<p>
' . T_('Be sure to include settings.php as part of your callback url. For example: if your site is located at http://www.my-awesome-site.com/fcms/index.php then your callback url should be http://www.my-awesome-site.com/fcms/settings.php') . '
</p>
</div><!-- /span12 -->
</div><!-- /row -->
<p> </p>
<p> </p>
<p> </p>
<div class="row">
<div class="span4">
<h2>' . T_('Step 2') . '</h2>
<p>' . T_('Fill out the form below with the information you provided in Step 1.') . '</p>
</div>
<div class="span12">';
}
echo '
<form action="foursquare.php" method="post">
<fieldset>
<legend>' . T_('Foursquare Confirguration') . '</legend>
<div class="clearfix">
<label for="id">' . T_('Client ID') . '</label>
<div class="input">
<input type="text" name="id" id="id" size="50" value="' . $id . '"/>
</div>
</div>
<div class="clearfix">
<label for="secret">' . T_('Client Secret') . '</label>
<div class="input">
<input type="text" name="secret" id="secret" size="50" value="' . $secret . '"/>
</div>
</div>
<div class="clearfix">
<label for="url">' . T_('Callback URL') . '</label>
<div class="input">
<input class="frm_text" type="text" name="url" id="url" size="50" value="' . $url . '"/>
</div>
</div>
<div class="actions">
<input class="btn primary" type="submit" name="submit" value="' . T_('Save') . '"/>
</div>
</fieldset>
</form>';
if (empty($id) || empty($secret) || empty($url)) {
echo '
</div><!-- /span12 -->
</div><!-- /row -->';
}
$this->displayFooter();
}
/**
* displayUploadArea
*
* @return void
*/
protected function displayUploadArea()
{
$id = (int) $_GET['avatar'];
echo '
<link rel="stylesheet" href="ui/js/jqueryui/jquery-ui.min.css">
<link rel="stylesheet" href="ui/js/jqueryui/jquery-ui.theme.min.css">
<link rel="stylesheet" href="inc/thirdparty/plupload/js/jquery.ui.plupload/css/jquery.ui.plupload.css">
<script type="text/javascript" src="ui/js/jqueryui/jquery-ui.min.js"></script>
<script type="text/javascript" src="inc/thirdparty/plupload/js/plupload.full.min.js"></script>
<script type="text/javascript" src="inc/thirdparty/plupload/js/jquery.ui.plupload/jquery.ui.plupload.min.js"></script>
<script>
$(document).ready(function() {
$("#uploader").plupload({
runtimes : "html5,flash,silverlight,html4",
url : "familytree.php?advanced_avatar=' . $id . '",
max_file_size : "100mb",
multi_selection : false,
buttons: {
"start" : false,
},
multipart_params: {
"plupload" : "1",
},
filters : [
{title : "Image files", extensions : "jpg,jpeg,gif,png"}
],
resize : {
width: 80,
height: 80,
quality: 90,
crop: true
},
// Sort files
sortable: true,
// Views to activate
views: {
list : false,
thumbs : true,
active : "thumbs"
},
// Flash settings
flash_swf_url : "../inc/thirdparty/plupload/js/Moxie.swf",
// Silverlight settings
silverlight_xap_url : "../inc/thirdparty/plupload/js/Moxie.xap",
init : {
FilesAdded: function(up, files) {
while (up.files.length > 1) {
up.removeFile(up.files[0]);
}
},
FileUploaded: function(up, file, info) {
window.location.href = "familytree.php";
}
}
});
$("#frm").submit(function(event) {
event.preventDefault();
var uploader = $("#uploader").plupload("getUploader");
uploader.settings.multipart_params = {
"avatar_orig" : $("#avatar_orig").val()
};
$("#uploader").plupload("start");
});
});
</script>
<div class="field-label"> </div>
<div id="plupload_container" class="field-widget">
<div id="uploader"></div>
<input type="hidden" id="avatar_orig" name="avatar_orig" value="' . cleanOutput($this->data['avatar']) . '"/><br/>
</div>';
}
/**
* displayEditForm
*
* @return void
*/
function displayEditForm()
{
$this->displayHeader();
$id = (int) $_GET['editpoll'];
$sql = "SELECT `question`, o.`id`, `option` \n FROM `fcms_polls` AS p, `fcms_poll_options` AS o \n WHERE p.`id` = o.`poll_id` \n AND p.`id` = ?";
$rows = $this->fcmsDatabase->getRows($sql, $id);
if ($rows === false) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
if (isset($_SESSION['success'])) {
echo '
<div class="alert-message success">
<a class="close" href="#" onclick="$(this).up(\'div\').hide(); return false;">×</a>
' . T_('Changes Updated Successfully') . '
</div>';
unset($_SESSION['success']);
}
echo '
<form id="editform" name="editform" action="?page=admin_polls" method="post">
<fieldset>
<legend><span>' . T_('Edit Poll') . '</span></legend>';
$i = 1;
foreach ($rows as $row) {
if ($i < 2) {
echo '
<h3>' . cleanOutput($row['question']) . '</h3>';
}
echo '
<div class="clearfix">
<label for="show' . $i . '">' . sprintf(T_('Option %s'), $i) . '</label>
<div class="input">
<input type="text" name="show' . $i . '" id="show' . $i . '" ';
if ($i < 3) {
echo "class=\"required\"";
}
echo ' size="50" value="' . cleanOutput($row['option']) . '"/>
<input type="hidden" name="option' . $i . '" value="' . $row['id'] . '"/>';
// Needs to be created by js
if ($i >= 3) {
echo '
<input type="button" name="deleteoption" class="btn small danger" style="width:auto;" value="' . T_('Delete') . '"
onclick="document.editform.show' . $i . '.value=\'\';"/>';
}
echo '
</div>
</div>';
$i++;
}
while ($i < 11) {
echo '
<div class="clearfix">
<label for="show' . $i . '">' . sprintf(T_('Option %s'), $i) . '</label>
<div class="input">
<input type="text" id="show' . $i . '" name="show' . $i . '" size="50" value=""/>
<input type="hidden" name="option' . $i . '" value="new"/>
</div>
</div>';
$i++;
}
echo '
<p class="actions">
<input class="btn primary" type="submit" name="editsubmit" id="editsubmit" value="' . T_('Edit') . '"/>
<a class="btn secondary" href="polls.php">' . T_('Cancel') . '</a>
</p>
</fieldset>
</form>';
$this->displayFooter();
}
/**
* displayAdvancedSearchSubmit
*
* @return void
*/
function displayAdvancedSearchSubmit()
{
$start = $_POST['start'];
$end = $_POST['end'];
$search = $_POST['search'];
// validate dates
$found = preg_match('/^\\d{4}-(1[012]|0?\\d)-(3[01]|[012]?\\d)$/', $start);
if ($found === false || $found < 1) {
$error = sprintf(T_('Invalid Date [%s]'), cleanOutput($start));
$this->displayAdvancedSearchForm($error);
return;
}
$found = preg_match('/^\\d{4}-(1[012]|0?\\d)-(3[01]|[012]?\\d)$/', $end);
if ($found === false || $found < 1) {
$error = sprintf(T_('Invalid Date [%s]'), cleanOutput($end));
$this->displayAdvancedSearchForm($error);
return;
}
// header is displayed by displayAdvancedSearchForm()
$this->displayAdvancedSearchForm('', $search, $start, $end, false);
$sql = "SELECT t.`id`, t.`subject`, t.`started_by`, t.`updated`, p.`post`,\n 'thread' AS type\n FROM `fcms_board_threads` AS t, `fcms_board_posts` AS p\n WHERE p.`thread` = t.`id`\n AND `subject` LIKE ?\n UNION\n SELECT t.`id`, t.`subject`, t.`started_by`, p.`date` AS updated, p.`post`,\n 'post' AS type\n FROM `fcms_board_threads` AS t, `fcms_board_posts` AS p\n WHERE p.`thread` = t.`id`\n AND `post` LIKE ?\n AND `date` >= ?\n AND `date` <= ?";
$params = array("%{$search}%", "%{$search}%", "{$start} 00:00:00", "{$end} 24:59:59");
$rows = $this->fcmsDatabase->getRows($sql, $params);
if ($rows === false) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
if (count($rows) <= 0) {
echo '
<div class="search_result">
<p>' . T_('Could not find anything matching your search.') . '</p>
</div>';
}
$threadsFound = array();
foreach ($rows as $r) {
// if the search is found both in the subject and post
// skip the post, so we don't show doubles
if ($r['type'] == 'post') {
if (isset($threadsFound[$r['id']])) {
continue;
}
}
$threadsFound[$r['id']] = 1;
// Remove #ANNOUNCE#
$subject = $this->fcmsMessageBoard->fixSubject($r['subject']);
// Clean html
$subject = cleanOutput($subject, 'html');
// Put in our html (should be the only html rendered)
$subject = highlight($search, $subject);
// Remove orig bbcode
$post = removeBBCode($r['post']);
// Clean html
$post = cleanOutput($post, 'html');
// Put in our html (should be the only html rendered)
$post = highlight($search, $post);
$date = fixDate('n/d/Y g:ia', $this->fcmsUser->tzOffset, $r['updated']);
echo '
<div class="search_result">
<a href="?thread=' . $r['id'] . '">' . $subject . '</a>
<p>' . $post . '</p>
<span>' . $date . '</span>
</div>';
}
$this->displayFooter();
}
/**
* displayMassEmailForm
*
* Displays the form for sending out mass emails.
*
* @param array $emails The email addresses you are mass mailing to
* @param string $email The email address you are sending from
* @param string $name The name you are sending from
* @param string $subject The subject of the email
* @param string $message The body of the email
* @param string $show Show errors or not
*
* @return void
*/
function displayMassEmailForm($emails, $email = '', $name = '', $subject = '', $message = '', $show = '')
{
$errors = false;
$err_email = '';
$err_name = '';
$err_subject = '';
$err_msg = '';
// Are we allowed to show errors?
if (!empty($show)) {
if (empty($email)) {
$errors = true;
$err_email = '<br/><span class="error">' . T_('Required') . '</span>';
}
if (empty($name)) {
$errors = true;
$err_name = '<br/><span class="error">' . T_('Required') . '</span>';
}
if (empty($subject)) {
$errors = true;
$err_subject = '<br/><span class="error">' . T_('Required') . '</span>';
}
if (empty($message)) {
$errors = true;
$err_msg = '<br/><span class="error">' . T_('Required') . '</span>';
}
}
echo '
<p class="info-alert">
' . T_('Filling out the form below will send an email to all the selected members in your addressbook. Sending an email to a large number of people can take a long time. Please be patient.') . '
</p>';
if ($errors) {
echo '
<p class="error-alert">' . T_('Missing Required Field') . '</p>';
}
echo '
<script type="text/javascript" src="ui/js/livevalidation.js"></script>
<form method="post" class="contactform" action="addressbook.php">
<fieldset>
<div class="field-row">
<div class="field-label"><label for="email"><b>' . T_('Your Email') . '</b></label></div>
<div class="field-widget">
<input class="frm_text" value="' . cleanOutput($email) . '" type="text" name="email" id="email" size="30"/>
' . $err_email . '
</div>
</div>
<script type="text/javascript">
var femail = new LiveValidation(\'email\', { onlyOnSubmit: true });
femail.add(Validate.Presence, {failureMessage: ""});
</script>
<div class="field-row">
<div class="field-label"><label for="name"><b>' . T_('Your Name') . '</b></label></div>
<div class="field-widget">
<input class="frm_text" value="' . cleanOutput($name) . '" type="text" name="name" id="name" size="30"/>
' . $err_name . '
</div>
</div>
<script type="text/javascript">
var fname = new LiveValidation(\'name\', { onlyOnSubmit: true });
fname.add(Validate.Presence, {failureMessage: ""});
</script>
<div class="field-row">
<div class="field-label"><label for="subject"><b>' . T_('Subject') . '</b></label></div>
<div class="field-widget">
<input class="frm_text" value="' . cleanOutput($subject) . '" type="text" name="subject" id="subject" size="30"/>
' . $err_subject . '
</div>
</div>
<script type="text/javascript">
var fsub = new LiveValidation(\'subject\', { onlyOnSubmit: true });
fsub.add(Validate.Presence, {failureMessage: ""});
</script>
<div class="field-row">
<div class="field-label"><label for="msg"><b>' . T_('Message') . '</b></label></div>
<div class="field-widget">
<textarea name="msg" id="msg" rows="10" cols="40"/>' . cleanOutput($message, 'html') . '</textarea>
' . $err_msg . '
</div>
</div>
<script type="text/javascript">
var fmsg = new LiveValidation(\'msg\', { onlyOnSubmit: true });
fmsg.add(Validate.Presence, {failureMessage: ""});
</script>
<div>';
foreach ($emails as $email) {
echo '
<input type="hidden" name="emailaddress[]" value="' . cleanOutput($email) . '"/>';
}
echo '
</div>
<p>
<input class="sub1" type="submit" name="sendemailsubmit" value="' . T_('Send Email') . '"/>
' . T_('or') . '
<a href="addressbook.php">' . T_('Cancel') . '</a>
</p>
</field>
</form>';
}
/**
* displayTimeEvents
*
* Given an array of events, and an hour. Displays all events for that hour.
*
* @param array $timeEvents
* @param string $hour
* @return void
*/
function displayTimeEvents($timeEvents, $hour)
{
if (!is_array($timeEvents)) {
return;
}
$t = $this->getTimesList();
if (isset($timeEvents[$hour])) {
if (isset($timeEvents[$hour][0])) {
foreach ($timeEvents[$hour] as $event) {
echo '
<div class="event">
<a class="' . cleanOutput($event['color']) . '" href="?event=' . $event['id'] . '">
<i>' . $t[$event['time_start']] . ' - ' . $t[$event['time_end']] . '</i>
' . cleanOutput($event['title'], 'html') . '
<span>' . cleanOutput($event['desc'], 'html') . '</span>
</a>
</div>';
}
} else {
echo '
<div class="event">
<a class="' . $timeEvents[$hour]['color'] . '" href="?event=' . $timeEvents[$hour]['id'] . '">
<i>' . $t[$timeEvents[$hour]['time_start']] . '</i>
' . cleanOutput($timeEvents[$hour]['title']) . '
<span>' . cleanOutput($timeEvents[$hour]['desc']) . '</span>
</a>
</div>';
}
}
}
/**
* displayFoursquareSubmit
*
* The submit screen for saving foursquare data.
*
* @return void
*/
function displayFoursquareSubmit()
{
$r = getFoursquareConfigData();
$id = cleanOutput($r['fs_client_id']);
$secret = cleanOutput($r['fs_client_secret']);
$url = cleanOutput($r['fs_callback_url']);
$fsObj = new EpiFoursquare($id, $secret);
$token = $fsObj->getAccessToken($_GET['code'], $url);
$fsObjAuth = new EpiFoursquare($id, $secret, $token->access_token);
$self = $fsObjAuth->get('/users/self');
$sql = "UPDATE `fcms_user_settings`\n SET `fs_user_id` = ?,\n `fs_access_token` = ?\n WHERE `user` = ?";
$params = array($self->response->user->id, $token->access_token, $this->fcmsUser->id);
if (!$this->fcmsDatabase->update($sql, $params)) {
$this->displayHeader();
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
header("Location: settings.php?view=foursquare");
}
#!/usr/bin/php -q
<?php
require_once dirname(dirname(__FILE__)) . '/test/lib/utils.php';
require_once TEST . 'lib/Test-More.php';
require_once INC . 'config_inc.php';
require_once INC . 'utils.php';
diag('cleanOutput');
plan(2);
$js_in = '<script type="text/javascript">alert("hey")</script>';
$js_out = cleanOutput($js_in);
is($js_out, 'alert("hey")', 'javascript');
$js_html_in = '<script type="text/javascript">alert("hey")</script>';
$js_html_out = cleanOutput($js_html_in, 'html');
is($js_html_out, '<script type="text/javascript">alert("hey")</script>', 'javascript html');
/**
* displayFormPage
*
* Displays the form for configuring a youtube app.
*
* @return void
*/
function displayFormPage()
{
global $fcmsUser;
$this->displayHeader();
if (isset($_SESSION['success'])) {
echo '
<div class="alert-message success">
<a class="close" href="#" onclick="$(this).up(\'div\').hide(); return false;">×</a>
' . T_('Changes Updated Successfully') . '
</div>';
unset($_SESSION['success']);
}
$r = getYouTubeConfigData();
$key = isset($r['youtube_key']) ? cleanOutput($r['youtube_key']) : '';
echo '
<div class="alert-message block-message info">
<h1>' . T_('YouTube Integration') . '</h1>
<p>
' . T_('In order to integrate Family Connections with YouTube, you must get a Developer Key from Google, and provide that Key to Family Connections.') . '
</p>
</div>';
if (empty($key)) {
echo '
<div class="row">
<div class="span4">
<h2>' . T_('Step 1') . '</h2>
<p>
' . T_('Got to Google and create a new YouTube Application.') . '
</p>
</div>
<div class="span12">
<h3>
<a href="http://code.google.com/apis/youtube/dashboard/">' . T_('Create Youtube Application') . '</a><br/>
</h3>
</div><!-- /span12 -->
</div><!-- /row -->
<p> </p>
<p> </p>
<p> </p>
<div class="row">
<div class="span4">
<h2>' . T_('Step 2') . '</h2>
<p>
' . T_('Fill out the form below with the YouTube Developer Key provided by Google.') . '
</p>
</div>
<div class="span12">';
}
echo '
<form method="post" action="youtube.php">
<fieldset>
<legend>' . T_('YouTube') . '</legend>
<div class="clearfix">
<label for="key">' . T_('Developer Key') . '</label>
<div class="input">
<input class="span6" type="text" name="key" id="key" value="' . $key . '"/>
</div>
</div>
<div class="actions">
<input class="btn primary" type="submit" name="submit" value="' . T_('Save') . '"/>
</div>
</fieldset>
</form>';
if (empty($key)) {
echo '
</div><!-- /span12 -->
</div><!-- /row -->';
}
$this->displayFooter();
}
/**
* displayLatestMessageBoardPosts
*
* @param int $memberId
*
* @return void
*/
function displayLatestMessageBoardPosts($memberId)
{
$memberId = (int) $memberId;
$sql = "SELECT t.`id`, `subject`, `date`, `post` \n FROM `fcms_board_posts` AS p, `fcms_board_threads` AS t, `fcms_users` AS u \n WHERE t.`id` = p.`thread` \n AND p.`user` = u.`id` \n AND u.`id` = ?\n ORDER BY `date` DESC \n LIMIT 0, 5";
$rows = $this->fcmsDatabase->getRows($sql, $memberId);
if ($rows === false) {
$this->fcmsError->displayError();
return;
}
if (count($rows) <= 0) {
return;
}
echo '
<h2>' . T_('Latest Posts') . '</h2>';
$tzOffset = getTimezone($memberId);
foreach ($rows as $row) {
$date = fixDate(T_('F j, Y, g:i a'), $tzOffset, $row['date']);
$subject = $row['subject'];
$post = removeBBCode($row['post']);
$post = cleanOutput($post);
$pos = strpos($subject, '#ANOUNCE#');
if ($pos !== false) {
$subject = substr($subject, 9, strlen($subject) - 9);
}
$subject = cleanOutput($subject);
echo '
<p>
<a href="messageboard.php?thread=' . $row['id'] . '">' . $subject . '</a>
<span class="date">' . $date . '</span><br/>
' . $post . '
</p>';
}
}
/**
* displayAdminEditSubjectForm
*
* @param int $thread
* @return void
*/
function displayAdminEditSubjectForm($thread)
{
$thread = (int) $thread;
$sql = "SELECT t.`id`, p.`user`, `subject`, `started_by`, `post` \n FROM `fcms_board_threads` AS t, `fcms_board_posts` AS p \n WHERE t.`id` = ?\n AND p.`thread` = t.`id`\n LIMIT 1";
$row = $this->fcmsDatabase->getRow($sql, $thread);
if ($row === false) {
$this->fcmsError->displayError();
return;
}
$pos = strpos($row['subject'], '#ANOUNCE#');
$subject = $row['subject'];
$sticky = '';
if ($pos !== false) {
$sticky = '<input type="hidden" name="sticky" id="sticky" value="1"/>';
$subject = substr($row['subject'], 9, strlen($row['subject']) - 9);
}
$displayname = getUserDisplayName($row['started_by']);
echo '
<form method="post" action="messageboard.php">
<fieldset>
<legend><span>' . T_('Edit Thread') . '</span></legend>
<div>
<label for="subject">' . T_('Subject') . ':</label>
<input class="frm_text" type="text" name="subject" id="subject" size="50" value="' . cleanOutput($subject, 'html') . '"/>
</div>
<div>
<label for="showname">' . T_('Name') . ':</label>
<input type="text" disabled="disabled" name="showname" id="showname" size="50" value="' . cleanOutput($displayname) . '"/>
</div>
<p><textarea disabled="disabled" name="post" id="post" rows="10" cols="63">' . cleanOutput($row['post'], 'html') . '</textarea></p>
<p>
' . $sticky . '
<input type="hidden" name="thread" id="thread" value="' . $thread . '"/>
<input class="sub1" type="submit" name="edit_admin_submit" id="edit_admin_submit" value="' . T_('Edit') . '"/>
' . T_('or') . '
<a href="messageboard.php?thread=' . $thread . '">' . T_('Cancel') . '</a>
</p>
</fieldset>
</form>';
}
/**
* displayHtmlForm
*
* @param string $error Any errors from the previous form
*
* @return void
*/
function displayHtmlForm($error = '0')
{
$user = isset($_POST['username']) ? cleanOutput($_POST['username']) : '';
$first = isset($_POST['fname']) ? cleanOutput($_POST['fname']) : '';
$last = isset($_POST['lname']) ? cleanOutput($_POST['lname']) : '';
$email = isset($_POST['email']) ? cleanOutput($_POST['email']) : '';
$fbData = getFacebookConfigData();
$fbUser = null;
$facebook = null;
echo '
<div id="column">
<h1>' . T_('Register') . '</h1>';
if ($error !== '0') {
echo $error;
}
// Print the facebook register button
if (!empty($fbData['fb_app_id']) && !empty($fbData['fb_secret'])) {
$facebook = new Facebook(array('appId' => $fbData['fb_app_id'], 'secret' => $fbData['fb_secret']));
// Check if the user is logged in and authed
$fbUser = $facebook->getUser();
if ($fbUser) {
try {
$fbProfile = $facebook->api('/me');
} catch (FacebookApiException $e) {
$fbUser = null;
}
}
}
if ($fbUser && !isset($_GET['normal'])) {
echo '
<p style="text-align:center; padding: 20px 0">
<a class="fbbutton" href="?facebook=1">' . T_('Register with Facebook') . '</a><br/><br/><br/>
<small><a style="text-decoration:none" href="register.php?normal=1">' . T_('Cancel') . '</a></small>
</p>';
}
if (!$fbUser && $facebook) {
$params = array('scope' => 'user_about_me,user_birthday,user_location,email,publish_actions');
echo '
<p style="text-align:right">
<a class="fbbutton" href="' . $facebook->getLoginUrl($params) . '">' . T_('Connect with Facebook') . '</a>
</p>';
}
if (!$fbUser || isset($_GET['normal'])) {
echo '
<form id="registerform" name="registerform" action="register.php" method="post">
<div class="field-row">
<div class="field-label"><label for="username"><b>' . T_('Username') . '</b> <span class="req">*</span></label></div>
<div class="field-widget">
<input type="text" name="username" id="username" title="' . T_('Used for logging into the site.') . '" value="' . $user . '"/>
</div>
</div>
<script type="text/javascript">
var funame = new LiveValidation(\'username\', { onlyOnSubmit: true });
funame.add(Validate.Presence, {failureMessage: "' . T_('Required: Can\' login without one.') . '"});
</script>
<div class="field-row">
<div class="field-label"><label for="password"><b>' . T_('Password') . '</b> <span class="req">*</span></label></div>
<div class="field-widget">
<input type="password" name="password" id="password" title="' . T_('Used for loggin into the site.') . '"/>
</div>
</div>
<script type="text/javascript">
var fpass = new LiveValidation(\'password\', { onlyOnSubmit: true });
fpass.add(Validate.Presence, {failureMessage: "' . T_('Required: Can\'t login without one.') . '"});
</script>
<div class="field-row">
<div class="field-label"><label for="fname"><b>' . T_('First Name') . '</b> <span class="req">*</span></label></div>
<div class="field-widget">
<input type="text" name="fname" id="fname" title="' . T_('The name your mother gave you.') . '" value="' . $first . '"/>
</div>
</div>
<script type="text/javascript">
var ffname = new LiveValidation(\'fname\', { onlyOnSubmit: true });
ffname.add(Validate.Presence, { failureMessage: "' . T_('Required') . '" });
</script>
<div class="field-row">
<div class="field-label"><label for="lname"><b>' . T_('Last Name') . '</b> <span class="req">*</span></label></div>
<div class="field-widget">
<input type="text" name="lname" id="lname" title="' . T_('Your family name.') . '" value="' . $last . '"/>
</div>
</div>
<script type="text/javascript">
var flname = new LiveValidation(\'lname\', { onlyOnSubmit: true });
flname.add(Validate.Presence, {failureMessage: "' . T_('Required') . '"});
</script>
<div class="field-row">
<div class="field-label"><label for="email"><b>' . T_('Email Address') . '</b> <span class="req">*</span></label></div>
<div class="field-widget">
<input type="text" name="email" id="email" title="' . T_('Where can we send validation and updates?') . '" value="' . $email . '"/>
</div>
</div>
<script type="text/javascript">
var femail = new LiveValidation(\'email\', { onlyOnSubmit: true });
femail.add( Validate.Presence, { failureMessage: "' . T_('Required') . '" } );
femail.add( Validate.Email, { failureMessage: "' . T_('Invalid Email') . '" } );
femail.add( Validate.Length, { minimum: 10 } );
</script>
<p>
<a class="cancel" href="index.php">' . T_('Cancel') . '</a>
<input id="submit" name="submit" type="submit" value="' . T_('Submit') . '"/>
</p>
<div class="clear"></div>
</form>
</div>';
}
}
/**
* displayInbox
*
* @return void
*/
function displayInbox()
{
$this->displayHeader(array('jsOnload' => '
$(\'.pm_footer input[type="submit"]\').click(function(e) {
return confirmDeleteLink(this, "' . T_('Are you sure you want to DELETE this?') . '", e);
});'));
if (isset($_SESSION['success'])) {
displayOkMessage();
unset($_SESSION['success']);
}
$header = T_('Inbox');
if (isset($_SESSION['private_messages']) && $_SESSION['private_messages'] > 0) {
$header = sprintf(T_('Inbox (%d)'), $_SESSION['private_messages']);
}
echo '
<form method="post" action="privatemsg.php">
<table id="pm" cellpadding="0" cellspacing="0">
<tr>
<th colspan="3" class="pm_header">' . $header . '</th>
</tr>';
$sql = "SELECT p.`id`, `to`, `from`, `title`, `date`, `read`, u.`avatar`, u.`gravatar`\n FROM `fcms_privatemsg` AS p\n LEFT JOIN `fcms_users` AS u ON p.`from` = u.`id`\n WHERE `to` = ?\n ORDER BY `date` DESC";
$rows = $this->fcmsDatabase->getRows($sql, $this->fcmsUser->id);
if ($rows === false) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
foreach ($rows as $r) {
$date = fixDate(T_('M. j, Y, g:i a'), $this->fcmsUser->tzOffset, $r['date']);
$avatarPath = getAvatarPath($r['avatar'], $r['gravatar']);
$from = getUserDisplayName($r['from']);
$rowClass = '';
$linkClass = 'read';
if ($r['read'] < 1) {
$rowClass = 'new';
$linkClass = '';
}
echo '
<tr class="' . $rowClass . '">
<td class="img"></td>
<td>
<div class="user">
<img src="' . $avatarPath . '" alt="' . $from . '" title="' . $from . '"/>
</div>
<a class="' . $linkClass . '" href="?pm=' . (int) $r['id'] . '">' . cleanOutput($r['title']) . '</a>
<span>' . $date . '</span>
</td>
<td class="check"><input type="checkbox" name="del[]" value="' . (int) $r['id'] . '"/></td>
</tr>';
}
echo '
<tr>
<th colspan="3" class="pm_footer">
<input class="sub1" type="submit" name="delete" value="' . T_('Delete Selected') . '"/>
</th>
</tr>
</table>
</form>';
$this->displayFooter();
}
/**
* displayUploadArea
*
* @return void
*/
protected function displayUploadArea()
{
$id = (int) $_GET['avatar'];
echo '
<noscript>
<style type="text/css">
applet, .photo-uploader {display: none;}
#noscript {padding:1em;}
#noscript p {background-color:#ff9; padding:3em; font-size:130%; line-height:200%;}
#noscript p span {font-size:60%;}
</style>
<div id="noscript">
<p>
' . T_('JavaScript must be enabled in order for you to use the Advanced Uploader. However, it seems JavaScript is either disabled or not supported by your browser.') . '<br/>
<span>
' . T_('Either enable JavaScript by changing your browser options.') . '<br/>
' . T_('or') . '<br/>
' . T_('Enable the Basic Upload option by changing Your Settings.') . '
</span>
</p>
</div>
</noscript>
<div class="field-label"> </div>
<div class="field-widget">
<applet id="jumpLoaderApplet" name="jumpLoaderApplet"
code="jmaster.jumploader.app.JumpLoaderApplet.class"
archive="inc/thirdparty/jumploader_z.jar"
width="300"
height="300"
mayscript>
<param name="uc_sendImageMetadata" value="true"/>
<param name="uc_uploadUrl" value="familytree.php?advanced_avatar=' . $id . '"/>
<param name="vc_useThumbs" value="true"/>
<param name="uc_uploadScaledImagesNoZip" value="true"/>
<param name="uc_uploadScaledImages" value="true"/>
<param name="uc_scaledInstanceNames" value="avatar"/>
<param name="uc_scaledInstanceDimensions" value="80x80xcrop"/>
<param name="uc_scaledInstanceQualityFactors" value="900"/>
<param name="uc_uploadFormName" value="uploadForm"/>
<param name="uc_maxFiles" value="1"/>
<param name="vc_lookAndFeel" value="system"/>
<param name="vc_uploadViewStartActionVisible" value="false"/>
<param name="vc_uploadViewStopActionVisible" value="false"/>
<param name="vc_uploadViewPasteActionVisible" value="false"/>
<param name="vc_uploadViewRetryActionVisible" value="false"/>
<param name="vc_uploadViewFilesSummaryBarVisible" value="false"/>
<param name="vc_uiDefaults" value="Panel.background=#eff0f4; List.background=#eff0f4;"/>
<param name="ac_fireAppletInitialized" value="true"/>
<param name="ac_fireUploaderStatusChanged" value="true"/>
<param name="ac_fireUploaderFileStatusChanged" value="true"/>
</applet>
<input type="hidden" id="avatar_orig" name="avatar_orig" value="' . cleanOutput($this->data['avatar']) . '"/><br/>
<script type="text/javascript">
$(document).ready(function() {
$("#frm").submit(function(event) {
event.preventDefault();
var uploader = document.jumpLoaderApplet.getUploader();
var attrSet = uploader.getAttributeSet();
var origAttr = attrSet.createStringAttribute("avatar_orig", $("#avatar_orig").val());
origAttr.setSendToServer(true);
uploader.startUpload();
});
});
function uploaderStatusChanged(uploader) {
if (uploader.getStatus() == 0) {
window.location.href = "familytree.php";
}
}
</script>
</div>';
}
/**
* displayLogin
*
* @return void
*/
function displayLogin()
{
$sitename = getSiteName();
if (isset($_GET['url'])) {
$hidden = '<input type="hidden" name="url" id="url" value="' . cleanOutput($_GET['url']) . '"/>';
} else {
$hidden = '';
}
// Get available languages
$lang_dir = "language/";
$lang_options = '';
if (is_dir($lang_dir)) {
if ($dh = opendir($lang_dir)) {
while (($file = readdir($dh)) !== false) {
// Skip directories that start with a period
if ($file[0] === '.') {
continue;
}
// Skip files (messages.pot)
if (!is_dir("{$lang_dir}{$file}")) {
continue;
}
// Skip directories that don't include a messages.mo file
if (!file_exists($lang_dir . $file . '/LC_MESSAGES/messages.mo')) {
continue;
}
$arr[$file] = getLangName($file);
}
closedir($dh);
asort($arr);
foreach ($arr as $key => $val) {
$lang_options .= '<option value="' . $key . '"';
if (isset($_SESSION['language'])) {
if ($_SESSION['language'] == $key) {
$lang_options .= ' selected="selected"';
}
}
$lang_options .= '>' . $val . '</option>';
}
}
}
$forgotPassLink = '<a href="lostpw.php">' . T_('Forgot Password?') . '</a>';
$registerLink = '';
$facebookLogin = '';
if (isRegistrationOn()) {
$registerLink = ' | <a href="register.php">' . T_('Register') . '</a>';
}
$fbData = getFacebookConfigData();
$params = array('scope' => 'user_about_me,user_birthday,user_location,email,publish_stream,offline_access');
// Print the facebook register button
if (!empty($fbData['fb_app_id']) && !empty($fbData['fb_secret'])) {
$facebook = new Facebook(array('appId' => $fbData['fb_app_id'], 'secret' => $fbData['fb_secret']));
$facebookLogin = '******' . $facebook->getLoginUrl($params) . '" title="' . T_('Login using Facebook') . '"><img src="ui/img/facebook_tiny.png"/></a>';
}
echo '
<div id="login_box">
<h1 id="login_header">' . T_('Login to') . ' ' . $sitename . '</h1>
<form action="index.php" method="post">
<div style="float:right">
<select style="background-color:#e9f3fb; border:none;"
onchange="window.location.href=\'?lang=\'+this.options[this.selectedIndex].value;">
<option>' . T_('Language') . ':</option>
' . $lang_options . '
</select>
</div>
<p><label for="user">' . T_('Username') . ':</label><input type="text" name="user" id="user"/></p>
<p><label for="pass">' . T_('Password') . ':</label><input type="password" name="pass" id="pass"/></p>
<p>
<label class="rem" for="rem">' . T_('Remember Me') . '</label>
<input class="rem" name="rem" id="rem" type="checkbox" value="1"/>
' . $hidden . '
<input type="submit" name="submit" id="submit" value="' . T_('Login') . '"/>
</p>
<div class="clear"></div>
</form>
<p style="text-align:center; margin-bottom:20px;">' . $forgotPassLink . $registerLink . '</p>
<div style="color:silver; font-size:11px; float:left;">' . getCurrentVersion() . '</div>
<div style="float:right">
' . $facebookLogin . '
</div>
</div>
</body>
</html>';
}
function displayContactForm()
{
$this->displayHeader();
$email = isset($_POST['email']) ? cleanOutput($_POST['email']) : '';
$name = isset($_POST['name']) ? cleanOutput($_POST['name']) : '';
$subject = isset($_POST['subject']) ? cleanOutput($_POST['subject']) : '';
$msg = isset($_POST['msg']) ? cleanOutput($_POST['msg'], 'html') : '';
if (isset($_SESSION['ok'])) {
$okMessage = '<p>' . T_('The following message has been sent to the Administrator:') . '</p>' . $_SESSION['ok'];
displayOkMessage($okMessage);
unset($_SESSION['ok']);
}
echo '
<fieldset>
<form method="post" class="contactform" action="contact.php">
<div class="field-row">
<div class="field-label"><label for="email"><b>' . T_('Your Email') . '</b></label></div>
<div class="field-widget"><input type="text" id="email" name="email" size="30" value="' . $email . '"/></div>
</div>
<div class="field-row">
<div class="field-label"><label for="name"><b>' . T_('Your Name') . '</b></label></div>
<div class="field-widget"><input type="text" id="name" name="name" size="30" value="' . $name . '"/></div>
</div>
<div class="field-row">
<div class="field-label"><label for="subject"><b>' . T_('Subject') . '</b></label></div>
<div class="field-widget"><input type="text" id="subject" name="subject" size="30" value="' . $subject . '"/></div>
</div>
<div class="field-row">
<div class="field-label"><label for="msg"><b>' . T_('Message') . '</b></label></div>
<div class="field-widget"><textarea name="msg" rows="10" cols="40">' . $msg . '</textarea></div>
</div>
<p><input type="submit" name="submit" value="' . T_('Submit') . '"/></p>
</form>
</fieldset>';
$this->displayFooter();
}
/**
* display
*
* @return void
*/
public function display()
{
$_SESSION['fcms_uploader_type'] = 'basic';
// Setup the list of active members for possible tags
$sql = "SELECT `id` \n FROM `fcms_users` \n WHERE `activated` > 0\n ORDER BY `fname`, `lname`";
$rows = $this->fcmsDatabase->getRows($sql);
if ($rows === false) {
$this->fcmsError->displayError();
return;
}
$autocompleteList = '';
foreach ($rows as $r) {
$autocompleteList .= '{ data: "' . $r['id'] . '", value: "' . cleanOutput(getUserDisplayName($r['id'], 2)) . '" }, ';
}
$autocompleteList = substr($autocompleteList, 0, -2);
// remove the extra comma space at the end
// Display the form
echo '
<form id="autocomplete_form" enctype="multipart/form-data" action="?action=upload" method="post" class="photo-uploader">
<div class="header">
<label>' . T_('Category') . '</label>
' . $this->getCategoryInputs() . '
</div>
<ul class="upload-types">
' . $this->getUploadTypesNavigation('upload') . '
</ul>
<div class="upload-area">
<div class="basic">
<p style="float:right">
<a class="help" href="../help.php?topic=photo#gallery-howworks">' . T_('Help') . '</a>
</p>
<p>
<label><b>' . T_('Photo') . '</b></label><br/>
<input name="photo_filename" type="file" size="50"/>
</p>
<p>
<label><b>' . T_('Caption') . '</b></label><br/>
<input class="frm_text" type="text" name="photo_caption" size="50"/>
</p>
<div id="tag-options">
<label><b>' . T_('Who is in this Photo?') . '</b></label><br/>
<input type="text" id="autocomplete_input" class="frm_text autocomplete_input"
autocomplete="off" size="50" tabindex="3"/>
<div id="autocomplete_instructions" class="autocomplete_instructions">
' . T_('Type name of person...') . '
</div>
<ul id="autocomplete_selected" class="autocomplete_selected"></ul>
<div id="autocomplete_search" class="autocomplete_search" style="display:none"></div>
<script type="text/javascript">
$(document).ready(function() {
var users = [ ' . $autocompleteList . ' ];
$("#autocomplete_input").autocomplete({
lookup: users,
showNoSuggestionNotice: true,
noSuggestionNotice: "' . T_('No users found') . '",
tabDisabled: true,
onSelect: function (suggestion) {
$("#autocomplete_instructions").hide();
$("#autocomplete_form").append(
"<input type=\\"hidden\\" name=\\"tagged[]\\" class=\\"tagged\\" value=\\"" + suggestion.data + "\\">"
);
$("#autocomplete_input").val("").focus();
$("#autocomplete_selected").append(
"<li>" + suggestion.value + "<a href=\\"#\\" alt=\\"" + suggestion.data + "\\" "
+ "onclick=\\"removeTagged(this);\\">x</a></li>"
);
}
});
});
</script>
</div>
<p class="rotate-options">
<label><b>' . T_('Rotate') . '</b></label><br/>
<input type="radio" id="left" name="rotate" value="left"/>
<label for="left" class="radio_label">' . T_('Left') . '</label>
<input type="radio" id="right" name="rotate" value="right"/>
<label for="right" class="radio_label">' . T_('Right') . '</label>
</p>
</div><!--/basic-->
</div>
<div class="footer">
<input class="sub1" type="submit" id="submit-photos" name="addphoto" value="' . T_('Submit') . '"/>
</div>
</form>
<script type="text/javascript">
$("#submit-photos").click(function(e) {
' . $this->getJsUploadValidation() . '
});
</script>';
}
