function ewiki_add_post($id, $data, $action)
{
global $ewiki_plugins, $ewiki_config;
$postNum = getPostCount($id) + 1;
$postNum = str_pad($postNum, 3, "0", STR_PAD_LEFT);
if ($postNum > 999) {
$o = ewiki_format(ewiki_t("TOO_MANY_POSTS", array("id" => $id)));
} else {
$id = $id . EWIKI_POST_SEPARATOR . $postNum;
$ewiki_config["create"] = $id;
//echo("Calling edit function $id");
$o = $ewiki_plugins["action"]["edit"]($id, array("id" => $id), $action);
}
return $o;
}
}
$mysqli = createDBConnection();
//db connection object
$history = getCompanyHistory($_SESSION['user_id']);
//employment history of user
$companies = getCompanyList($mysqli);
//company list for dropdown
$companyArray = array();
while ($row = $companies->fetch_assoc()) {
$companyArray[] = $row;
}
$companyList = json_encode($companyArray);
$userInfo = getUserInfo($_SESSION['user_id']);
//user info
$userInfo = $userInfo->fetch_assoc();
$positionCount = getPostCount($mysqli, $_SESSION['user_id']);
$postScoreSQL = "SELECT IFNULL(TRUNCATE(AVG(`rating`), 2), '-') AS 'rating'\n FROM\n (\n SELECT `post_id`\n FROM `position_post`\n WHERE `fk_user_id` = " . $_SESSION['user_id'] . "\n ) A\n LEFT JOIN `position_post_rating`\n ON `A`.`post_id` = `position_post_rating`.`fk_position_post`";
$postScoreQuery = $mysqli->query($postScoreSQL)->fetch_assoc();
$postScore = $postScoreQuery['rating'];
$mysqli->close();
?>
<html lang="en" xmlns="http://www.w3.org/1999/html">
<head>
<meta charset="UTF-8">
<title>Jossip user profile page</title>
<!-- jquery 2.1.4, jquery ui 1.11.4 -->
<script src="/vendors/jquery-2.1.4.min.js"></script>
<script src="/vendors/jquery-ui-1.11.4/jquery-ui.min.js"></script>
<link rel="stylesheet" href="/vendors/jquery-ui-1.11.4/jquery-ui.min.css" />
function printBlogPageLinks($page)
{
global $blogPageSize;
echo '<div class="page_content"><div id="blog_page_numbers">Newer > ';
for ($p = 1; $p <= getPostCount() / $blogPageSize; $p++) {
if ($p != 1) {
echo ' | ';
}
if ($p != $page) {
echo '<a href="/blog/' . $p . '">' . $p . '</a>';
} else {
echo $p;
}
}
echo ' < Older</div></div>';
}
}
}
$likesQuery = $mysql->query("SELECT `id` FROM `likes` WHERE `thread` = '0' AND `post` = '" . escape($mData['id']) . "' AND `like` = '1'");
$dislikesQuery = $mysql->query("SELECT `id` FROM `likes` WHERE `thread` = '0' AND `post` = '" . escape($mData['id']) . "' AND `like` = '0'");
$userLikesQuery = $mysql->query("SELECT `like` FROM `likes` WHERE `thread` = '0' AND `post` = '" . escape($mData['id']) . "' AND `user` = '" . $_SESSION['accountid'] . "'");
$userLikesData = $userLikesQuery->fetch_assoc();
if ($mData['hidden']) {
$commentHiddenStyle = "Hidden";
} else {
$commentHiddenStyle = "";
}
if ($permissions['viewip']) {
$viewIP = " - IP: " . $accountData['ip'];
}
$bbParser->parse($mData['comment']);
echo "<div class='commentContainer'>\n\t\t<div class='commentDate{$commentHiddenStyle}'>\n\t\t\t<table>\n\t\t\t\t<tr>\n\t\t\t\t\t<td width='887'>\n\t\t\t\t\t\t" . customDate($mData['date']) . " {$viewIP}\n\t\t\t\t\t</td>\n\n\t\t\t\t\t<td>\n\t\t\t\t\t\t<a href='thread?id=" . $mData['thread'] . "#COMMENT-" . $mData['id'] . "'>\n\t\t\t\t\t\t\tView Thread\n\t\t\t\t\t\t</a>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t</table>\n\t\t</div>\n\n\t\t<div class='commentMain' style='box-shadow: 0px 5px 20px " . getPostShadow($mData['poster']) . ";'>\n\t\t\t<table>\n\t\t\t\t<tr>\n\t\t\t\t\t<td width='200'>\n\t\t\t\t\t\t<a href='user?id=" . $mData['poster'] . "' data-tooltip='View Profile: {$commentPoster}'>\n\t\t\t\t\t\t\t<div class='commentUser'>\n\t\t\t\t\t\t\t\t<div class='bold'>\n\t\t\t\t\t\t\t\t\t" . userNameTags($mData['poster'], $commentPoster) . "\n\t\t\t\t\t\t\t\t</div>\n\n\t\t\t\t\t\t\t\t<br>\n\n\t\t\t\t\t\t\t\t" . $accountData['usertitle'] . "\n\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t</a>\n\n\t\t\t\t\t\t<br> <br>\n\n\t\t\t\t\t\t<img src='" . $accountData['avatar'] . "' data-noenlarge='true' " . getAvatarStyle($mData['poster']) . ">\n\n\t\t\t\t\t\t<br> <br> <br>\n\n\t\t\t\t\t\t<span class='bold'>Posts:</span> " . getPostCount($mData['poster']) . " <br>\n\t\t\t\t\t\t<span class='bold'>Country:</span> " . $accountData['country'] . "\n\t\t\t\t\t</td>\n\n\t\t\t\t\t<td width='20'></td>\n\n\t\t\t\t\t<td width='900'>\n\t\t\t\t\t\t<div class='commentText'>\n\t\t\t\t\t\t\t" . nl2br(unescape($bbParser->getAsHtml())) . "";
storePermissions($mData['poster']);
if ($temporaryPermissions['allowsignature'] && $accountData['signature'] && strlen($accountData['signature']) <= $temporaryPermissions['maxsignature'] && substr_count($accountData['signature'], "\n") <= $temporaryPermissions['maxsignaturelines']) {
echo "<br><br> ____________________________________________________________________ <br><br>";
if ($temporaryPermissions['signaturebbcode']) {
$bbParser->parse($accountData['signature']);
if ($temporaryPermissions['signatureimage']) {
echo nl2br(unescape($bbParser->getAsHtml()));
} else {
echo str_replace("<img", "[IMG", nl2br(unescape($bbParser->getAsHtml())));
}
}
}
echo "<br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br> <div align='left'>";
if ($permissions['downloadattachments']) {
$attachmentsQuery = $mysql->query("SELECT `id`, `path` FROM `attachments` WHERE `thread` = '0' AND `post` = '" . escape($mData['id']) . "'");
<?php
include "inc/functions.php";
session_start();
// Tutorial used to aid my profile system development: https://www.youtube.com/watch?v=dMTp03s1H-k
// If the URL key does not have 'id' appended, then the user will be redirected to their own profile
if (!isset($_GET['id'])) {
header("Location: ?id=" . getUserId($_SESSION['U_Email']));
}
// If the user is logged in, two functions will be called to get their user data and information
if (isset($_SESSION["U_Email"])) {
$usersData = getUserInfo($_GET['id']);
$postCount = getPostCount($_GET['id']);
} else {
header('Location: login.php');
}
// If a user shares a post, this code block will execute
if (!empty($_POST)) {
$post = trim(filter_input(INPUT_POST, "user_post", FILTER_SANITIZE_SPECIAL_CHARS));
// Google recaptcha 2.0 used to prevent a user posting in quick succession (spam)
// $url = 'https://www.google.com/recaptcha/api/siteverify';
// $privatekey = "6LfNTB0TAAAAAJDfn1103ECDdlOZBPOpC9qEAuez";
//
// $response = file_get_contents($url."?secret=".$privatekey."&response=".$_POST['g-recaptcha-response']."&remoteip=".$_SERVER['REMOTE_ADDR']);
//
// $data = json_decode($response);
//
// if(!isset($data->success) && $data->success==false) {
// $error_message = "Please verify that you are human";
// }
// If no error messages are set, then insert the post into the database
$second_resource = sizeof($uri) > 0 ? array_shift($uri) : "";
$third_resource = sizeof($uri) > 0 ? array_shift($uri) : "";
$forth_resource = sizeof($uri) > 0 ? array_shift($uri) : "";
switch ($second_resource) {
case "post":
echo '<h2 class="page_title_withside">Only Showing One Post</h2>';
printPost(getPost($third_resource));
break;
case "tag":
echo '<h2 class="page_title_withside">Posts Tagged:</h2>';
echo '<h1 class="page_title_withside">' . getTagName($third_resource) . '</h1>';
foreach (getPostsByTag($third_resource) as $post) {
printPost($post);
}
break;
case "all":
echo '<h1 class="page_title_withside">All Blog Posts</h1>';
echo '<div class="page_content">';
foreach (getPosts(0, getPostCount()) as $post) {
printPostSummary($post);
}
echo '</div>';
break;
default:
$page = $second_resource === "" ? 1 : $second_resource;
foreach (getPosts(($page - 1) * $blogPageSize, $blogPageSize) as $post) {
printPost($post);
}
printBlogPageLinks($page);
break;
}
function GetUserFilteredPost($username, $keyword, $filterArray, $offset)
{
$filterArray = cleanFilter($filterArray);
$result = array('count' => 0, 'posts' => null);
try {
$conn = openConnection();
$stmt = $conn->prepare("SELECT SQL_CALC_FOUND_ROWS *, user.username, user.firstname, user.datejoined, current_timestamp() as 'lastupdate' FROM message, user WHERE message.iduser = user.iduser AND username = :username AND (post LIKE CONCAT('%', :keyword, '%') {$filterArray->query}) order by lastedited desc LIMIT :offset, :postsPerPage");
$stmt->bindParam(':username', $username);
$stmt->bindParam(':keyword', $keyword);
$stmt->bindParam(':offset', $offset, PDO::PARAM_INT);
$stmt->bindParam(':postsPerPage', $GLOBALS['POSTS_PER_PAGE'], PDO::PARAM_INT);
foreach ($filterArray->variables as $variableName => $value) {
$stmt->bindParam($variableName, $value);
}
$stmt->execute();
if ($stmt->rowCount() > 0) {
$result['posts'] = $stmt->fetchAll();
}
$result['count'] = getPostCount($conn);
} catch (PDOException $e) {
// echo 'selectAllUsers() Error: ' . $e->getMessage();
}
$conn = null;
return $result;
}
<?php
echo date("Y年m月d日 h时m分", strtotime($post['created']));
?>
</div>
<div class="ency-content">
<!-- <img src="/view/img/code.jpg"> -->
<?php
// echo "<p>".$post['title']."</p>";
echo "<p>" . $post['content'] . "</p>";
?>
</div>
</div>
<div class="page-no">
<ul>
<?php
$maxpage = getPostCount();
//百科详细页不需用
if ($page > 1) {
'<li><a href="/baikedetail/1.html' . (isset($class1) ? '?class1=' . urlencode($class1) : '') . (isset($class2) ? '&class2=' . urlencode($class2) : '') . '">首页</a></li>';
//首页标签
'<li><a href="/baikedetail/' . ($page - 1) . '.html' . (isset($class1) ? '?class1=' . urlencode($class1) : '') . (isset($class2) ? '&class2=' . urlencode($class2) : '') . '">上一页</a></li>';
//上一页标签
}
for ($pagei = $page - 2; $pagei < $page + 3; $pagei++) {
if ($pagei > 0 && $pagei < $maxpage) {
'<li><a href="/baikedetail/' . $pagei . '.html' . (isset($class1) ? '?class1=' . urlencode($class1) : '') . (isset($class2) ? '&class2=' . urlencode($class2) : '') . '">' . $pagei . '</a></li>';
}
}
if ($page < $maxpage) {
'<li><a href="/baikedetail/' . ($page + 1) . '.html' . (isset($class1) ? '?class1=' . urlencode($class1) : '') . (isset($class2) ? '&class2=' . urlencode($class2) : '') . '">下一页</a></li>';
//下一页标签
$userGroupData = $userGroupQuery->fetch_assoc();
if ($accountData['usertitle'] && $userGropuData['title']) {
$accountData['usertitle'] .= "<br>";
}
$accountData['usertitle'] .= $userGroupData['title'];
}
}
}
if (!$mData['read']) {
$mysql->query("UPDATE `privatemessages` SET `read` = '1' WHERE `id` = '" . escape($_GET['id']) . "'");
}
} else {
die("You have followed an invalid link.");
}
$bbParser->parse($mData['message']);
echo "<div class='box'>\n\t\t<div class='boxHeading'>\n\t\t\t" . $mData['title'] . "\n\t\t</div>\n\n\t\t<div class='boxSubHeading'>\n\t\t\tSent by " . $accountData['displayname'] . " - " . customDate($mData['date']) . "\n\t\t</div>\n\n\t\t<div class='boxMain'>\n\t\t\t<table class='tdAlignTop'>\n\t\t\t\t<tr>\n\t\t\t\t\t<td width='200'>\n\t\t\t\t\t\t<a href='user?id=" . $mData['from'] . "' data-tooltip='View Profile: " . $accountData['displayname'] . "'>\n\t\t\t\t\t\t\t<div class='commentUser'>\n\t\t\t\t\t\t\t\t<div class='bold'>\n\t\t\t\t\t\t\t\t\t" . userNameTags($mData['from'], $accountData['displayname']) . "\n\t\t\t\t\t\t\t\t</div>\n\n\t\t\t\t\t\t\t\t<br>\n\n\t\t\t\t\t\t\t\t" . $accountData['usertitle'] . "\n\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t</a>\n\n\t\t\t\t\t\t<br> <br>\n\n\t\t\t\t\t\t<img src='" . $accountData['avatar'] . "' data-noenlarge='true' " . getAvatarStyle($mData['from']) . ">\n\n\t\t\t\t\t\t<br> <br> <br>\n\n\t\t\t\t\t\t<span class='bold'>Posts:</span> " . getPostCount($mData['from']) . " <br>\n\t\t\t\t\t\t<span class='bold'>Country:</span> " . $accountData['country'] . "\n\t\t\t\t\t</td>\n\n\t\t\t\t\t<td width='20'></td>\n\n\t\t\t\t\t<td width='900'>\n\t\t\t\t\t\t<div class='commentText'>\n\t\t\t\t\t\t\t" . nl2br(unescape($bbParser->getAsHtml())) . "";
storePermissions($mData['from']);
if ($temporaryPermissions['allowsignature'] && $accountData['signature'] && strlen($accountData['signature']) <= $temporaryPermissions['maxsignature'] && substr_count($accountData['signature'], "\n") <= $temporaryPermissions['maxsignaturelines']) {
echo "<br><br> ____________________________________________________________________ <br><br>";
if ($temporaryPermissions['signaturebbcode']) {
$bbParser->parse($accountData['signature']);
if ($temporaryPermissions['signatureimage']) {
echo nl2br(unescape($bbParser->getAsHtml()));
} else {
echo str_replace("<img", "[IMG", nl2br(unescape($bbParser->getAsHtml())));
}
}
}
echo "</div>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t</table>\n\t\t</div>\n\t</div>";
if ($permissions['sendprivatemessage']) {
echo "<br>\n\n\t\t<form action='sendmessage?to=" . $mData['from'] . "' method='POST'>\n\t\t\t<div class='box'>\n\t\t\t\t<div class='boxHeading'>\n\t\t\t\t\tReply\n\t\t\t\t</div>\n\n\t\t\t\t<div class='boxMain'>\n\t\t\t\t\t<div class='boxArea'>\n\t\t\t\t\t\t<table>\n\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t<td width='100%'>Title:</td>\n\t\t\t\t\t\t\t\t<td><input type='text' name='title' placeholder='Title' value='" . $_POST['title'] . "' maxlength='200' class='boxFormInput' autofocus required></td>\n\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t</table>\n\t\t\t\t\t</div>\n\n\t\t\t\t\t<div class='boxArea'>\n\t\t\t\t\t\t<button type='button' data-tag='B' class='bbcode boxButton'>bold</button>\n\t\t\t\t\t\t<button type='button' data-tag='I' class='bbcode boxButton'>italic</button>\n\t\t\t\t\t\t<button type='button' data-tag='U' class='bbcode boxButton'>underline</button>\n\t\t\t\t\t\t<button type='button' data-tag='LEFT' class='bbcode boxButton'>left</button>\n\t\t\t\t\t\t<button type='button' data-tag='CENTER' class='bbcode boxButton'>center</button>\n\t\t\t\t\t\t<button type='button' data-tag='RIGHT' class='bbcode boxButton'>right</button>\n\t\t\t\t\t\t<button type='button' data-tag='LIST' class='bbcode boxButton'>bullet list</button>\n\t\t\t\t\t\t<button type='button' data-tag='NLIST' class='bbcode boxButton'>number list</button>\n\t\t\t\t\t\t<button type='button' data-tag='LI' class='bbcode boxButton'>list item</button>\n\t\t\t\t\t\t<button type='button' data-tag='EMAIL' class='bbcode boxButton'>email</button>\n\t\t\t\t\t\t<button type='button' data-tag='IMG' class='bbcode boxButton'>image</button>\n\t\t\t\t\t\t<button type='button' data-tag='QUOTE' class='bbcode boxButton'>quote</button>\n\t\t\t\t\t\t<button id='bbcode-link' type='button' data-tooltip='Example: [URL=http://example.com]Click here[/URL]' class='boxButton'>link</button>\n\t\t\t\t\t\t<button id='bbcode-font' type='button' data-tooltip='Example: [FONT=Arial]Hello world![/FONT]' class='boxButton'>font</button>\n\t\t\t\t\t\t<button id='bbcode-size' type='button' data-tooltip='Example: [SIZE=5]Hello world![/SIZE]' class='boxButton'>size</button>\n\t\t\t\t\t\t<button id='bbcode-color' type='button' data-tooltip='Example: [COLOR=RED]Hello[/COLOR] [COLOR=#00FF00]world![/COLOR]' class='boxButton'>color</button> ";
die("You have followed an invalid link.");
}
if ($_POST['postprofilemessage']) {
if (strlen($_POST['profilemessage']) >= 3) {
if (time() - $_SESSION['lastcomment'] >= 60) {
$mysql->query("INSERT INTO `profilemessages` (`user`, `poster`, `date`, `message`) VALUES ('" . escape($_GET['id']) . "', '" . $_SESSION['accountid'] . "', '" . time() . "', '" . escape($_POST['profilemessage']) . "')");
$_SESSION['lastcomment'] = time();
} else {
$timeBeforeComment = 60 - (time() - $_SESSION['lastcomment']);
echo "<div class='box'>\n\t\t\t\t\t<div class='boxHeading'>\n\t\t\t\t\t\tYou must wait {$timeBeforeComment} seconds before posting another thread, comment, profile message, or private message.\n\t\t\t\t\t</div>\n\t\t\t\t</div>\n\n\t\t\t\t<br>";
}
} else {
echo "<div class='box'>\n\t\t\t\t<div class='boxHeading'>\n\t\t\t\t\tYour profile message must be at least 3 characters long.\n\t\t\t\t</div>\n\t\t\t</div>\n\n\t\t\t<br>";
}
}
echo "<div class='userBox'>\n\t\t<table>\n\t\t\t<tr>\n\t\t\t\t<td width='400'>\n\t\t\t\t\t<div class='userName bold'>\n\t\t\t\t\t\t" . userNameTags($mData['id'], $mData['displayname']) . "\n\t\t\t\t\t</div>\n\n\t\t\t\t\t<div class='userTitles'>\n\t\t\t\t\t\t" . $mData['usertitle'] . "\n\t\t\t\t\t</div>\n\t\t\t\t</td>\n\n\t\t\t\t<td width='500'>\n\t\t\t\t\t<span class='bold'>Posts:</span> " . getPostCount($mData['id']) . " <br>\n\t\t\t\t\t<span class='bold'>Country:</span> " . $mData['country'] . "\n\t\t\t\t</td>\n\n\t\t\t\t<td>\n\t\t\t\t\t<img src='" . $mData['avatar'] . "' data-noenlarge='true' class='userAvatar'>\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>\n\t</div>\n\n\t<br>\n\n\t<h2>Profile Messages</h2>";
$mQuery = $mysql->query("SELECT `id`, `poster`, `date`, `message` FROM `profilemessages` WHERE `user` = '" . escape($_GET['id']) . "' ORDER BY `date` DESC");
while ($mData = $mQuery->fetch_assoc()) {
$accountQuery = $mysql->query("SELECT `displayname`, `avatar` FROM `accounts` WHERE `id` = '" . $mData['poster'] . "'");
$accountData = $accountQuery->fetch_assoc();
$bbParser->parse($mData['message']);
echo "<div data-user='******'displayname'] . "' class='mentionUser userMessageName bold inlineBlock'>\n\t\t\t" . $accountData['displayname'] . "\n\t\t</div>\n\n\t\t<div class='userMessageName bold inlineBlock'>\n\t\t\t - " . customDate($mData['date']) . "\n\t\t</div>\n\n\t\t<div class='userMessageBox'>\n\t\t\t" . nl2br(unescape($bbParser->getAsHtml())) . " <br><br><br><br><br><br> <div align='right'>";
if ($permissions['editpost'] || $permissions['editownprofilemessage'] && $mData['poster'] == $_SESSION['accountid']) {
echo "<a href='editpost?profilemessage=" . $mData['id'] . "' data-tooltip='Edit Profile Message' class='commentControlEx'>\n\t\t\t\t\t\n\t\t\t\t</a>";
}
if ($permissions['deletepost'] || $permissions['deleteownprofilemessage'] && $mData['poster'] == $_SESSION['accountid']) {
echo "<a href='deletepost?profilemessage=" . $mData['id'] . "' data-tooltip='Delete Profile Message' data-warning='Are you sure you want to delete this profile message? Once it is deleted, you will not be able to restore it.' class='commentControlEx'>\n\t\t\t\t\t\n\t\t\t\t</a>";
}
echo "</div>\n\t\t</div>\n\n\t\t<br><br>";
}
if ($permissions['postprofilemessage'] || $permissions['postownprofilemessage'] && $_GET['id'] == $_SESSION['accountid']) {
<?php
require_once "inc/functions.php";
// ini_set('display_errors', 1);
// ini_set('display_startup_errors', 1);
// error_reporting(E_ALL);
session_start();
// Redirection to the login page if the user is not logged in and viewing this page
if (!isset($_SESSION["U_ID"])) {
header('Location: login.php');
} else {
// Retrieve post count
$postCount = getPostCount($_SESSION['U_ID']);
}
// Variables used to determine page title and navigation
$dashNav = true;
$pageTitle = 'Dashboard';
// Includes HTML head, navigation, and opening body tag
include "inc/header.php";
?>
<header class="main-header">
<!--SESSION variable utilised to welcome the user -->
<span class="title">Welcome, <?php
echo $_SESSION["U_Forename"];
?>
</span>
<table>
<thead>
<tr>
<th>Posts</td>