Пример #1
0
 function BxOSiSearchUnit(&$oConfig, $_oTemplate = null)
 {
     $this->_oConfig = $oConfig;
     $this->sHomePath = $this->_oConfig->getHomePath();
     $this->sHomeUrl = $this->_oConfig->getHomeUrl();
     $this->aPermalinks = array('param' => 'permalinks_osi', 'enabled' => array('file' => ''), 'disabled' => array('file' => ''));
     $this->bShowCheckboxes = false;
     if (isAdmin() || isModerator()) {
         $this->aCurrent['restriction']['status'] = '';
         $this->bShowCheckboxes = true;
     }
     parent::BxBaseSearchResultText();
     $this->oOsiTemplate = $_oTemplate;
 }
Пример #2
0
 function BxAdsSearchUnit()
 {
     $oMain = $this->getAdsMain();
     $this->sHomePath = $oMain->_oConfig->getHomePath();
     $this->sHomeUrl = $oMain->_oConfig->getHomeUrl();
     $this->aPermalinks = array('param' => 'permalinks_module_ads', 'enabled' => array('file' => 'ads/entry/{uri}', 'category' => 'ads/cat/{uri}', 'subcategory' => 'ads/subcat/{uri}', 'tag' => 'ads/tag/{uri}', 'browseAll' => 'ads/', 'admin_file' => 'ads/entry/{uri}', 'admin_category' => 'ads/cat/{uri}', 'admin_subcategory' => 'ads/subcat/{uri}', 'admin_tag' => 'ads/tag/{uri}', 'admin_browseAll' => 'ads/'), 'disabled' => array('file' => 'classifieds.php?ShowAdvertisementID={id}', 'category' => 'classifieds.php?bClassifiedID={id}', 'subcategory' => 'classifieds.php?bSubClassifiedID={id}', 'tag' => 'classifieds_tags.php?tag={uri}', 'browseAll' => 'classifieds.php', 'admin_file' => 'classifieds.php?ShowAdvertisementID={id}', 'admin_category' => 'classifieds.php?bClassifiedID={id}', 'admin_subcategory' => 'classifieds.php?bSubClassifiedID={id}', 'admin_tag' => 'classifieds_tags.php?tag={uri}', 'admin_browseAll' => 'classifieds.php'));
     $this->bShowCheckboxes = false;
     if (isAdmin() || isModerator()) {
         //$this->aCurrent['restriction']['activeStatus'] = '';
         //$this->bShowCheckboxes = true;
     }
     parent::BxBaseSearchResultText();
     //$this->sTemplUnit = file_get_contents( $this->sHomeUrl . 'templates/base/'.$this->sTU.'.html' );
     $this->sSelectedUnit = 'unit_ads';
     $this->iPostViewType = $iPostViewType;
 }
Пример #3
0
	/**
	* Saves the user edit tab postdata into the tab's permanent storage
	* @param object tab reflecting the tab database entry
	* @param object mosUser reflecting the user being displayed
	* @param int 1 for front-end, 2 for back-end
	* @param array _POST data for saving edited tab content as generated with getEditTab
	* @returns mixed : either string HTML for tab content, or false if ErrorMSG generated
	*/
	function saveEditTab($tab, &$user, $ui, $postdata) {
        global $_CB_framework;
        
		// Get all relevant tab parameters - these settings are global and set by the admin
		$tabparams = $this->_pgGetTabParameters($user);

        $isModerator=isModerator($_CB_framework->myId());

		// Short Greeting:
		$cb_pgshortgreeting = cbGetParam($_POST, "cb_pgshortgreeting", "");
		$user->cb_pgshortgreeting = cbUnEscapeSQL($cb_pgshortgreeting);
        				
		// Enable Gallery:
		if ($tabparams["pgallowuserenable"]=="1" || $ui==2 || $isModerator) {
			$cb_pgenable = cbGetParam($_POST, "cb_pgenable", null);
			if ($cb_pgenable) {
				$user->cb_pgenable = $cb_pgenable;
			}
		}
		
		// Enable Autopublish Items:
		if ($tabparams["pgallowautopublishoverride"] || $ui==2 || $isModerator) {
			if ($tabparams["pgautopublish"]) {
				$cb_pgautopublish = cbGetParam($_POST, "cb_pgautopublish", null);
				if ($cb_pgautopublish) {
					$user->cb_pgautopublish = $cb_pgautopublish;
				}
			}
		}

        // Auto-approve Items setting in backend or frontend for moderators:            
		if ( ($ui == 2 && $tabparams["pgallowautoapproveoverride"]) || ($isModerator && $tabparams["pgallowautoapproveoverride"]) ) {			
			$cb_pgautoapprove = cbGetParam($_POST, "cb_pgautoapprove", null);
			if ($cb_pgautoapprove) {
				$user->cb_pgautoapprove = $cb_pgautoapprove;
			}
		}

        /* Not needed, done by CB fields: */

		if ($ui == 2 || $isModerator) {	
			// Item Quota (setting only in backend and frontend for moderators):
			$cb_pgtotalquotaitems = cbGetParam($_POST, "cb_pgtotalquotaitems", null);
			if (is_numeric($cb_pgtotalquotaitems)) {
				$user->cb_pgtotalquotaitems = $cb_pgtotalquotaitems;
			}
		}
		
		if ($ui == 2 || $isModerator) {	
			// Storage Quota (setting only in backend and frontend for moderators):
			$cb_pgtotalquotasize = cbGetParam($_POST, "cb_pgtotalquotasize", null);
			if (is_numeric($cb_pgtotalquotasize)) {
				$user->cb_pgtotalquotasize = $cb_pgtotalquotasize;
			}
		}
		
		if ($ui == 2 || $isModerator) {	
			// Maximum Single Upload Size (setting only in backend and frontend for moderators):
			$cb_pguploadsize = cbGetParam($_POST, "cb_pguploadsize", null);
			if (is_numeric($cb_pguploadsize)) {
				$user->cb_pguploadsize = $cb_pguploadsize;
			}
		}
		
		if ($ui == 2 || $isModerator) {	
			// Current Item Count Usage (information field only):
			$cb_pgtotalitems = cbGetParam($_POST, "cb_pgtotalitems", null);
			if (is_numeric($cb_pgtotalitems)) {
				$user->cb_pgtotalitems = $cb_pgtotalitems;
			}
		}
		
		if ($ui == 2 || $isModerator) {	
			// Current Item Size Usage (information field only):
			$cb_pgtotalsize = cbGetParam($_POST, "cb_pgtotalsize", null);
			if (is_numeric($cb_pgtotalsize)) {
				$user->cb_pgtotalsize = $cb_pgtotalsize;
			}
		}

		if ($ui == 2 || $isModerator) {	
			// Last Update Date (information field only):
			$cb_pglastupdate = cbGetParam($_POST, "cb_pglastupdate", null);
			if ($cb_pglastupdate !== null) {
				$user->cb_pglastupdate = $cb_pglastupdate;
			}
		}

		// Access Mode:
		if ($tabparams["pgallowaccessmodeoverride"] || $ui ==2 || $isModerator) {
			$cb_pgaccessmode = cbGetParam($_POST, "cb_pgaccessmode", null);
			if ($cb_pgaccessmode) {
				$user->cb_pgaccessmode = $cb_pgaccessmode;
			}
		}
		// Display Format:
		if ($tabparams["pgallowdisplayformatoverride"] || $ui ==2 || $isModerator) {
			$cb_pgdisplayformat = cbGetParam($_POST, "cb_pgdisplayformat", null);
			if ($cb_pgdisplayformat) {
				$user->cb_pgdisplayformat = $cb_pgdisplayformat;
			}
		}
	}
$servername = "okenso.com";
$username = "******";
$password = "******";
$dbname = "dev";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}
$error = false;
$error_message = "";
$data = json_decode(file_get_contents('php://input'), true);
$user = $data["username"];
$viewer = $data["viewer"];
$channelname = $data["channelname"];
$channelowner = $data["channelowner"];
if (isAdmin($conn, $user) || isOwner($conn, $user, $channelname, $channelowner) || isModerator($conn, $user, $channelname, $channelowner)) {
    removeViewer($conn, $viewer, $channelname, $channelowner);
} else {
    $error = true;
    $error_message = "You do not have permission to remove a viewer from this channel";
}
$conn->close();
$response = array('error' => $error, 'error_message' => $error_message, 'viewer' => $viewer);
echo json_encode($response);
function removeViewer($conn, $viewer, $channelname, $channelowner)
{
    $sql = "DELETE FROM private_view_channels WHERE\n                        prv_username = \"" . $viewer . "\" AND prv_chname = \"" . $channelname . "\" AND prv_chowner = \"" . $channelowner . "\";";
    $conn->query($sql);
}
?>
Пример #5
0
 function getProfileViewActions($iProfileId, $bDynamic = false)
 {
     global $oTemplConfig;
     $iProfileId = (int) $iProfileId;
     if (!$iProfileId) {
         return '';
     }
     $aProfileInfo = getProfileInfo($iProfileId);
     if (empty($aProfileInfo)) {
         return '';
     }
     $iViewerId = getLoggedId();
     // prepare all needed keys
     $aConfig = array('url' => BX_DOL_URL_ROOT, 'anonym_mode' => '', 'member_id' => $iViewerId, 'member_pass' => getPassword($iViewerId));
     $aMainKeys = array('cpt_edit', 'cpt_send_letter', 'cpt_fave', 'cpt_befriend', 'cpt_remove_friend', 'cpt_get_mail', 'cpt_share', 'cpt_report', 'cpt_block', 'cpt_unblock', 'cpt_activate', 'cpt_ban', 'cpt_delete', 'cpt_delete_spam', 'cpt_feature', 'act_activate', 'act_ban', 'act_feature');
     $aMain = array_fill_keys($aMainKeys, '');
     if (isMember($iViewerId)) {
         $aMain['cpt_edit'] = _t('_EditProfile');
         $aMain['cpt_send_letter'] = _t('_SendLetter');
         $aMain['cpt_fave'] = _t('_Fave');
         $aMain['cpt_remove_fave'] = _t('_Remove Fave');
         $aMain['cpt_befriend'] = _t('_Befriend');
         $aMain['cpt_remove_friend'] = _t('_Remove friend');
         $aMain['cpt_get_mail'] = _t('_Get E-mail');
         $aMain['cpt_share'] = $this->isAllowedShare($this->_aProfile) ? _t('_Share') : '';
         $aMain['cpt_report'] = _t('_Report Spam');
         $aMain['cpt_block'] = _t('_Block');
         $aMain['cpt_unblock'] = _t('_Unblock');
     }
     if (isAdmin($iViewerId) || isModerator($iViewerId) and $iViewerId != $iProfileId) {
         $sMsgKeyStart = '_adm_btn_mp_';
         // delete
         $aMain['cpt_delete'] = _t($sMsgKeyStart . 'delete');
         // delete spam
         $aMain['cpt_delete_spam'] = _t($sMsgKeyStart . 'delete_spammer');
         // activate / deactivate
         $sTypeActiv = 'activate';
         if ($aProfileInfo['Status'] == 'Active') {
             $sTypeActiv = 'de' . $sTypeActiv;
         }
         $aMain['cpt_activate'] = _t($sMsgKeyStart . $sTypeActiv);
         $aMain['act_activate'] = $sTypeActiv;
         // ban / unban
         $sTypeBan = 'ban';
         if (isLoggedBanned($aProfileInfo['ID'])) {
             $sTypeBan = 'un' . $sTypeBan;
         }
         $aMain['cpt_ban'] = _t($sMsgKeyStart . $sTypeBan);
         $aMain['act_ban'] = $sTypeBan;
         // feature / unfeature
         $sTypeFeat = 'featured';
         $aMain['cpt_feature'] = _t('_Feature it');
         if ((int) $aProfileInfo['Featured']) {
             $sTypeFeat = 'un' . $sTypeFeat;
             $aMain['cpt_feature'] = _t('_De-Feature it');
         }
         $aMain['act_feature'] = $sTypeFeat;
     }
     //--- Subscription integration ---//
     $oSubscription = BxDolSubscription::getInstance();
     $sAddon = $oSubscription->getData($bDynamic);
     $aButton = $oSubscription->getButton($iViewerId, 'profile', '', $iProfileId);
     $aMain['sbs_profile_title'] = $aButton['title'];
     $aMain['sbs_profile_script'] = $aButton['script'];
     //--- Subscription integration ---//
     $aCheckGreet = checkAction(getLoggedId(), ACTION_ID_SEND_VKISS);
     $aMain['cpt_greet'] = $aCheckGreet[CHECK_ACTION_RESULT] == CHECK_ACTION_RESULT_ALLOWED ? _t('_Greet') : '';
     $aMain = array_merge($aProfileInfo, $aConfig, $aMain);
     return $sAddon . $this->genObjectsActions($aMain, 'Profile');
 }
Пример #6
0
function canReview($id, $meta, $parid)
{
    return isModerator($id) && $meta[$parid]['user'] != $_SERVER['REMOTE_USER'] && $meta[$parid]['ip'] != clientIP(true);
}
Пример #7
0
	private function getAuto( $user, $rawPassword, $extras, $trigger ) {
		$cbUser									=	new CBuser();

		$cbUser->load( (int) $user->id );

		if ( ( ! isset( $user->gids ) ) || ( isset( $user->gids ) && ( ! is_array( $user->gids ) ) ) ) {
			$gids								=	array( $user->gid );
		} else {
			$gids								=	$user->gids;
		}

		if ( $user->id ) {
			array_unshift( $gids, -3 );

			if ( isModerator( $user->id ) ) {
				array_unshift( $gids, -5 );
			} else {
				array_unshift( $gids, -4 );
			}
		} else {
			array_unshift( $gids, -2 );
		}

		array_unshift( $gids, -1 );

		$access									=	explode( '|*|', $trigger->get( 'access' ) );

		if ( ! array_intersect( $access, $gids ) ) {
			return;
		}

		$conditionals							=	count( explode( "\n", $trigger->get( 'field' ) ) );

		for ( $i = 0, $n = $conditionals; $i < $n; $i++ ) {
			if ( ! cbgjautoClass::getFieldMatch( $user, $cbUser, $extras, cbgjClass::getHTMLCleanParam( true, "field$i", null, null, $trigger->get( 'field' ) ), cbgjClass::getCleanParam( true, "operator$i", null, null, $trigger->get( 'operator' ) ), cbgjClass::getHTMLCleanParam( true, "value$i", null, null, $trigger->get( 'value' ) ) ) ) {
				return;
			}
		}

		$plugin									=	cbgjClass::getPlugin();
		$exclude								=	$trigger->get( 'exclude' );

		if ( $exclude ) {
			cbArrayToInts( explode( ',', $exclude ) );

			$exclude							=	array_unique( $exclude );

			if ( in_array( $user->id, $exclude ) ) {
				return;
			}
		}

		$params									=	$trigger->getParams();

		if ( ( $params->get( 'auto', null ) == 3 ) && $params->get( 'cat_name', null ) ) {
			$owner								=	(int) $cbUser->replaceUserVars( $params->get( 'cat_owner', $user->id ), true, true, $extras );

			if ( ! $owner ) {
				$owner							=	(int) $user->id;
			}

			$parent								=	(int) $params->get( 'cat_parent', 0 );
			$name								=	trim( strip_tags( $cbUser->replaceUserVars( $params->get( 'cat_name', null ), true, true, $extras ) ) );
			$description						=	$cbUser->replaceUserVars( $params->get( 'cat_description', null ), true, true, $extras );

			if ( $params->get( 'cat_unique', 1 ) ) {
				$where							=	array( array( 'user_id', '=', $owner ), array( 'name', '=', $name ), array( 'parent', '=', (int) $parent ) );
			} else {
				$where							=	array( array( 'name', '=', $name ), array( 'parent', '=', (int) $parent ) );
			}

			$row								=	cbgjData::getCategories( null, $where, null, null, false );

			if ( ! $row->get( 'id' ) ) {
				$row->set( 'published', 1 );
				$row->set( 'parent', (int) $parent );
				$row->set( 'user_id', $owner );
				$row->set( 'name', $name );

				if ( $plugin->params->get( 'category_editor', 1 ) >= 2 ) {
					$row->set( 'description', cbgjClass::getFilteredText( $description ) );
				} else {
					$row->set( 'description', trim( strip_tags( $description ) ) );
				}

				$row->set( 'access', (int) $plugin->params->get( 'category_access_default', -2 ) );
				$row->set( 'types', $params->get( 'types', $plugin->params->get( 'category_types_default', '1|*|2|*|3' ) ) );
				$row->set( 'create', (int) $plugin->params->get( 'category_create_default', 1 ) );
				$row->set( 'create_access', (int) $plugin->params->get( 'category_createaccess_default', -1 ) );
				$row->set( 'nested', (int) $plugin->params->get( 'category_nested_default', 1 ) );
				$row->set( 'nested_access', (int) $plugin->params->get( 'category_nestedaccess_default', -1 ) );
				$row->set( 'date', cbgjClass::getUTCDate() );
				$row->set( 'ordering', 99999 );

				$row->store();
			}
		} elseif ( ( $params->get( 'auto', null ) == 2 ) && $params->get( 'category', null ) && $params->get( 'grp_name', null ) ) {
			if ( ( $params->get( 'category', null ) == -1 ) && $params->get( 'cat_name', null ) ) {
				$owner							=	(int) $cbUser->replaceUserVars( $params->get( 'cat_owner', $user->id ), true, true, $extras );

				if ( ! $owner ) {
					$owner						=	(int) $user->id;
				}

				$parent							=	(int) $params->get( 'cat_parent', 0 );
				$name							=	trim( strip_tags( $cbUser->replaceUserVars( $params->get( 'cat_name', null ), true, true, $extras ) ) );
				$description					=	$cbUser->replaceUserVars( $params->get( 'cat_description', null ), true, true, $extras );

				if ( $params->get( 'cat_unique', 1 ) ) {
					$where						=	array( array( 'user_id', '=', $owner ), array( 'name', '=', $name ), array( 'parent', '=', (int) $parent ) );
				} else {
					$where						=	array( array( 'name', '=', $name ), array( 'parent', '=', (int) $parent ) );
				}

				$category						=	cbgjData::getCategories( null, $where, null, null, false );

				if ( ! $category->get( 'id' ) ) {
					$category->set( 'published', 1 );
					$category->set( 'parent', (int) $parent );
					$category->set( 'user_id', $owner );
					$category->set( 'name', $name );

					if ( $plugin->params->get( 'category_editor', 1 ) >= 2 ) {
						$category->set( 'description', cbgjClass::getFilteredText( $description ) );
					} else {
						$category->set( 'description', trim( strip_tags( $description ) ) );
					}

					$category->set( 'access', (int) $plugin->params->get( 'category_access_default', -2 ) );
					$category->set( 'types', $params->get( 'types', $plugin->params->get( 'category_types_default', '1|*|2|*|3' ) ) );
					$category->set( 'create', (int) $plugin->params->get( 'category_create_default', 1 ) );
					$category->set( 'create_access', (int) $plugin->params->get( 'category_createaccess_default', -1 ) );
					$category->set( 'nested', (int) $plugin->params->get( 'category_nested_default', 1 ) );
					$category->set( 'nested_access', (int) $plugin->params->get( 'category_nestedaccess_default', -1 ) );
					$category->set( 'date', cbgjClass::getUTCDate() );
					$category->set( 'ordering', 99999 );

					$category->store();
				}
			} else {
				$category						=	cbgjData::getCategories( null, array( 'id', '=', (int) $params->get( 'category', null ) ), null, null, false );
			}

			if ( $category->get( 'id' ) ) {
				$owner							=	(int) $cbUser->replaceUserVars( $params->get( 'grp_owner', $user->id ), true, true, $extras );

				if ( ! $owner ) {
					$owner						=	(int) $user->id;
				}

				$parent							=	(int) $params->get( 'grp_parent', 0 );
				$name							=	trim( strip_tags( $cbUser->replaceUserVars( $params->get( 'grp_name', null ), true, true, $extras ) ) );
				$description					=	$cbUser->replaceUserVars( $params->get( 'grp_description', null ), true, true, $extras );
				$join							=	false;

				if ( $params->get( 'grp_unique', 1 ) ) {
					$where						=	array( array( 'category', '=', (int) $category->get( 'id' ) ), array( 'user_id', '=', $owner ), array( 'name', '=', $name ), array( 'parent', '=', (int) $parent ) );
				} else {
					$where						=	array( array( 'category', '=', (int) $category->get( 'id' ) ), array( 'name', '=', $name ), array( 'parent', '=', (int) $parent ) );

					if ( $params->get( 'grp_autojoin', 1 ) ) {
						$join					=	true;
					}
				}

				$row							=	cbgjData::getGroups( null, $where, null, null, false );

				if ( ! $row->get( 'id' ) ) {
					$row->set( 'published', 1 );
					$row->set( 'category', (int) $category->get( 'id' ) );
					$row->set( 'parent', (int) $parent );
					$row->set( 'user_id', $owner );
					$row->set( 'name', $name );

					if ( $plugin->params->get( 'group_editor', 1 ) >= 2 ) {
						$row->set( 'description', cbgjClass::getFilteredText( $description ) );
					} else {
						$row->set( 'description', trim( strip_tags( $description ) ) );
					}

					$row->set( 'access', (int) $plugin->params->get( 'group_access_default', -2 ) );
					$row->set( 'type', (int) $params->get( 'type', $plugin->params->get( 'group_type_default', 1 ) ) );
					$row->set( 'nested', (int) $plugin->params->get( 'group_nested_default', 1 ) );
					$row->set( 'nested_access', (int) $plugin->params->get( 'group_nestedaccess_default', -1 ) );
					$row->set( 'date', cbgjClass::getUTCDate() );
					$row->set( 'ordering', 1 );

					if ( $row->store() ) {
						$row->storeOwner( $row->get( 'user_id' ) );

						if ( $row->get( 'user_id' ) !=  $user->id ) {
							$usr				=	cbgjData::getUsers( null, array( array( 'group', '=', (int) $row->get( 'id' ) ), array( 'user_id', '=', (int) $user->id ) ), null, null, false );

							if ( ! $usr->get( 'id' ) ) {
								$usr->set( 'user_id', (int) $user->id );
								$usr->set( 'group', (int) $row->get( 'id' ) );
								$usr->set( 'date', cbgjClass::getUTCDate() );
								$usr->set( 'status', 1 );
								$usr->store();
							}
						}
					}
				} elseif ( $join ) {
					$usr						=	cbgjData::getUsers( null, array( array( 'group', '=', (int) $row->get( 'id' ) ), array( 'user_id', '=', (int) $user->id ) ), null, null, false );

					if ( ! $usr->get( 'id' ) ) {
						$usr->set( 'user_id', (int) $user->id );
						$usr->set( 'group', (int) $row->get( 'id' ) );
						$usr->set( 'date', cbgjClass::getUTCDate() );
						$usr->set( 'status', (int) $params->get( 'status', 1 ) );

						if ( $usr->store() ) {
							if ( $usr->get( 'status' ) == 4 ) {
								$row->storeOwner( $usr->get( 'user_id' ) );
							}
						}
					}
				}
			}
		} elseif ( ( $params->get( 'auto', null ) == 1 ) && $params->get( 'groups', null ) ) {
			$groups								=	$params->get( 'groups', null );

			if ( $groups ) {
				$groups							=	explode( '|*|', $groups );

				cbArrayToInts( $groups );
			}

			if ( $groups ) foreach ( $groups as $groupId ) {
				$group							=	cbgjData::getGroups( null, array( 'id', '=', (int) $groupId ), null, null, false );

				if ( $group->get( 'id' ) ) {
					$row						=	cbgjData::getUsers( null, array( array( 'group', '=', (int) $group->get( 'id' ) ), array( 'user_id', '=', (int) $user->id ) ), null, null, false );

					if ( ! $row->get( 'id' ) ) {
						$row->set( 'user_id', (int) $user->id );
						$row->set( 'group', (int) $group->get( 'id' ) );
						$row->set( 'date', cbgjClass::getUTCDate() );
						$row->set( 'status', (int) $params->get( 'status', 1 ) );

						if ( $row->store() ) {
							if ( $row->get( 'status' ) == 4 ) {
								$group->storeOwner( $row->get( 'user_id' ) );
							}
						}
					}
				}
			}
		} elseif ( ( $params->get( 'auto', null ) == 4 ) && $params->get( 'groups', null ) ) {
			$groups								=	$params->get( 'groups', null );

			if ( $groups ) {
				$groups							=	explode( '|*|', $groups );

				cbArrayToInts( $groups );
			}

			if ( $groups ) foreach ( $groups as $groupId ) {
				$group							=	cbgjData::getGroups( null, array( 'id', '=', (int) $groupId ), null, null, false );

				if ( $group->get( 'id' ) ) {
					$row						=	cbgjData::getUsers( null, array( array( 'group', '=', (int) $group->get( 'id' ) ), array( 'user_id', '=', (int) $user->id ) ), null, null, false );

					if ( $row->get( 'id' ) && ( $row->get( 'status' ) != 4 ) ) {
						$row->deleteAll();
					}
				}
			}
		}
	}
Пример #8
0
 /**
  * Function will generate block with actions;
  */
 function getBlockCode_ActionsBlock()
 {
     $sCode = '';
     if (!$this->aPollInfo) {
         return MsgBox(_t('_Empty'));
     }
     // prepare all needed keys
     $aUnitInfo = array('ViewerID' => (int) $this->iMemberId, 'ID' => (int) $this->aPollInfo['id_poll'], 'BaseUri' => $this->oModule->_oConfig->getBaseUri());
     $aUnitInfo['base_url'] = BX_DOL_URL_ROOT . $aUnitInfo['BaseUri'];
     $aUnitInfo['approved_cpt'] = '';
     $aUnitInfo['approved_act'] = '';
     $aUnitInfo['del_poll_title'] = $aUnitInfo['del_poll_url'] = $aUnitInfo['del_poll_script'];
     if (isLogged() && ($this->aPollInfo['id_profile'] == $this->iMemberId || isAdmin())) {
         $sDeleteLink = $this->oModule->getModulePath() . '&action=delete_poll&id=' . $aUnitInfo['ID'];
         $aUnitInfo['del_poll_title'] = _t('_bx_poll_delete');
         $aUnitInfo['del_poll_url'] = $sDeleteLink;
         $aUnitInfo['del_poll_script'] = "if(confirm('" . bx_js_string(_t('_Are_you_sure')) . "')) window.open ('" . $sDeleteLink . "','_self'); return false;";
     }
     $sMainPrefix = 'bx_poll';
     if (isAdmin($this->iMemberId) || isModerator($this->iMemberId) && $this->aPollInfo['id_profile'] != $this->iMemberId) {
         $sMsg = '_';
         $iAppr = 1;
         if ($this->aPollInfo['poll_approval'] == 1) {
             $sMsg .= 'dis';
             $iAppr = 0;
         }
         $aUnitInfo['approved_cpt'] = _t('_' . $sMainPrefix . $sMsg . 'approve');
         $aUnitInfo['approved_act'] = $iAppr;
     }
     $oSubscription = BxDolSubscription::getInstance();
     $aButton = $oSubscription->getButton($this->iMemberId, $sMainPrefix, '', $this->aPollInfo['id_poll']);
     $sCode .= $oSubscription->getData();
     $aUnitInfo['sbs_poll_title'] = $aButton['title'];
     $aUnitInfo['sbs_poll_script'] = $aButton['script'];
     $aUnitInfo['TitleShare'] = $this->oModule->isAllowedShare($this->aPollInfo) ? _t('_Share') : '';
     if (BxDolRequest::serviceExists('wall', 'get_repost_js_click')) {
         $sCode .= BxDolService::call('wall', 'get_repost_js_script');
         $aUnitInfo['repostCpt'] = _t('_Repost');
         $aUnitInfo['repostScript'] = BxDolService::call('wall', 'get_repost_js_click', array($this->iMemberId, $sMainPrefix, 'add', $this->aPollInfo['id_poll']));
     }
     $sActions = $GLOBALS['oFunctions']->genObjectsActions($aUnitInfo, $sMainPrefix);
     if (empty($sActions)) {
         return '';
     }
     return $sCode . $sActions;
 }
Пример #9
0
function PageCompAds($oAds)
{
    $sRetHtml = '';
    $sRetHtml .= $oAds->PrintCommandForms();
    if ($_REQUEST) {
        if (false !== bx_get('action')) {
            switch (bx_get('action')) {
                case '3':
                    echo $oAds->actionSearch();
                    exit;
                    break;
                case '2':
                    $iClassifiedSubID = (int) bx_get('FilterSubCat');
                    $sRetHtml .= $oAds->PrintSubRecords($iClassifiedSubID);
                    break;
                case '1':
                    $iClassifiedID = (int) bx_get('FilterCat');
                    $sRetHtml .= $oAds->PrintAllSubRecords($iClassifiedID);
                    break;
                case 'report':
                    $iCommentID = (int) bx_get('commentID');
                    print $oAds->GenReportSubmitForm($iCommentID);
                    exit;
                case 'post_report':
                    print $oAds->ActionReportSubmit();
                    exit;
                case 'show_calendar':
                    $sRetHtml .= $oAds->GenAdsCalendar();
                    break;
                case 'show_calendar_ads':
                    $sRetHtml .= $oAds->GenAdsByDate();
                    break;
                case 'show_featured':
                    $sRetHtml .= $oAds->GenAllAds('featured');
                    break;
                case 'show_categories':
                    $sRetHtml .= $oAds->genCategoriesBlock();
                    break;
                case 'show_all_ads':
                    $sRetHtml .= $oAds->GenAllAds();
                    break;
                case 'show_popular':
                    $sRetHtml .= $oAds->GenAllAds('popular');
                    break;
                case 'show_top_rated':
                    $sRetHtml .= $oAds->GenAllAds('top');
                    break;
                case 'my_page':
                    $sRetHtml .= $oAds->GenMyPageAdmin();
                    break;
                case 'tags':
                    $sRetHtml .= $oAds->GenTagsPage();
                    break;
            }
        } elseif (false !== bx_get('bClassifiedID') && (int) bx_get('bClassifiedID') > 0 || false !== bx_get('catUri') && bx_get('catUri') != '') {
            $iClassifiedID = (int) bx_get('bClassifiedID') > 0 ? (int) bx_get('bClassifiedID') : (int) db_value("SELECT `ID` FROM `{$oAds->_oConfig->sSQLCatTable}` WHERE `CEntryUri`='" . process_db_input(bx_get('catUri'), BX_TAGS_STRIP) . "' LIMIT 1");
            if ($iClassifiedID > 0) {
                $sRetHtml .= $oAds->PrintAllSubRecords($iClassifiedID);
            }
        } elseif (false !== bx_get('bSubClassifiedID') && (int) bx_get('bSubClassifiedID') > 0 || false !== bx_get('scatUri') && bx_get('scatUri') != '') {
            $iSubClassifiedID = (int) bx_get('bSubClassifiedID') > 0 ? (int) bx_get('bSubClassifiedID') : (int) db_value("SELECT `ID` FROM `{$oAds->_oConfig->sSQLSubcatTable}` WHERE `SEntryUri`='" . process_db_input(bx_get('scatUri'), BX_TAGS_STRIP) . "' LIMIT 1");
            if ($iSubClassifiedID > 0) {
                $sRetHtml .= $oAds->PrintSubRecords($iSubClassifiedID);
            }
        } elseif (false !== bx_get('ShowAdvertisementID') && (int) bx_get('ShowAdvertisementID') > 0 || false !== bx_get('entryUri') && bx_get('entryUri') != '') {
            $iID = (int) bx_get('ShowAdvertisementID') > 0 ? (int) bx_get('ShowAdvertisementID') : (int) db_value("SELECT `ID` FROM `{$oAds->_oConfig->sSQLPostsTable}` WHERE `EntryUri`='" . process_db_input(bx_get('entryUri'), BX_TAGS_STRIP) . "' LIMIT 1");
            $oAds->ActionPrintAdvertisement($iID);
            bx_import('PageView', $oAds->_aModule);
            $oAPV = new BxAdsPageView($oAds, $iID);
            $sRetHtml .= $oAPV->getCode();
        } elseif (false !== bx_get('UsersOtherListing')) {
            $iProfileID = (int) bx_get('IDProfile');
            if ($iProfileID > -1) {
                $sRetHtml .= $oAds->getMemberAds($iProfileID);
            }
        } elseif (false !== bx_get('DeleteAdvertisementID')) {
            $id = (int) bx_get('DeleteAdvertisementID');
            if ($id > 0) {
                $sRetHtml .= $oAds->ActionDeleteAdvertisement($id);
                $sRetHtml .= $oAds->GenMyPageAdmin('manage');
            }
        } elseif (false !== bx_get('ActivateAdvertisementID')) {
            $iAdID = (int) bx_get('ActivateAdvertisementID');
            if ($iAdID > 0 && ($oAds->bAdminMode || isModerator($oAds->_iVisitorID))) {
                $sStatus = bx_get('ActType') == 'active' ? 'active' : 'inactive';
                $oAds->_oDb->setPostStatus($iAdID, $sStatus);
                $oAds->ActionPrintAdvertisement($iAdID);
                bx_import('PageView', $oAds->_aModule);
                $oAPV = new BxAdsPageView($oAds, $iAdID);
                $sRetHtml .= $oAPV->getCode();
            }
        } elseif (false !== bx_get('BuyNow')) {
            $advId = (int) bx_get('IDAdv');
            if ($advId > 0) {
                $sRetHtml .= $oAds->ActionBuyAdvertisement($advId);
            }
        } elseif (false !== bx_get('BuySendNow')) {
            $advId = (int) bx_get('IDAdv');
            if ($advId > 0) {
                $sRetHtml .= $oAds->ActionBuySendMailAdvertisement($advId);
            }
        } else {
            $sRetHtml .= $oAds->getAdsMainPage();
        }
    } else {
        $sRetHtml .= $oAds->getAdsMainPage();
    }
    return $sRetHtml;
}
Пример #10
0
 /**
  * 
  *
  * @param  moscomprofilerFields  $field
  * @param  moscomprofilerUser    $user
  * @param  string                $reason      'profile' for user profile view, 'edit' for profile edit, 'register' for registration, 'list' for user-lists
  * @param  boolean               $displayFieldIcons
  * @return string                            HTML: <tag type="$type" value="$value" xxxx="xxx" yy="y" />
  */
 function _htmlEditForm(&$field, &$user, $reason, $displayFieldIcons = true)
 {
     global $_CB_framework, $_CB_database, $ueConfig;
     if ($field->name == 'avatar' && !($ueConfig['allowAvatarUpload'] || $ueConfig['allowAvatarGallery'])) {
         return null;
     }
     $name = $field->name;
     $nameapproved = $field->name . 'approved';
     $required = $this->_isRequired($field, $user, $reason);
     $existingAvatar = false;
     if ($user && $user->id) {
         // we can not trust the following, as if another field did error out, it's wrong:
         // $existingAvatar			=	( $user->$name != null );
         // so load from database:
         $realDatabaseUser = new moscomprofilerUser($_CB_database);
         if ($realDatabaseUser->load((int) $user->id)) {
             $existingAvatar = $realDatabaseUser->{$name} != null;
         }
     }
     $html = '<div>';
     $choices = array();
     if ($reason == 'register' || $reason == 'edit' && $user->id == 0) {
         if ($required == 0) {
             $choices[] = moscomprofilerHTML::makeOption('', _UE_AVATAR_NONE);
         }
     } else {
         if ($existingAvatar || $required == 0) {
             $choices[] = moscomprofilerHTML::makeOption('', _UE_AVATAR_NO_CHANGE);
         }
     }
     if ($name != 'avatar' || $ueConfig['allowAvatarUpload']) {
         $choices[] = moscomprofilerHTML::makeOption('upload', $existingAvatar ? _UE_AVATAR_UPLOAD_NEW : _UE_AVATAR_UPLOAD);
     }
     if ($name == 'avatar' && $ueConfig['allowAvatarGallery']) {
         $choices[] = moscomprofilerHTML::makeOption('gallery', _UE_AVATAR_SELECT);
     }
     if ($_CB_framework->getUi() == 2 && $existingAvatar && $user->{$nameapproved} == 0) {
         $choices[] = moscomprofilerHTML::makeOption('approve', _UE_APPROVE_IMAGE);
     }
     if ($existingAvatar && $required == 0) {
         $choices[] = moscomprofilerHTML::makeOption('delete', _UE_DELETE_AVATAR);
     }
     $html .= '<div>';
     if ($reason != 'register' && $user->id != 0 && $existingAvatar) {
         $html .= $this->_avatarHtml($field, $user, $reason) . ' ';
     }
     if ($reason == 'edit' && $existingAvatar && $user->{$nameapproved} == 0 && isModerator($_CB_framework->myId())) {
         $html .= $this->_avatarHtml($field, $user, $reason, false, 10) . ' ';
     }
     if (count($choices) > 1) {
         $additional = ' class="inputbox"';
         if ($_CB_framework->getUi() == 1 && $reason == 'edit' && $field->readonly) {
             $additional .= ' disabled="disabled"';
         }
         $html .= moscomprofilerHTML::selectList($choices, $name . '__choice', $additional, 'value', 'text', '', $required, true, false);
         /*
         			$js							=	"	$('#cbimg_upload_" . $name . ",#cbimg_gallery_" . $name . "').hide();"
         										.	"\n	$('#" . $name . "__choice').click( function() {"
         										.	"\n		var choice = $(this).val();"
         										.	"\n		if ( choice == '' ) {"
         										.	"\n			$('#cbimg_upload_" . $name . "').slideUp('slow');"
         										.	"\n			$('#cbimg_gallery_" . $name . "').slideUp('slow');"
         										.	"\n		} else if ( choice == 'upload' ) {"
         										.	"\n			$('#cbimg_upload_" . $name . "').slideDown('slow');"
         										.	"\n			$('#cbimg_gallery_" . $name . "').slideUp('slow');"
         										.	"\n		} else if ( choice == 'gallery' ) {"
         										.	"\n			$('#cbimg_upload_" . $name . "').slideUp('slow');"
         										.	"\n			$('#cbimg_gallery_" . $name . "').slideDown('slow');"
         										.	"\n		}"
         										.	"\n	} ).click();"
         										;
         */
         static $functOut = false;
         if (!$functOut) {
             $js = "function cbslideImage(choice,uplodid,galleryid) {" . "\n\tif ( ( choice == '' ) || ( choice == 'approve' ) || ( choice == 'delete' ) ) {" . "\n\t\t\$(uplodid).slideUp('slow');" . "\n\t\t\$(galleryid).slideUp('slow');" . "\n\t} else if ( choice == 'upload' ) {" . "\n\t\t\$(uplodid).slideDown('slow');" . "\n\t\t\$(galleryid).slideUp('slow');" . "\n\t} else if ( choice == 'gallery' ) {" . "\n\t\t\$(uplodid).slideUp('slow');" . "\n\t\t\$(galleryid).slideDown('slow');" . "\n\t}" . "\n}";
             $_CB_framework->outputCbJQuery($js);
             $functOut = true;
         }
         $js = "\$('#cbimg_upload_" . $name . ",#cbimg_gallery_" . $name . "').hide();" . "\n\t{" . "\n\t  \$('#" . $name . "__choice').click( function() {" . "\n\t\tcbslideImage( \$(this).val(), '#cbimg_upload_" . $name . "', '#cbimg_gallery_" . $name . "' );" . "\n\t  } ).click();" . "\n\t  \$('#" . $name . "__choice').change( function() {" . "\n\t\tcbslideImage( \$(this).val(), '#cbimg_upload_" . $name . "', '#cbimg_gallery_" . $name . "' );" . "\n\t  } );" . "\n\t}";
         $_CB_framework->outputCbJQuery($js);
     } else {
         $html .= '<input type="hidden" name="' . $name . '__choice" value="' . $choices[0]->value . '" />';
     }
     $html .= $this->_fieldIconsHtml($field, $user, 'htmledit', $reason, 'select', '', null, '', array(), $displayFieldIcons, $required);
     $html .= '</div>';
     if ($name != 'avatar' || $ueConfig['allowAvatarUpload']) {
         $button = $reason == 'register' ? _UE_REGISTER : ($_CB_framework->getUi() == 2 ? _UE_SAVE : _UE_UPDATE);
         $saveFieldName = $field->name;
         $saveFieldRequired = $field->required;
         $field->name .= '__file';
         if ($field->required && $user && isset($user->{$saveFieldName}) && $user->{$saveFieldName}) {
             $field->required = 0;
         }
         $html .= '<div id="cbimg_upload_' . $name . '">' . '<p>' . sprintf(_UE_UPLOAD_DIMENSIONS_AVATAR, $this->_getImageFieldParam($field, 'avatarWidth'), $this->_getImageFieldParam($field, 'avatarHeight'), $this->_getImageFieldParam($field, 'avatarSize')) . '</p>' . '<div>' . _UE_UPLOAD_SELECT_FILE . ' ' . '<input type="file" name="' . $name . '__file" value="" class="inputbox" />' . '</div>' . '<p>' . ($ueConfig['reg_enable_toc'] ? sprintf(_UE_AVATAR_DISCLAIMER_TERMS, $button, "<a href='" . cbSef(htmlspecialchars($ueConfig['reg_toc_url'])) . "' target='_BLANK'> " . _UE_AVATAR_TOC_LINK . "</a>") : sprintf(_UE_AVATAR_DISCLAIMER, $button)) . '</p>' . '</div>';
         $field->name = $saveFieldName;
         $field->required = $saveFieldRequired;
     }
     if ($name == 'avatar' && $ueConfig['allowAvatarGallery']) {
         $live_site = $_CB_framework->getCfg('live_site');
         $avatar_gallery_path = $_CB_framework->getCfg('absolute_path') . '/images/comprofiler/gallery';
         $avatar_images = array();
         $avatar_images = display_avatar_gallery($avatar_gallery_path);
         $html .= '<div id="cbimg_gallery_' . $name . '">' . "\n\t<table width='100%' border='0' cellpadding='4' cellspacing='2'>" . "\n\t\t<tr align='center' valign='middle'>";
         for ($i = 0; $i < count($avatar_images); $i++) {
             $j = $i + 1;
             $avatar_name = ucfirst(str_replace('_', ' ', preg_replace('/^(.*)\\..*$/', '\\1', $avatar_images[$i])));
             $html .= "\n\t\t\t<td>" . '<input type="radio" name="' . $name . '__gallery" id="' . $name . '__gallery_' . $i . '" value="' . $avatar_images[$i] . '" />' . '<label for="' . $name . '__gallery_' . $i . '">' . '<img src="' . $live_site . '/images/comprofiler/gallery/' . $avatar_images[$i] . '" alt="' . $avatar_name . '" title="' . $avatar_name . '" />' . '</label>' . '</td>';
             if (function_exists('fmod')) {
                 if (!fmod($j, 5)) {
                     $html .= "</tr>\n\t\t<tr align=\"center\" valign=\"middle\">";
                 }
             } else {
                 if (!fmodReplace($j, 5)) {
                     // PHP < 4.2.0...
                     $html .= "</tr>\n\t\t<tr align=\"center\" valign=\"middle\">";
                 }
             }
         }
         $html .= "\n\t\t</tr>\n\t\t" . "\n\t</table>" . '</div>';
     }
     $html .= '</div>';
     return $html;
 }
Пример #11
0
 /**
  * Method for ajax approval / disaproval from action button ;
  *
  * @return : (text) - Html response ;
  */
 function actionApprove($iPollId, $iApprove = 1)
 {
     $iPollId = (int) $iPollId;
     if ($iPollId) {
         $iActionerId = getLoggedId();
         $iApprove = (int) $iApprove;
         $sJQueryJS = genAjaxyPopupJS($iPollId);
         if (isAdmin($iActionerId) || isModerator($iActionerId)) {
             if (!$this->_oDb->setStatus($iPollId, $iApprove)) {
                 $sMsg = '_Error';
             } else {
                 $sMsg = '_Saved';
             }
         } else {
             $sMsg = '_Access denied';
         }
         header('Content-Type: text/html; charset=UTF-8');
         echo MsgBox(_t($sMsg)) . $sJQueryJS;
         exit;
     }
 }
Пример #12
0
/**
 * Perform admin or moderator actions
 *
 * @param $sAction string
 * @param $iViewerId integer
 * @param $iTargetId integer
 * @return mixed - HTML code or FALSE
 */
function PageListControl($sAction, $iViewerId, $iTargetId)
{
    $sAction = clear_xss($sAction);
    $iViewerId = (int) $iViewerId;
    $iTargetId = (int) $iTargetId;
    $mixedRes = FALSE;
    $sMsg = '_Error';
    if (isAdmin($iViewerId) or isModerator($iViewerId) and $iViewerId != $iTargetId) {
        switch ($sAction) {
            case 'activate':
            case 'deactivate':
                $mixedRes = _setStatus($iTargetId, $sAction);
                break;
            case 'ban':
                if (bx_admin_profile_ban_control($iTargetId)) {
                    $sMsg = '_Success';
                }
                $mixedRes = MsgBox(_t($sMsg));
                break;
            case 'unban':
                if (bx_admin_profile_ban_control($iTargetId, FALSE)) {
                    $sMsg = '_Success';
                }
                $mixedRes = MsgBox(_t($sMsg));
                break;
            case 'featured':
            case 'unfeatured':
                $mixedRes = _setFeature($iTargetId, $sAction);
                break;
            case 'delete':
                profile_delete($iTargetId);
                $mixedRes = MsgBox(_t('_Success')) . genAjaxyPopupJS($iTargetId, 'ajaxy_popup_result_div', BX_DOL_URL_ROOT . 'browse.php');
                break;
            case 'delete_spam':
                profile_delete($iTargetId, TRUE);
                $mixedRes = MsgBox(_t('_Success')) . genAjaxyPopupJS($iTargetId, 'ajaxy_popup_result_div', BX_DOL_URL_ROOT . 'browse.php');
                break;
            default:
        }
    }
    return $mixedRes;
}
    static function userProfile($user, $option, $submitvalue)
    {
        global $_CB_framework, $ueConfig, $_POST, $_PLUGINS;
        $_PLUGINS->loadPluginGroup('user');
        $results = $_PLUGINS->trigger('onBeforeUserProfileRequest', array(&$user, 1));
        if ($_PLUGINS->is_errors()) {
            echo "<script type=\"text/javascript\">alert(\"" . $_PLUGINS->getErrorMSG() . "\"); window.history.go(-1); </script>\n";
            exit;
        }
        $cbTemplate = HTML_comprofiler::_cbTemplateLoad();
        $cbMyIsModerator = isModerator($_CB_framework->myId());
        $cbUserIsModerator = isModerator($user->id);
        $showProfile = 1;
        if ($user->banned != 0 || $user->block == 1 && $user->confirmed && $user->approved) {
            echo "<font color='red'>";
            if ($user->banned != 0) {
                if ($_CB_framework->myId() != $user->id) {
                    echo _UE_USERPROFILEBANNED;
                } else {
                    echo _UE_BANNED_CHANGE_PROFILE;
                }
            }
            if ($user->block == 1 && $user->confirmed && $user->approved) {
                echo _UE_USERPROFILEBLOCKED;
            }
            if ($_CB_framework->myId() != $user->id && $cbMyIsModerator != 1) {
                $showProfile = 0;
            } else {
                if ($user->block == 1) {
                    echo ": " . _UE_LOGIN_BLOCKED;
                }
                if ($user->banned != 0) {
                    echo "<br />" . nl2br($user->bannedreason);
                }
            }
            echo "<br /></font>";
        }
        if (!$user->confirmed) {
            echo "<font color='red'>" . _UE_USER_NOT_CONFIRMED . "</font><br />";
        }
        if (!$user->approved) {
            echo "<font color='red'>" . _UE_USER_NOT_APPROVED . "</font><br />";
        }
        if ((!$user->confirmed || !$user->approved) && $cbMyIsModerator != 1) {
            $showProfile = 0;
        }
        if ($showProfile == 1) {
            $results = $_PLUGINS->trigger('onBeforeUserProfileDisplay', array(&$user, 1, $cbUserIsModerator, $cbMyIsModerator));
            if ($_PLUGINS->is_errors()) {
                echo "<script type=\"text/javascript\">alert(\"" . $_PLUGINS->getErrorMSG() . "\"); window.history.go(-1); </script>\n";
                exit;
            }
            $output = 'html';
            $cbUser =& CBuser::getInstance($user->id);
            $_CB_framework->displayedUser((int) $user->id);
            $userViewTabs = $cbUser->getProfileView();
            /*
            			$tabs = new cbTabs( 0, 1 );
            			$userViewTabs = $tabs->getViewTabs($user);			// this loads, registers menu and user status and renders the tabs
            */
            $_CB_framework->setPageTitle(cbUnHtmlspecialchars(getNameFormat($user->name, $user->username, $ueConfig['name_format'])));
            $_CB_framework->appendPathWay(getNameFormat($user->name, $user->username, $ueConfig['name_format']));
            outputCbTemplate(1);
            initToolTip(1);
            $_CB_framework->document->addHeadScriptDeclaration('
	function cbConnSubmReq() {
		cClick();
		document.connOverForm.submit();
	}
	function confirmSubmit() {
	if (confirm("' . _UE_CONFIRMREMOVECONNECTION . '"))
		return true ;
	else
		return false ;
	}
');
            if (is_array($results)) {
                echo implode('', $results);
            }
            echo "\n\t<div class=\"cbProfile\"><div id=\"cbProfileInner\">";
            echo HTML_comprofiler::_cbTemplateRender($cbTemplate, $user, 'Profile', 'drawProfile', array(&$user, &$userViewTabs), $output);
            echo "</div><div class=\"cbClr\"></div></div>\n" . "<div class=\"cbClr\"></div>";
            // end of cbProfile floating div
            $tab = null;
            if (isset($_GET['tab'])) {
                $tab = urldecode(stripslashes(cbGetParam($_GET, 'tab', '')));
            } elseif (isset($_POST['tab'])) {
                $tab = stripslashes(cbGetParam($_POST, 'tab', ''));
            }
            if ($tab) {
                $_CB_framework->outputCbJQuery("showCBTab('" . addslashes($tab) . "');");
            }
            if ($_CB_framework->myId() != $user->id) {
                recordViewHit($_CB_framework->myId(), $user->id, getenv('REMOTE_ADDR'));
            }
            $_PLUGINS->trigger('onAfterUserProfileDisplay', array($user, true));
        }
    }
Пример #14
0
$objid = $objData["objid"];
// Fetch artist's data.
$result = sql_query("SELECT `useid`, `useUsername` FROM `users` " . "WHERE `useid` = '" . $objData["objCreator"] . "' LIMIT 1");
$useData = mysql_fetch_assoc($result);
// This does not work until abuCreator is added. The addition of abuCreator will probably also result in other code modification.
$useData["abuseCases"] = intval(mysql_result(sql_query("SELECT COUNT(*) FROM `abuses` WHERE `abuCreator` = '" . $objData["objCreator"] . "'"), 0));
$useData["abusePercent"] = round(intval(mysql_result(sql_query("SELECT COUNT(*) FROM `abuses` WHERE `abuCreator` = '" . $objData["objCreator"] . "' AND ((`abuMod` = '-' AND `abusMod` = '-') OR (`aburMod` = '-'))"), 0)) / $useData["abuseCases"] * 100);
// Fetch reporter's data.
$result = sql_query("SELECT `useid`, `useUsername` FROM `users` " . "WHERE `useid` = '" . $objData["abuSubmitter"] . "' LIMIT 1");
$repData = mysql_fetch_assoc($result);
$repData["abuseCases"] = intval(mysql_result(sql_query("SELECT COUNT(*) FROM `abuses` WHERE `abuSubmitter` = '" . $objData["abuSubmitter"] . "'"), 0));
$repData["abusePercent"] = round(intval(mysql_result(sql_query("SELECT COUNT(*) FROM `abuses` WHERE `abuSubmitter` = '" . $objData["abuSubmitter"] . "' AND ((`abuMod` = '-' AND `abusMod` = '-') OR (`aburMod` = '-'))"), 0)) / $repData["abuseCases"] * 100);
// Determine the current user's access level.
$accessLevel = 0;
// No access.
if ($objData["abuMod"] == "?" && isModerator()) {
    $accessLevel = 1;
    // Moderator.
} elseif ($objData["abuMod"] != "?" && $objData["abusMod"] == "?" && isSModerator()) {
    $accessLevel = 2;
    // Supermoderator.
} elseif ($objData["abuMod"] != "?" && $objData["abusMod"] != "?" && $objData["abuMod"] != $objData["abusMod"] && isAdmin()) {
    $accessLevel = 3;
    // Administrator.
}
if ($objData["abuResolved"]) {
    $accessLevel = 0;
}
// This abuse case is resolved.
if ($accessLevel > 0 && isset($_POST["submit"])) {
    // Check if we got a correct decision: "+" or "-"
Пример #15
0
         $GLOBALS['oTopMenu']->setCurrentProfileID($iProfileId);
         $_page_cont[$iIndex]['page_main_code'] = $oPoll->searchMy();
     } else {
         member_auth(0);
     }
     break;
 case 'show_poll_info':
 case 'poll_home':
     // draw polls question on menu's panel;
     $aPollInfo = current($oPoll->_oDb->getPollInfo($iPollId));
     $sCode = '';
     $sInitPart = $oPoll->getInitPollPage();
     if ($aPollSettings['action'] == 'show_poll_info') {
         $isAllowView = FALSE;
         if (!empty($aPollInfo)) {
             if ((int) $aPollInfo['poll_approval'] == 1 || isAdmin($iProfileId) || isModerator($iProfileId)) {
                 $isAllowView = TRUE;
             }
         }
         if ($isAllowView) {
             $oViewPoll = bx_instance($aModule['class_prefix'] . 'View', array($aPollSettings['action'], $aModule, $oPoll, $iPollId), $aModule);
             $sPageTitle = $aPollInfo['poll_question'];
             $sPageCaption = _t('_bx_poll_view', $aPollInfo['poll_question']);
             $_page['header'] = $sPageCaption;
             $_page['header_text'] = $sPageCaption;
             $oPoll->_oTemplate->addJsTranslation(array('_Are_you_sure'));
             $oPoll->_oTemplate->setPageDescription($aPollInfo['poll_question']);
             $oPoll->_oTemplate->addPageKeywords($aPollInfo['poll_answers'], BX_POLL_ANS_DIVIDER);
             if (mb_strlen($sPageTitle) > $oPoll->sPollHomeTitleLenght) {
                 $sPageTitle = mb_substr($sPageTitle, 0, $oPoll->sPollHomeTitleLenght) . '...';
             }
Пример #16
0
function deleteComment($commentId)
{
    $cData = getComment($commentId);
    if ($cData[0]['user'] == getActiveUserID() || isAdmin() || isModerator()) {
        $link = getDBConnection();
        if (mysqli_select_db($link, getDBName())) {
            $commentId = intval($commentId);
            mysqli_query($link, "DELETE FROM newsComments WHERE id = {$commentId}");
        }
    }
}
	/**
	 * Generate users details
	 *
	 * @param moscomprofilerUser $user
	 * @param object             $forum
	 * @return object
	 */
	function getUserDetails( $user, $forum ) {
		global $_CB_database, $_CB_framework;
		
		static $usersdetailsCache								=	array();

		if ( ! isset( $usersdetailsCache[$user->id] ) ) {

			if ( ( isset ( $forum->config['showuserstats'] ) ? $forum->config['showuserstats'] : $forum->config['showstats'] ) || ( ! $forum->config['showranking'] && ! $forum->config['showkarma'] && ! ( isset ( $forum->config['poststats'] ) ? $forum->config['poststats'] : $forum->config['postStats'] ) ) ) {
				if ( ( ( $forum->component == 'com_fireboard' ) && ( $forum->version >= '1.0.3' ) ) || ( $forum->component == 'com_kunena' ) ) {
					$supportsDbRanks							=	', ' . $_CB_database->NameQuote( 'rank' );
				} else {
					$supportsDbRanks							=	null;
				}
				
				$userDetails									=	$this->getUserSettings( $user, $forum, $supportsDbRanks );
				
				if ( ( isset( $userDetails->posts ) ) && $userDetails->posts != 0 ) {
					if ( $forum->config['showranking'] ) {
						$uIsAdm									=	isModerator( $user->id );
						$uIsMod									=	$userDetails->moderator;
						$pathImage								=	$_CB_framework->getCfg( 'live_site' ) . '/components/' . $forum->component;
						
						if ( $supportsDbRanks ) {
							
							if ( $userDetails->rank != 0 ) {
								$where							=	$_CB_database->NameQuote( 'rank_id' ) . ' = ' . (int) $userDetails->rank;
							} else {
								$where							=	$_CB_database->NameQuote( 'rank_min' ) . ' <= ' . (int) $userDetails->posts
																.	"\n ORDER BY "	. $_CB_database->NameQuote( 'rank_min' ) . ' DESC';
							}
							
							$query								=	'SELECT '		. $_CB_database->NameQuote( 'rank_title' )
																.	', '			. $_CB_database->NameQuote( 'rank_image' )
																.	"\n FROM "		. $_CB_database->NameQuote( '#__' . $forum->prefix . '_ranks' )
																.	"\n WHERE "		. $where;
							$_CB_database->setQuery( $query, 0, 1 );
							$userRank							=	null;
							$_CB_database->loadObject( $userRank );
							
				         	$pathImage							=	$pathImage . $this->params->get( 'TemplateRank', '/template/default/images' );
							$rText								=	$userRank->rank_title;
							$rImg								=	$pathImage . '/ranks/' . $userRank->rank_image;
						} else {
							$userDetails->rank					=	1;
							
							for ( $i = 1; $i <= 5; $i++ ) {
								$rankPrev						=	$forum->config['rank' . ( ( ( $i > 1 ) ? ( $i - 1 ) : $i ) )];
								$rank							=	$forum->config['rank' . $i];
								
								if ( $userDetails->posts <= $rank && ( $userDetails->posts > $rankPrev ) ) {
									$userDetails->rank			=	$i;
								} elseif ( ( $i == 5 ) && ( $userDetails->posts > $rank ) ) {
									$userDetails->rank			=	6;
								}
							}
							
							$rText								=	$forum->config['rank' . $userDetails->rank . 'txt'];
							$rImg								=	$pathImage . '/ranks/rank' . $userDetails->rank . '.gif';
						}
						
						if ( ( $userDetails->rank == 0 ) && $uIsMod ) {
							$rText								=	CBTxt::T( 'Moderator' );
							$rImg								=	$pathImage . '/ranks/rankmod.gif';
						}
						
						if ( ( $userDetails->rank == 0 ) && $uIsAdm ) {
							$rText								=	CBTxt::T( 'Administrator' );
							$rImg								=	$pathImage . '/ranks/rankadmin.gif';
						}
						
						if ( $forum->config['rankimages'] ) {
							$userDetails->msg_userrankimg		=	'<img src="' . htmlspecialchars( $rImg ) . '" alt="' . htmlspecialchars( $rText ) . '" border="0" />';
						}
						
						$userDetails->msg_userrank				=	$rText;
					}
				} else {
					$userDetails								=	false;
				}
			} else {
				$userDetails									=	false;
			}
			$usersdetailsCache[$user->id]						=	$userDetails;
		}
		
		return $usersdetailsCache[$user->id];
	}
Пример #18
0
	function drawUsersList( $uid, $listid, $searchFormValuesRAW ) {
		global $_CB_database, $_CB_framework, $ueConfig, $Itemid, $_PLUGINS;
	
		$search					=	null;
		$searchGET				=	cbGetParam( $searchFormValuesRAW, 'search' );
		$limitstart				=	(int) cbGetParam( $searchFormValuesRAW, 'limitstart', 0 );
		$searchmode				=	(int) cbGetParam( $searchFormValuesRAW, 'searchmode', 0 );
		$randomParam			=	(int) cbGetParam( $searchFormValuesRAW, 'rand', 0 );
	
		// old search on formated name:
	
	/*	if ( $searchPOST || count( $_POST ) ) {
			// simple spoof check security
			cbSpoofCheck( 'usersList' );
			if ( cbGetParam( $searchFormValuesRAW, "action" ) == "search" ) {
				$search			=	$searchPOST;
			}
		} else
			if ( isset( $searchFormValuesRAW['limitstart'] ) ) {
				$search				=	stripslashes( $searchGET );
			}
	*/
		// get my user and gets the list of user lists he is allowed to see (ACL):
	
		$myCbUser				=&	CBuser::getInstance( $uid );
		if ( $myCbUser === null ) {
			$myCbUser			=&	CBuser::getInstance( null );
		}
		$myUser					=&	$myCbUser->getUserData();
	/*
		$myUser					=	new moscomprofilerUser( $_CB_database );
		if ( $uid ) {
			$myUser->load( (int) $uid );
		}
	*/
		$useraccessgroupSQL		=	" AND useraccessgroupid IN (".implode(',',getChildGIDS(userGID($uid))).")";
		$_CB_database->setQuery( "SELECT listid, title FROM #__comprofiler_lists WHERE published=1" . $useraccessgroupSQL . " ORDER BY ordering" );
		$plists					=	$_CB_database->loadObjectList();
		$lists					=	array();
		$publishedlists			=	array();
	
		for ( $i=0, $n=count( $plists ); $i < $n; $i++ ) {
			$plist				=&	$plists[$i];
			$listTitleNoHtml	=	strip_tags( cbReplaceVars( getLangDefinition( $plist->title ), $myUser, false, false ) );
		   	$publishedlists[]	=	moscomprofilerHTML::makeOption( $plist->listid, $listTitleNoHtml );
		}
	
		// select either list selected or default list to which he has access (ACL):
	
		if ( $listid == 0 ) {
			$_CB_database->setQuery( "SELECT listid FROM #__comprofiler_lists "
			. "\n WHERE `default`=1 AND published=1" . $useraccessgroupSQL );
			$listid				=	(int) $_CB_database->loadresult();
			if ( $listid == 0 && ( count( $plists ) > 0 ) ) {
				$listid			=	(int) $plists[0]->listid;
			}
		}
		if ( ! ( $listid > 0 ) ) {
			echo _UE_NOLISTFOUND;
			return;
		}
	
		// generates the drop-down list of lists:
	
		if ( count( $plists ) > 1 ) {
			$lists['plists']	=	moscomprofilerHTML::selectList( $publishedlists, 'listid', 'class="inputbox" size="1" onchange="this.form.submit();"', 'value', 'text', $listid, 1 );
		}
	
		// loads the list record:
	
		$row					=	new moscomprofilerLists( $_CB_database );
		if ( ( ! $row->load( (int) $listid ) ) || ( $row->published != 1 ) ) {
			echo _UE_LIST_DOES_NOT_EXIST;
			return;
		}
		if ( ! allowAccess( $row->useraccessgroupid,'RECURSE', userGID($uid) ) ) {
			echo _UE_NOT_AUTHORIZED;
			return;
		}
	
		$params					=	new cbParamsBase( $row->params );
	
		$hotlink_protection		=	$params->get( 'hotlink_protection', 0 );
		if ( $hotlink_protection == 1 ) {
			if ( ( $searchGET !== null ) || $limitstart ) {
				cbSpoofCheck( 'usersList', 'GET' );
			}
		}
	
		$limit					=	(int) $params->get( 'list_limit' );
		if ( $limit == 0 ) {
			$limit				=	(int) $ueConfig['num_per_page'];
		}
	
		$showPaging				=	$params->get( 'list_paging', 1 );
		if ( $showPaging != 1 ) {
			$limitstart			=	0;
		}
	
		$isModerator			=	isModerator( $_CB_framework->myId() );
	
		$_PLUGINS->loadPluginGroup( 'user' );
		// $plugSearchFieldsArray	=	$_PLUGINS->trigger( 'onStartUsersList', array( &$listid, &$row, &$search, &$limitstart, &$limit ) );
		$_PLUGINS->trigger( 'onStartUsersList', array( &$listid, &$row, &$search, &$limitstart, &$limit ) );
	
		// handles the users allowed to be listed in the list by ACL:
	
		$allusergids			=	array();
		$usergids				=	explode( ',', $row->usergroupids );
	/*	This was a bug tending to list admins when "public backend" was checked, and all frontend users when "public backend was checked. Now just ignore them:
		foreach( $usergids AS $usergid ) {
			$allusergids[]		=	$usergid;
			if ($usergid==29 || $usergid==30) {
				$groupchildren	=	array();
				$groupchildren	=	$_CB_framework->acl->get_group_children( $usergid, 'ARO','RECURSE' );
				$allusergids	=	array_merge($allusergids,$groupchildren);
			}
		}
	*/
		$allusergids			=	array_diff( $usergids, array( 29, 30 ) );
		$usergids				=	implode( ",", $allusergids );
	
		// build SQL Select query:
	
		$random					=	0;
		if( $row->sortfields != '' ) {
			$matches			=	null;
			if ( preg_match( '/^RAND\(\)\s(ASC|DESC)$/', $row->sortfields, $matches ) ) {
				// random sorting needs to have same seed on pages > 1 to not have probability to show same users:
				if ( $limitstart ) {
					$random		=	(int) $randomParam;
				}
				if ( ! $random ) {
					$random		=	rand( 0, 32767 );
				}
				$row->sortfields =	'RAND(' . (int) $random . ') ' . $matches[1];
			}
			$orderby			=	"\n ORDER BY " . $row->sortfields;
		}
		$filterby				=	'';
		if ( $row->filterfields != '' ) {
			$filterRules		=	utf8RawUrlDecode( substr( $row->filterfields, 1 ) );
	
			if ( $_CB_framework->myId() ) {
				$user			=	new moscomprofilerUser( $_CB_database );
				if ( $user->load( (int) $_CB_framework->myId() ) ) {
					$filterRules	=	cbReplaceVars( $filterRules, $user, array( $_CB_database, 'getEscaped' ), false, array() );
				}
			}
			$filterby			=	" AND ". $filterRules;
		}
	
		// Prepare part after SELECT .... " and before "FROM" :
	
		$tableReferences		=	array( '#__comprofiler' => 'ue', '#__users' => 'u' );
	
		// Fetch all fields:
	
		$tabs					=	$myCbUser->_getCbTabs();		//	new cbTabs( 0, 1 );		//TBD: later: this private method should not be called here, but the whole users-list should go into there and be called here.
	
		$allFields				=	$tabs->_getTabFieldsDb( null, $myUser, 'list' );
		// $_CB_database->setQuery( "SELECT * FROM #__comprofiler_fields WHERE published = 1" );
		// $allFields				=	$_CB_database->loadObjectList( 'fieldid', 'moscomprofilerFields', array( &$_CB_database ) );
	
	
		//Make columns array. This array will later be constructed from the tabs table:
	
		$columns				=	array();
	
		for ( $i = 1; $i < 50; ++$i ) {
			$enabledVar			=	"col".$i."enabled";
	
			if ( ! isset( $row->$enabledVar ) ) {
				break;
			}
			$titleVar			=	"col".$i."title";
			$fieldsVar			=	"col".$i."fields";
			$captionsVar		=	"col".$i."captions";
	
			if ( $row->$enabledVar == 1 ) {
				$col			=	new stdClass();
				$col->fields	=	( $row->$fieldsVar ? explode( '|*|', $row->$fieldsVar ) : array() );
				$col->title		=	$row->$titleVar;
				$col->titleRendered		=	$myCbUser->replaceUserVars( $col->title );
				$col->captions	=	$row->$captionsVar;
				// $col->sort	=	1; //All columns can be sorted
				$columns[$i]	=	$col;
			}
		}
	
		// build fields and tables accesses, also check for searchable fields:
	
		$searchableFields		=	array();
		$fieldsSQL				=	cbUsersList::getFieldsSQL( $columns, $allFields, $tableReferences, $searchableFields, $params );
	
		$_PLUGINS->trigger( 'onAfterUsersListFieldsSql', array( &$columns, &$allFields, &$tableReferences ) );
	
		$tablesSQL				=	array();
		$joinsSQL				=	array();
		$tablesWhereSQL			=	array(	'block'		=>	'u.block = 0',
											'approved'	=>	'ue.approved = 1',
											'confirmed'	=>	'ue.confirmed = 1'
										 );
	
		if ( checkJversion() == 2 ) {
			$joinsSQL[]				=	'JOIN #__user_usergroup_map g ON g.`user_id` = u.`id`';
		}
	
		if ( ! $isModerator ) {
			$tablesWhereSQL['banned']	=	'ue.banned = 0';
		}
		if ( $usergids ) {
			if ( checkJversion() == 2 ) {
				$tablesWhereSQL['gid']	=	'g.group_id IN (' . $usergids . ')';
			} else {
				$tablesWhereSQL['gid']	=	'u.gid IN (' . $usergids . ')';
			}
		}
	
		foreach ( $tableReferences as $table => $name ) {
			$tablesSQL[]				=	$table . ' ' . $name;
			if ( $name != 'u' ) {
				$tablesWhereSQL[]		=	"u.`id` = " . $name . ".`id`";
			}
		}
	
		// handles search criterias:
	
		$list_compare_types		=	$params->get( 'list_compare_types', 0 );
		$searchVals				=	new stdClass();
		$searchesFromFields		=	$tabs->applySearchableContents( $searchableFields, $searchVals, $searchFormValuesRAW, $list_compare_types );
		$whereFields			=	$searchesFromFields->reduceSqlFormula( $tableReferences, $joinsSQL, TRUE );
		if ( $whereFields ) {
			$tablesWhereSQL[]	=	'(' . $whereFields . ')';
	/*
			if ( $search === null ) {
				$search			=	'';
			}
	*/
		}
	
		$_PLUGINS->trigger( 'onBeforeUsersListBuildQuery', array( &$tablesSQL, &$joinsSQL, &$tablesWhereSQL ) );
	
		$queryFrom				=	"FROM " . implode( ', ', $tablesSQL )
								.	( count( $joinsSQL ) ? "\n " . implode( "\n ", $joinsSQL ) : '' )
								.	"\n WHERE " . implode( "\n AND ", $tablesWhereSQL );
	
		// handles old formatted names search:
	/*
		if ( $search != '' ) {
			$searchSQL			=	cbEscapeSQLsearch( strtolower( $_CB_database->getEscaped( $search ) ) );
			$queryFrom 			.=	" AND (";
	
			$searchFields		=	array();
			if ( $ueConfig['name_format']!='3' ) {
				$searchFields[]	=	"u.name LIKE '%%s%'";
			}
			if ( $ueConfig['name_format']!='1' ) {
				$searchFields[]	=	"u.username LIKE '%%s%'";
			}
			if ( is_array( $plugSearchFieldsArray ) ) {
				foreach ( $plugSearchFieldsArray as $v ) {
					if ( is_array( $v ) ) {
						$searchFields	=	array_merge( $searchFields, $v );
					}
				}
			}
			$queryFrom			.=	str_replace( '%s', $searchSQL, implode( " OR ", $searchFields ) );
			$queryFrom			.=	")";
		}
	*/
		$queryFrom				.=	" " . $filterby;
	
		$_PLUGINS->trigger( 'onBeforeUsersListQuery', array( &$queryFrom, 1, $listid ) );	// $uid = 1
	
		$errorMsg		=	null;
	
		// counts number of users and loads the listed fields of the users if not in search-form-only mode:
	
		if ( $searchmode == 0 ) {
			if ( checkJversion() == 2 ) {
				$_CB_database->setQuery( "SELECT COUNT(DISTINCT u.id) " . $queryFrom );
			} else {
			$_CB_database->setQuery( "SELECT COUNT(*) " . $queryFrom );
			}
			$total					=	$_CB_database->loadResult();
	
			if ( ( $limit > $total ) || ( $limitstart >= $total ) ) {
				$limitstart			=	0;
			}
	
			// $query					=	"SELECT u.id, ue.banned, '' AS 'NA' " . ( $fieldsSQL ? ", " . $fieldsSQL . " " : '' ) . $queryFrom . " " . $orderby
			if ( checkJversion() == 2 ) {
				$query				=	"SELECT DISTINCT ue.*, u.*, '' AS 'NA' " . ( $fieldsSQL ? ", " . $fieldsSQL . " " : '' ) . $queryFrom . " " . $orderby;
			} else {
				$query				=	"SELECT ue.*, u.*, '' AS 'NA' " . ( $fieldsSQL ? ", " . $fieldsSQL . " " : '' ) . $queryFrom . " " . $orderby;
			}
			$_CB_database->setQuery( $query, (int) $limitstart, (int) $limit );
			$users				=	$_CB_database->loadObjectList( null, 'moscomprofilerUser', array( &$_CB_database ) );
	
			if ( ! $_CB_database->getErrorNum() ) {
				// creates the CBUsers in cache corresponding to the $users:
				foreach ( array_keys( $users ) as $k) {
					CBuser::setUserGetCBUserInstance( $users[$k] );
				}
			} else {
				$users			=	array();
				$errorMsg		=	_UE_ERROR_IN_QUERY_TURN_SITE_DEBUG_ON_TO_VIEW;
			}
	
			if ( count( get_object_vars( $searchVals ) ) > 0 ) {
				$search			=	'';
			} else {
				$search			=	null;
			}
	
		} else {
			$total				=	null;
			$users				=	array();
			if ( $search === null ) {
				$search			=	'';
			}
		}
	
		// Compute itemId of users in users-list:
	
		if ( $Itemid ) {
			$option_itemid		=	(int) $Itemid;
		} else {
			$option_itemid		=	getCBprofileItemid( 0 );
		}
		HTML_comprofiler::usersList( $row, $users, $columns, $allFields, $lists, $listid, $search, $searchmode, $option_itemid, $limitstart, $limit, $total, $myUser, $searchableFields, $searchVals, $tabs, $list_compare_types, $showPaging, $hotlink_protection, $errorMsg, $random );
	}
Пример #19
0
        }
        ?>
">Редактировать</button>
            <?php 
    }
    ?>
            <?php 
    if (isAdmin() || isModerator()) {
        ?>
                    <button type = "submit" name = "delete" onclick = "deleteComment(<?php 
        echo $newsId . "," . $comment['id'];
        ?>
); return false;" class = "btn btn-danger">Удалить</button>
            <?php 
    }
    if (isAdmin() || isModerator() || getActiveUser() === $comment['user']) {
        ?>
</div>
            <?php 
    }
    ?>

        </div>
    <?php 
}
?>
    
    <?php 
if (getActiveUserID() != -1) {
    $commentText = "Отправить";
    if ($commentId != -1) {
<?php

session_start();
include_once 'student.php';
include_once 'enterprise.php';
include_once 'recovery.php';
$body = file_get_contents('php://input');
if (isset($body)) {
    $json = json_decode($body);
    if (isset($json) && isModerator($_SESSION['id']) && $_SESSION['type'] == "student") {
        if (unfeatureCasestudy($json->casestudyID)) {
            $message = array('success' => 'Case was successfully unfeatured');
        } else {
            $message = array('error' => 'Case was not successfully unfeatured. DatabaseError');
        }
    } else {
        $message = array('error' => 'Case was not successfully unfeatured. Userunauthorized');
    }
}
$JSONresponse = json_encode($message);
echo $JSONresponse;
/**
 * Checks if a given action is allowed for a given member and updates action information if the
 * action is performed.
 *
 * @param int     $iMemberId        - ID of a member that is going to perform an action
 * @param int     $actionID         - ID of the action itself
 * @param boolean $performAction    - if true, then action information is updated, i.e. action
 *                                  is 'performed'
 *
 * @return array(    CHECK_ACTION_RESULT => CHECK_ACTION_RESULT_ constant,
 *                    CHECK_ACTION_MESSAGE => CHECK_ACTION_MESSAGE_ constant,
 *                    CHECK_ACTION_PARAMETER => additional action parameter (string) )
 *
 *
 * NOTES:
 *
 * $result[CHECK_ACTION_MESSAGE] contains a message with detailed information about the result,
 * already processed by the language file
 *
 * if $result[CHECK_ACTION_RESULT] == CHECK_ACTION_RESULT_ALLOWED then this node contains
 * an empty string
 *
 * The error messages themselves are stored in the language file. Additional variables are
 * passed to the languages.inc.php function _t_ext() as an array and can be used there in the form of
 * {0}, {1}, {2} ...
 *
 * Additional variables passed to the lang. file on errors (can be used in error messages):
 *
 *    For all errors:
 *
 *        $arg0[CHECK_ACTION_LANG_FILE_ACTION]    = name of the action
 *        $arg0[CHECK_ACTION_LANG_FILE_MEMBERSHIP]= name of the current membership
 *
 *    CHECK_ACTION_RESULT_LIMIT_REACHED:
 *
 *        $arg0[CHECK_ACTION_LANG_FILE_LIMIT]        = limit on number of actions allowed for the member
 *        $arg0[CHECK_ACTION_LANG_FILE_PERIOD]    = period that the limit is set for (in hours, 0 if unlimited)
 *
 *    CHECK_ACTION_RESULT_NOT_ALLOWED_BEFORE:
 *
 *        $arg0[CHECK_ACTION_LANG_FILE_BEFORE]    = date/time since when the action is allowed
 *
 *    CHECK_ACTION_RESULT_NOT_ALLOWED_AFTER:
 *
 *        $arg0[CHECK_ACTION_LANG_FILE_AFTER]        = date/time since when the action is not allowed
 *
 * $result[CHECK_ACTION_PARAMETER] contains an additional parameter that can be considered
 * when performing the action (like the number of profiles to show in search result)
 */
function checkAction($iMemberId, $actionID, $performAction = false, $iForcedProfID = 0, $isCheckMemberStatus = true)
{
    global $logged;
    global $site;
    //output array initialization
    $result = array();
    $arrLangFileParams = array();
    $dateFormat = "F j, Y, g:i a";
    //used when displaying error messages
    //input validation
    $iMemberId = (int) $iMemberId;
    $actionID = (int) $actionID;
    $performAction = $performAction ? true : false;
    //get current member's membership information
    $arrMembership = getMemberMembershipInfo($iMemberId);
    $arrLangFileParams[CHECK_ACTION_LANG_FILE_MEMBERSHIP] = $arrMembership['Name'];
    $arrLangFileParams[CHECK_ACTION_LANG_FILE_SITE_EMAIL] = $site['email'];
    //profile active check
    if ($arrMembership['ID'] != MEMBERSHIP_ID_NON_MEMBER || $logged['admin'] || $logged['moderator']) {
        $iDestID = $iMemberId;
        if ((isAdmin() || isModerator()) && $iForcedProfID > 0) {
            $iDestID = $iForcedProfID;
            $performAction = false;
        }
        if ($isCheckMemberStatus) {
            $active = getProfileInfo($iDestID);
            if ($active['Status'] != 'Active') {
                $result[CHECK_ACTION_RESULT] = CHECK_ACTION_RESULT_NOT_ACTIVE;
                $result[CHECK_ACTION_MESSAGE] = _t_ext(CHECK_ACTION_MESSAGE_NOT_ACTIVE, $arrLangFileParams);
                return $result;
            }
        }
    }
    //get permissions for the current action
    $resMembershipAction = db_res("\n        SELECT\tName,\n                IDAction,\n                AllowedCount,\n                AllowedPeriodLen,\n                UNIX_TIMESTAMP(AllowedPeriodStart) as AllowedPeriodStart,\n                UNIX_TIMESTAMP(AllowedPeriodEnd) as AllowedPeriodEnd,\n                AdditionalParamValue\n        FROM\t`sys_acl_actions`\n                LEFT JOIN `sys_acl_matrix`\n                ON\t`sys_acl_matrix`.IDAction = `sys_acl_actions`.ID\n                    AND `sys_acl_matrix`.IDLevel = {$arrMembership['ID']}\n        WHERE\t`sys_acl_actions`.ID = {$actionID}");
    //no such action
    if ($resMembershipAction->rowCount() < 1) {
        echo "<br /><b>checkAction()</b> fatal error. Unknown action ID: {$actionID}<br />";
        exit;
    }
    $arrAction = $resMembershipAction->fetch();
    $result[CHECK_ACTION_PARAMETER] = $arrAction['AdditionalParamValue'];
    $arrLangFileParams[CHECK_ACTION_LANG_FILE_ACTION] = _t('_mma_' . str_replace(' ', '_', $arrAction['Name']));
    //action is not allowed for the current membership
    if (is_null($arrAction['IDAction'])) {
        $result[CHECK_ACTION_RESULT] = CHECK_ACTION_RESULT_NOT_ALLOWED;
        $result[CHECK_ACTION_MESSAGE] = _t_ext(CHECK_ACTION_MESSAGE_NOT_ALLOWED, $arrLangFileParams);
        return $result;
    }
    //Check fixed period limitations if present (also for non-members)
    if ($arrAction['AllowedPeriodStart'] && time() < $arrAction['AllowedPeriodStart']) {
        $arrLangFileParams[CHECK_ACTION_LANG_FILE_BEFORE] = date($dateFormat, $arrAction['AllowedPeriodStart']);
        $result[CHECK_ACTION_RESULT] = CHECK_ACTION_RESULT_NOT_ALLOWED_BEFORE;
        $result[CHECK_ACTION_MESSAGE] = _t_ext(CHECK_ACTION_MESSAGE_NOT_ALLOWED_BEFORE, $arrLangFileParams);
        return $result;
    }
    if ($arrAction['AllowedPeriodEnd'] && time() > $arrAction['AllowedPeriodEnd']) {
        $arrLangFileParams[CHECK_ACTION_LANG_FILE_AFTER] = date($dateFormat, $arrAction['AllowedPeriodEnd']);
        $result[CHECK_ACTION_RESULT] = CHECK_ACTION_RESULT_NOT_ALLOWED_AFTER;
        $result[CHECK_ACTION_MESSAGE] = _t_ext(CHECK_ACTION_MESSAGE_NOT_ALLOWED_AFTER, $arrLangFileParams);
        return $result;
    }
    //if non-member, allow action without performing further checks
    if ($arrMembership['ID'] == MEMBERSHIP_ID_NON_MEMBER) {
        $result[CHECK_ACTION_RESULT] = CHECK_ACTION_RESULT_ALLOWED;
        return $result;
    }
    //check other limitations (for members only)
    $allowedCnt = (int) $arrAction['AllowedCount'];
    //number of allowed actions
    //if not specified or 0, number of
    //actions is unlimited
    $periodLen = (int) $arrAction['AllowedPeriodLen'];
    //period for AllowedCount in hours
    //if not specified, AllowedCount is
    //treated as total number of actions
    //permitted
    //number of actions is limited
    if ($allowedCnt > 0) {
        //get current action info for the member
        $actionTrack = db_res("SELECT ActionsLeft,\n                                      UNIX_TIMESTAMP(ValidSince) as ValidSince\n                               FROM `sys_acl_actions_track`\n                               WHERE IDAction = {$actionID} AND IDMember = {$iMemberId}");
        $actionsLeft = $performAction ? $allowedCnt - 1 : $allowedCnt;
        $validSince = time();
        //member is requesting/performing this action for the first time,
        //and there is no corresponding record in sys_acl_actions_track table
        if ($actionTrack->rowCount() <= 0) {
            //add action to sys_acl_actions_track table
            db_res("\n                INSERT INTO `sys_acl_actions_track` (IDAction, IDMember, ActionsLeft, ValidSince)\n                VALUES ({$actionID}, {$iMemberId}, {$actionsLeft}, FROM_UNIXTIME({$validSince}))");
            $result[CHECK_ACTION_RESULT] = CHECK_ACTION_RESULT_ALLOWED;
            return $result;
        }
        //action has been requested/performed at least once at this point
        //and there is a corresponding record in sys_acl_actions_track table
        $actionTrack = $actionTrack->fetch();
        //action record in sys_acl_actions_track table is out of date
        $periodEnd = (int) $actionTrack['ValidSince'] + $periodLen * 3600;
        //ValidSince is in seconds, PeriodLen is in hours
        if ($periodLen > 0 && $periodEnd < time()) {
            db_res("\n                UPDATE\t`sys_acl_actions_track`\n                SET\t\tActionsLeft = {$actionsLeft}, ValidSince = FROM_UNIXTIME({$validSince})\n                WHERE\tIDAction = {$actionID} AND IDMember = {$iMemberId}");
            $result[CHECK_ACTION_RESULT] = CHECK_ACTION_RESULT_ALLOWED;
            return $result;
        }
        //action record is up to date
        $actionsLeft = (int) $actionTrack['ActionsLeft'];
        //action limit reached for now
        if ($actionsLeft <= 0) {
            $arrLangFileParams[CHECK_ACTION_LANG_FILE_LIMIT] = $allowedCnt;
            $arrLangFileParams[CHECK_ACTION_LANG_FILE_PERIOD] = $periodLen;
            $result[CHECK_ACTION_RESULT] = CHECK_ACTION_RESULT_LIMIT_REACHED;
            $result[CHECK_ACTION_MESSAGE] = '<div style="width: 80%">' . _t_ext(CHECK_ACTION_MESSAGE_LIMIT_REACHED, $arrLangFileParams) . ($periodLen > 0 ? _t_ext(CHECK_ACTION_MESSAGE_MESSAGE_EVERY_PERIOD, $arrLangFileParams) : '') . '.</div>';
            return $result;
        }
        if ($performAction) {
            $actionsLeft--;
            db_res("\n                UPDATE `sys_acl_actions_track`\n                SET ActionsLeft = {$actionsLeft}\n                WHERE IDAction = {$actionID} AND IDMember = {$iMemberId}");
        }
    }
    $result[CHECK_ACTION_RESULT] = CHECK_ACTION_RESULT_ALLOWED;
    return $result;
}
Пример #22
0
                            //found difference
                            break;
                        }
                    }
                } else {
                    $aDiff[$sName] = $mNew;
                }
            } else {
                if ($mNew != $mOld) {
                    $aDiff[$sName] = $mNew;
                }
            }
        }
        return $aDiff;
    }
}
$_page['name_index'] = 25;
$_page['css_name'] = 'pedit.css';
$_page['extra_js'] .= '<script type="text/javascript" language="JavaScript" src="' . $site['plugins'] . 'jquery/jquery.form.min.js"></script>';
$_page['extra_js'] .= '<script type="text/javascript" language="JavaScript" src="inc/js/pedit.js"></script>';
check_logged();
if (!(isAdmin() || isModerator() || isLogged() && getLoggedId() == bx_get('ID'))) {
    $GLOBALS['oSysTemplate']->displayAccessDenied();
    exit;
}
$_page['header'] = _t('_Edit Profile');
$_page['header_text'] = _t('_Edit Profile');
$_ni = $_page['name_index'];
$oEditProc = new BxDolPEditProcessor();
$_page_cont[$_ni]['page_main_code'] = $oEditProc->getCode();
PageCode();
Пример #23
0
 public function handle_parser_cache_use(Doku_Event &$event, $param)
 {
     global $ACT;
     $cache =& $event->data;
     if (empty($cache->page) || empty($cache->mode) || $cache->mode != 'xhtml' || !@file_exists(metaFN($cache->page, '.translate'))) {
         return;
     }
     # Ensure refresh on plugin update
     $cache->depends['files'][] = dirname(__FILE__) . '/plugin.info.txt';
     if (substr($ACT, 0, 7) == 'export_') {
         # Don't write XHTML page and XHTML export data into
         # the same cache file.
         # Props to Michitux for suggesting this
         $cache->cache .= '_export';
     } else {
         # Separate cache file for each moderator
         if (isModerator($cache->page)) {
             $cache->cache .= '.' . urlencode($_SERVER['REMOTE_USER']);
         }
         # Ensure refresh with every new review
         $cache->depends['files'][] = metaFN($cache->page, '.translate');
     }
 }
} else {
    $class_sfx = '';
    $pretext = '';
    $posttext = '';
}
$results = null;
$query = "SELECT banned FROM #__comprofiler WHERE id = " . $_CB_framework->myId();
$_CB_database->setQuery($query);
$banStatus = $_CB_database->loadResult();
if ($banStatus === null) {
    trigger_error($_CB_database->getErrorMsg(), E_USER_WARNING);
}
if ($banStatus > 0) {
    $results .= "<div><a href='" . $_CB_framework->userProfileUrl() . "' class='mod_login" . $class_sfx . "'>" . ($banStatus == 1 ? _UE_PLEAE_CHECK_PROFILE : _UE_BANSTATUS_UNBAN_REQUEST_PENDING) . "</a></div>";
}
if (isModerator($_CB_framework->myId())) {
    $query = "SELECT count(*) FROM #__comprofiler  WHERE avatarapproved=0 AND approved=1 AND confirmed=1 AND banned=0";
    $_CB_database->setQuery($query);
    $totalimages = $_CB_database->loadResult();
    if ($totalimages === null) {
        trigger_error($_CB_database->getErrorMsg(), E_USER_WARNING);
    }
    $query = "SELECT count(*) FROM #__comprofiler_userreports  WHERE reportedstatus=0";
    $_CB_database->setQuery($query);
    $totaluserreports = $_CB_database->loadResult();
    if ($totaluserreports === null) {
        trigger_error($_CB_database->getErrorMsg(), E_USER_WARNING);
    }
    $query = "SELECT count(*) FROM #__comprofiler WHERE banned=2 AND approved=1 AND confirmed=1";
    $_CB_database->setQuery($query);
    $totalunban = $_CB_database->loadResult();
Пример #25
0
 function BxBaseProfileGenerator($ID)
 {
     global $site;
     $this->aMutualFriends = array();
     BxDolProfile::BxDolProfile($ID, 0);
     $this->oVotingView = new BxTemplVotingView('profile', (int) $ID);
     $this->oCmtsView = new BxDolCmtsProfile('profile', (int) $ID);
     //$this->ID = $this->_iProfileID;
     $this->oTemplConfig = new BxTemplConfig($site);
     //$this->sColumnsOrder = getParam( 'profile_view_cols' );
     //INSERT INTO `sys_options` VALUES('profile_view_cols', 'thin,thick', 0, 'Profile view columns order', 'digit', '', '', NULL, '');
     if ($this->_iProfileID) {
         $this->getProfileData();
         if ($this->_aProfile) {
             if (isMember()) {
                 $iMemberId = getLoggedId();
                 if ($iMemberId == $this->_iProfileID) {
                     $this->owner = true;
                     if ($_REQUEST['editable']) {
                         $this->bPFEditable = true;
                         $iPFArea = 2;
                         // Edit Owner
                     } else {
                         $iPFArea = isAdmin() ? 5 : 6;
                     }
                     // View Owner
                 } else {
                     $iPFArea = isAdmin() ? 5 : 6;
                 }
             } elseif (isModerator()) {
                 $iPFArea = 7;
             } else {
                 $iPFArea = 8;
             }
             $this->oPF = new BxDolProfileFields($iPFArea);
             if (!$this->oPF->aBlocks) {
                 return false;
             }
             $this->aPFBlocks = $this->oPF->aBlocks;
             if ($this->bCouple) {
                 $this->aCoupleMutualItems = $this->oPF->getCoupleMutualFields();
             }
             $this->iFriendsPerPage = (int) getParam('friends_per_page');
             $this->FindMutualFriends($iMemberId, $_GET['page'], $_GET['per_page']);
         } else {
             return false;
         }
     } else {
         return false;
     }
 }
Пример #26
0
function pendingApprovalUsers($option) {
	global $_CB_framework, $_CB_database, $ueConfig;

	$isModerator	=	isModerator( $_CB_framework->myId() );
	if($ueConfig['allowModUserApproval']==0) {
			echo _UE_FUNCTIONALITY_DISABLED;
			exit();
	}
	if (!$isModerator){
		cbNotAuth();
		return;
	}

	$_CB_database->setQuery( "SELECT u.id, u.name, u.username, u.email, u.registerDate "
	."\n FROM #__users u, #__comprofiler c "
	."\n WHERE u.id=c.id AND c.approved=0 AND c.confirmed=1" );
	$rows = $_CB_database->loadObjectList();

	HTML_comprofiler::pendingApprovalUsers($option, $rows);
}
Пример #27
0
 function isAdmin($iId = 0)
 {
     if (isAdmin($iId)) {
         return true;
     } else {
         return isModerator($iId);
     }
 }
Пример #28
0
	/**
	* Generates the HTML to display the user profile tab
	* @param  moscomprofilerTab   $tab       the tab database entry
	* @param  moscomprofilerUser  $user      the user being displayed
	* @param  int                 $ui        1 for front-end, 2 for back-end
	* @return mixed                          either string HTML for tab content, or false if ErrorMSG generated
	*/
	function getDisplayTab($tab,$user,$ui) {
		global $_CB_framework, $_PLUGINS, $_CB_OneTwoRowsStyleToggle;

		$params=$this->params;

		if ( ! $this->menuList ) {		// in case status is called before onBeforeUserProfileDisplay
			$this->prepareStatus( $user, $ui, isModerator( $user->id ), isModerator( $_CB_framework->myId() ) );
		}

		// add plugins' status:
		$pm = $_PLUGINS->getMenus();
		for ($i=0, $pmc=count($pm); $i<$pmc; $i++) {
			if($pm[$i]['position'] == "menuList") {
				$this->menuList->addObjectItem( $pm[$i]['arrayPos'], $pm[$i]['caption'],
				isset($pm[$i]['url'])	?$pm[$i]['url']		:"",
				isset($pm[$i]['target'])?$pm[$i]['target']	:"",
				isset($pm[$i]['img'])	?$pm[$i]['img']		:null,
				isset($pm[$i]['alt'])	?$pm[$i]['alt']		:null,
				isset($pm[$i]['tooltip'])?$pm[$i]['tooltip']:null,
				isset($pm[$i]['keystroke'])?$pm[$i]['keystroke']:null );
			}
		}

		// display User Status window:
		// display Menu:
		switch ($params->get('statusFormat', 'menuList')) {
			case "no":
				$return = "";
				$return .= $this->_writeTabDescription( $tab, $user, 'cbUserStatusDescription' );
				break;
			case "menuBar":
				$idCounter = 1;
				$return = $this->menuList->displayMenu($idCounter);
				$return .= $this->_writeTabDescription( $tab, $user, 'cbUserStatusDescription' );
				break;
			case "menuUL":
				$return = "";
				$return .= $this->_writeTabDescription( $tab, $user, 'cbUserStatusDescription' );

				$idCounter						=	$_CB_OneTwoRowsStyleToggle;
				$tableContent					=	$this->menuList->displayMenu($idCounter);
				if ( $tableContent != '' ) {
					$_CB_OneTwoRowsStyleToggle	=	($idCounter&1 ? 2 : 1);
					$return						.=	'<div class="cbStatusList">' . $tableContent . '</div>';
				}
				break;
			case "menuList":
			case "menuDivs":
				default:
				$return = "";
				$return .= $this->_writeTabDescription( $tab, $user, 'cbUserStatusDescription' );

				$idCounter						=	$_CB_OneTwoRowsStyleToggle;
				$tableContent					=	$this->menuList->displayMenu($idCounter);
				if ( $tableContent != '' ) {
					$_CB_OneTwoRowsStyleToggle	=	($idCounter&1 ? 2 : 1);
					$return						.=	'<table class="cbStatusList">' . $tableContent . '</table>';
				}
				break;
		}
		return $return;
	}
Пример #29
0
 function isAdmin()
 {
     return isAdmin($this->_iVisitorID) || isModerator($this->_iVisitorID);
 }
$showConnectionRequests = (int) $params->get('show_connections', 1);
if ($params->get('pretext')) {
    $preText = $cbUser->replaceUserVars($params->get('pretext'));
} else {
    $preText = null;
}
if ($params->get('posttext')) {
    $postText = $cbUser->replaceUserVars($params->get('posttext'));
} else {
    $postText = null;
}
$bannedStatus = (int) $user->get('banned');
if ($showBanned && !$bannedStatus) {
    $showBanned = 0;
}
if (isModerator((int) $user->get('id'))) {
    if ($showImageApproval) {
        $query = 'SELECT ' . $_CB_database->NameQuote('name') . "\n FROM " . $_CB_database->NameQuote('#__comprofiler_fields') . "\n WHERE " . $_CB_database->NameQuote('type') . " = " . $_CB_database->Quote('image');
        $_CB_database->setQuery($query);
        $imageFields = $_CB_database->loadResultArray();
        $imgApprovSelect = array();
        $imgApprovWhere = array();
        if ($imageFields) {
            foreach ($imageFields as $imageField) {
                $imgApprovSelect[] = $_CB_database->NameQuote($imageField . 'approved');
                $imgApprovWhere[] = "( " . $_CB_database->NameQuote($imageField) . " != '' AND " . $_CB_database->NameQuote($imageField) . " IS NOT NULL AND " . $_CB_database->NameQuote($imageField . 'approved') . " = 0 )";
            }
        }
        $query = 'SELECT ' . implode(', ', $imgApprovSelect) . "\n FROM " . $_CB_database->NameQuote('#__comprofiler') . "\n WHERE ( " . implode(' OR ', $imgApprovWhere) . " )" . "\n AND " . $_CB_database->NameQuote('approved') . " = 1" . "\n AND " . $_CB_database->NameQuote('confirmed') . " = 1" . "\n AND " . $_CB_database->NameQuote('banned') . " = 0";
        $_CB_database->setQuery($query);
        $imageApprovalResults = $_CB_database->loadAssocList();