function _getList($mixedResult, $bActive = false) { $aForm = array('form_attrs' => array('id' => 'adm-email-templates', 'action' => $GLOBALS['site']['url_admin'] . 'email_templates.php', 'method' => 'post', 'enctype' => 'multipart/form-data'), 'params' => array('db' => array('table' => 'sys_email_templates', 'key' => 'ID', 'uri' => '', 'uri_title' => '', 'submit_name' => 'adm-emial-templates-save')), 'inputs' => array()); $aLanguages = $GLOBALS['MySQL']->getAll("SELECT `ID` AS `id`, `Title` AS `title` FROM `sys_localization_languages`"); $aLanguageChooser = array(array('key' => 0, 'value' => 'default')); foreach ($aLanguages as $aLanguage) { $aLanguageChooser[] = array('key' => $aLanguage['id'], 'value' => $aLanguage['title']); } $sLanguageCpt = _t('_adm_txt_email_language'); $sSubjectCpt = _t('_adm_txt_email_subject'); $sBodyCpt = _t('_adm_txt_email_body'); $aEmails = $GLOBALS['MySQL']->getAll("SELECT `ID` AS `id`, `Name` AS `name`, `Subject` AS `subject`, `Body` AS `body`, `Desc` AS `description` FROM `sys_email_templates` WHERE `LangID`='0' ORDER BY `ID`"); foreach ($aEmails as $aEmail) { $aForm['inputs'] = array_merge($aForm['inputs'], array($aEmail['name'] . '_Beg' => array('type' => 'block_header', 'caption' => $aEmail['description'], 'collapsable' => true, 'collapsed' => true), $aEmail['name'] . '_Language' => array('type' => 'select', 'name' => $aEmail['name'] . '_Language', 'caption' => $sLanguageCpt, 'value' => 0, 'values' => $aLanguageChooser, 'db' => array('pass' => 'Int'), 'attrs' => array('onchange' => "javascript:getTranslations(this)")), $aEmail['name'] . '_Subject' => array('type' => 'text', 'name' => $aEmail['name'] . '_Subject', 'caption' => $sSubjectCpt, 'value' => $aEmail['subject'], 'db' => array('pass' => 'Xss')), $aEmail['name'] . '_Body' => array('type' => 'textarea', 'name' => $aEmail['name'] . '_Body', 'caption' => $sBodyCpt, 'value' => $aEmail['body'], 'db' => array('pass' => 'XssHtml')), $aEmail['name'] . '_End' => array('type' => 'block_end'))); } $aForm['inputs']['adm-emial-templates-save'] = array('type' => 'submit', 'name' => 'adm-emial-templates-save', 'value' => _t('_adm_btn_email_save')); $oForm = new BxTemplFormView($aForm); $oForm->initChecker(); $sResult = ""; if ($oForm->isSubmittedAndValid()) { $iResult = 0; foreach ($aEmails as $aEmail) { $iEmailId = (int) $GLOBALS['MySQL']->getOne("SELECT `ID` FROM `sys_email_templates` WHERE `Name`='" . process_db_input($aEmail['name']) . "' AND `LangID`='" . (int) $_POST[$aEmail['name'] . '_Language'] . "' LIMIT 1"); if ($iEmailId != 0) { $iResult += (int) $GLOBALS['MySQL']->query("UPDATE `sys_email_templates` SET `Subject`='" . process_db_input($_POST[$aEmail['name'] . '_Subject']) . "', `Body`='" . process_db_input($_POST[$aEmail['name'] . '_Body']) . "' WHERE `ID`='" . $iEmailId . "'"); } else { $iResult += (int) $GLOBALS['MySQL']->query("INSERT INTO `sys_email_templates` SET `Name`='" . process_db_input($aEmail['name']) . "', `Subject`='" . process_db_input($_POST[$aEmail['name'] . '_Subject']) . "', `Body`='" . process_db_input($_POST[$aEmail['name'] . '_Body']) . "', `LangID`='" . (int) $_POST[$aEmail['name'] . '_Language'] . "'"); } } $bActive = true; $sResult .= MsgBox(_t($iResult > 0 ? "_adm_txt_email_success_save" : "_adm_txt_email_nothing_changed"), 3); } $sResult .= $oForm->getCode(); return $GLOBALS['oAdmTemplate']->parseHtmlByName('email_templates_list.html', array('display' => $bActive ? 'block' : 'none', 'content' => stripslashes($sResult), 'loading' => LoadingBox('adm-email-loading'))); }
function _checkProfileMatch($iProfileId, $sAction) { $aProfile = getProfileInfo($iProfileId); if ($aProfile['Status'] == 'Active' && ($aProfile['UpdateMatch'] || $sAction == 'join')) { $oDb = new BxDolDb(); // clear field "UpdateMatch" $oDb->query("UPDATE `Profiles` SET `UpdateMatch` = 0 WHERE `ID`= {$iProfileId}"); // clear cache $oDb->query("DELETE FROM `sys_profiles_match`"); // get send mails $aSendMails = $oDb->getRow("SELECT `profiles_match` FROM `sys_profiles_match_mails` WHERE `profile_id` = {$iProfileId}"); $aSend = !empty($aSendMails) ? unserialize($aSendMails['profiles_match']) : array(); $aProfiles = getMatchProfiles($iProfileId); foreach ($aProfiles as $iProfId) { if (!isset($aSend[(int) $iProfId])) { $oEmailTemplate = new BxDolEmailTemplates(); $aMessage = $oEmailTemplate->parseTemplate('t_CupidMail', array('StrID' => $iProfId, 'MatchProfileLink' => getProfileLink($iProfileId)), $iProfId); $aProfile = getProfileInfo($iProfId); if (!empty($aProfile) && $aProfile['Status'] == 'Active') { $oDb->query("INSERT INTO `sys_sbs_queue`(`email`, `subject`, `body`) VALUES('" . $aProfile['Email'] . "', '" . process_db_input($aMessage['subject'], BX_TAGS_NO_ACTION, BX_SLASHES_NO_ACTION) . "', '" . process_db_input($aMessage['body'], BX_TAGS_NO_ACTION, BX_SLASHES_NO_ACTION) . "')"); } $aSend[(int) $iProfId] = 0; } } if (empty($aSendMails)) { $oDb->query("INSERT INTO `sys_profiles_match_mails`(`profile_id`, `profiles_match`) VALUES({$iProfileId}, '" . serialize($aSend) . "')"); } else { $oDb->query("UPDATE `sys_profiles_match_mails` SET `profiles_match` = '" . serialize($aSend) . "' WHERE `profile_id` = {$iProfileId}"); } } }
/** * Class constructor ; * * @param : $aFilteredSettings (array) ; * : sex (string) - set filter by sex, * : age (string) - set filter by age, * : country (string) - set filter by country, * : photos_only (string) - set filter 'with photo only', * : online_only (string) - set filter 'online only', * @param : $aDisplaySettings (array) ; * : page (integer) - current page, * : per_page (integer) - number ellements for per page, * : sort (string) - sort parameters for SQL instructions, * : mode (mode) - switch mode to extended and simple, * @param : $sPageName (string) - page name (need for page builder); */ function BxBaseBrowse(&$aFilteredSettings, &$aDisplaySettings, $sPageName) { if (isset($aFilteredSettings['sex']) and $aFilteredSettings['sex'] == 'all') { $aFilteredSettings['sex'] = null; } if (isset($aFilteredSettings['age']) and $aFilteredSettings['age'] == 'all') { $aFilteredSettings['age'] = null; } if (isset($aFilteredSettings['country']) and $aFilteredSettings['country'] == 'all') { $aFilteredSettings['country'] = null; } $this->aParameters = array('sex' => process_db_input($aFilteredSettings['sex'], BX_TAGS_STRIP), 'age' => process_db_input($aFilteredSettings['age'], BX_TAGS_STRIP), 'country' => process_db_input($aFilteredSettings['country'], BX_TAGS_STRIP)); $this->aAdditionalParameters = array('photos_only' => process_db_input($aFilteredSettings['photos_only'], BX_TAGS_STRIP), 'online_only' => process_db_input($aFilteredSettings['online_only'], BX_TAGS_STRIP)); $this->aDisplaySettings =& $aDisplaySettings; // fill sKeyName with parameters for search into cache file ; $this->sKeyName .= $this->aParameters['sex'] ? $this->aParameters['sex'] . '|' : ''; $this->sKeyName .= $this->aParameters['age'] ? $this->aParameters['age'] . '|' : ''; $this->sKeyName .= $this->aParameters['country'] ? $this->aParameters['country'] . '|' : ''; $this->sKeyName .= $this->aAdditionalParameters['photos_only'] ? 'photo|' : ''; $this->sKeyName .= $this->aAdditionalParameters['online_only'] ? 'online|' : ''; $this->sKeyName = preg_replace("|\\|\$|", '', $this->sKeyName); parent::BxDolBrowse(); // fill global array with the needed parameters ; $this->_getGlobalStatistics($this->aParameters['sex'], $this->aParameters['age'], $this->aParameters['country'], $aFilteredSettings['photos_only'], $aFilteredSettings['online_only']); $this->oSearchProfileTmpl = new BxTemplSearchProfile(); // return all page's blocks from DB ; $this->BxDolPageView($sPageName); }
function getSearchResultsKeyword($sUser, $sPwd, $sLang, $sKeyword, $isOnlineOnly, $isWithPhotosOnly, $iStart, $iPP) { if (!($iId = BxDolXMLRPCUtil::checkLogin($sUser, $sPwd))) { return new xmlrpcresp(new xmlrpcval(array('error' => new xmlrpcval(1, "int")), "struct")); } BxDolXMLRPCUtil::setLanguage($sLang); $sKeyword = process_db_input($sKeyword, BX_TAGS_NO_ACTION, BX_SLASHES_NO_ACTION); $sMatch = ''; if ($sKeyword && strlen($sKeyword) > 2) { $sMatch .= " MATCH (`NickName`, `City`, `Headline`, `DescriptionMe`, `Tags`) AGAINST ('{$sKeyword}') "; $sWhere .= " AND {$sMatch} "; } if ($isWithPhotosOnly) { $sWhere .= " AND `Avatar` "; } if ($isOnlineOnly) { $iOnlineTime = getParam('member_online_time'); $sWhere .= " AND `DateLastNav` >= DATE_SUB(NOW(), INTERVAL {$iOnlineTime} MINUTE)"; } $iStart = (int) $iStart; if (!$iStart || $iStart < 0) { $iStart = 0; } $iPP = (int) $iPP; if (!$iPP || $iPP < 1) { $iPP = 1; } $r = db_res("\r\n SELECT * " . ($sMatch ? ", {$sMatch}" : '') . " FROM `Profiles`\r\n WHERE 1 {$sWhere}\r\n ORDER BY `DateLastNav` DESC\r\n LIMIT {$iStart}, {$iPP}"); while ($aRow = mysql_fetch_array($r)) { $aProfiles[] = new xmlrpcval(BxDolXMLRPCUtil::fillProfileArray($aRow, 'thumb'), 'struct'); } return new xmlrpcval($aProfiles, "array"); }
public function onPositiveDetection($sIP, $sExtraData = '', $sType = 'dnsbl') { $iIP = sprintf("%u", ip2long($sIP)); $iMemberId = getLoggedId(); $sExtraData = process_db_input($sExtraData); return $GLOBALS['MySQL']->query("INSERT INTO `sys_antispam_block_log` SET `ip` = '{$iIP}', `member_id` = '{$iMemberId}', `type` = '{$sType}', `extra` = '{$sExtraData}', `added` = " . time()); }
function finalizeCheckout(&$aData) { $this->_logInfo(__METHOD__, $aData); $iPending = (int) $aData['pendingid']; $aPending = $this->_oDb->getPending(array('type' => 'id', 'id' => $iPending)); if (!empty($aPending['order']) || !empty($aPending['error_code']) || !empty($aPending['error_msg']) || (int) $aPending['processed'] != 0) { return array('code' => 0, 'message' => _t($this->_sLangsPrefix . 'err_already_processed')); } $sToken = process_db_input($aData['token'], BX_TAGS_STRIP); $sPayerId = process_db_input($aData['payerid'], BX_TAGS_STRIP); $sPayerName = process_db_input($aData['payername'], BX_TAGS_STRIP); $sPayerEmail = process_db_input($aData['payeremail'], BX_TAGS_STRIP); $sAmt = process_db_input($aData['amt'], BX_TAGS_STRIP); $this->_doExpressCheckout($sToken, $sPayerId, $sAmt); $aResponse = $this->_executeCall(); if ($aResponse === false) { return array('code' => 0, 'message' => _t($this->_sLangsPrefix . 'err_unknown')); } $this->_logInfo(__METHOD__, $aResponse); $iResponseCode = (int) $aResponse['RESULT']; $sResponseMessage = process_db_input($aResponse['RESPMSG'], BX_TAGS_STRIP); $aResult = array('code' => $iResponseCode == 0 ? 1 : 0, 'message' => $iResponseCode == 0 ? _t($this->_sLangsPrefix . 'msg_accepted') : $sResponseMessage, 'pending_id' => $iPending, 'payer_name' => $sPayerName, 'payer_email' => $sPayerEmail); //--- Update pending transaction ---// $this->_oDb->updatePending($iPending, array('order' => process_db_input($aResponse['PPREF'], BX_TAGS_STRIP), 'order_ref' => process_db_input($aResponse['PNREF'], BX_TAGS_STRIP), 'error_code' => $aResult['code'], 'error_msg' => $sResponseMessage)); return $aResult; }
function uploadImage($sUser, $sPwd, $sAlbum, $binImageData, $iDataLength, $sTitle, $sTags, $sDesc) { if (!($iId = BxDolXMLRPCUtil::checkLogin($sUser, $sPwd))) { return new xmlrpcresp(new xmlrpcval(array('error' => new xmlrpcval(1, "int")), "struct")); } if (!BxDolXMLRPCMedia::_isMembershipEnabledFor($iIdProfileViewer, 'BX_PHOTOS_ADD', true)) { return new xmlrpcval("fail access"); } // write tmp file $sTmpFilename = BX_DIRECTORY_PATH_ROOT . "tmp/" . time() . '_' . $iId; $f = fopen($sTmpFilename, "wb"); if (!$f) { return new xmlrpcval("fail fopen"); } if (!fwrite($f, $binImageData, (int) $iDataLength)) { fclose($f); return new xmlrpcval("fail write"); } fclose($f); // upload $aFileInfo = array(); $aFileInfo['medTitle'] = process_db_input($sTitle, BX_TAGS_STRIP, BX_SLASHES_NO_ACTION); $aFileInfo['medDesc'] = process_db_input($sDesc, BX_TAGS_VALIDATE, BX_SLASHES_NO_ACTION); $aFileInfo['medTags'] = process_db_input($sTags, BX_TAGS_STRIP, BX_SLASHES_NO_ACTION); $aFileInfo['Categories'] = array(process_db_input($sAlbum, BX_TAGS_STRIP, BX_SLASHES_NO_ACTION)); $aFileInfo['album'] = process_db_input($sAlbum, BX_TAGS_STRIP, BX_SLASHES_NO_ACTION); $isUpdateThumb = (int) db_value("SELECT `Avatar` FROM `Profiles` WHERE `ID` = '{$iId}' LIMIT 1") ? false : true; if (BxDolService::call('photos', 'perform_photo_upload', array($sTmpFilename, $aFileInfo, $isUpdateThumb), 'Uploader')) { return new xmlrpcval("ok"); } else { return new xmlrpcval("fail upload"); } }
function PageCompSearchResults() { global $dir; global $tmpl; $keyword = process_db_input($_REQUEST['keyword']); $sMembersQuery = "\n\t\tSELECT *\n\t\tFROM `Profiles`\n\t\tWHERE\n\t\t" . (is_numeric($keyword) ? "`ID` = '{$keyword}'" : "`NickName` LIKE '%{$keyword}%'") . ""; $rMembers = db_res($sMembersQuery); if (!mysql_num_rows($rMembers)) { return '<div class="qsearch_notfound">' . _t('_Sorry, no members found') . '</div>'; } $sRowTmpl = file_get_contents("{$dir['root']}templates/tmpl_{$tmpl}/qsearch_row.html"); $ret = ''; while ($aMember = mysql_fetch_assoc($rMembers)) { $aRowTmpl = array(); $aRowTmpl['thumbnail'] = get_member_thumbnail($aMember['ID'], 'none'); $aRowTmpl['NickName'] = "<a href=\"" . getProfileLink($aMember['ID']) . "\" target=\"_blank\">" . htmlspecialchars_adv($aMember['NickName']) . "</a>"; $aRowTmpl['actions'] = "<a href=\"javascript:void(0);\" onclick=\"hMemberAction({$aMember['ID']}, '{$aMember['NickName']}')\">" . _t('_Add member') . "</a>"; $sRow = $sRowTmpl; foreach ($aRowTmpl as $what => $to) { $sRow = str_replace("__{$what}__", $to, $sRow); } $ret .= $sRow; } return $ret; }
/** * Function will create new message * * @param : $sMessage (string) - message; * @param : $iOwnerId (integer) - message's owner Id; * @param $iIP integer * @return : void; */ function writeMessage($sMessage, $iOwnerId = 0, $iIP = 0) { $sMessage = process_db_input($sMessage, 0, BX_SLASHES_AUTO); $iOwnerId = (int) $iOwnerId; $iIP = (int) $iIP; $sQuery = "\n INSERT INTO \n `{$this->sTablePrefix}messages`\n SET\n `OwnerID` = {$iOwnerId},\n `Message` = '{$sMessage}',\n `Date` = TIMESTAMP( NOW() ),\n `IP`\t = {$iIP}\n "; $this->query($sQuery); }
function BxDolPrivacySearch($iOwnerId, $sValue) { parent::BxTemplSearchResultText(); global $oSysTemplate; $this->aCurrent['restriction']['owner']['value'] = $iOwnerId; $this->aCurrent['restriction']['keyword']['value'] = process_db_input($sValue, BX_TAGS_STRIP); $this->_sSearchUnitTmpl = $oSysTemplate->getHtml('ps_search_unit.html'); }
function collectFilteredSettings() { //$this->aFilterSortSettings $sSort = isset($_GET['sort']) ? process_db_input($_GET['sort'], BX_TAGS_STRIP) : null; // $sPhotos = (isset($_GET['photos_only'])) ? $_GET['photos_only'] : null; // $sOnline = (isset($_GET['online_only'])) ? $_GET['online_only'] : null; // $sInfoMode = (isset($_GET['search_result_mode']) && $_GET['search_result_mode'] == 'ext') ? 'ext' : 'sim'; $this->aFilterSortSettings = array('sort' => $sSort); }
function getMemberAdsCnt($iMemberID, $sStatus = '', $bTimeCheck = FALSE) { $sStatus = $sStatus ? " AND`Status`='" . process_db_input($sStatus, BX_TAGS_STRIP) . "'" : ""; if ($bTimeCheck) { $this->_oConfig->bAdminMode = FALSE; } $sTimeRestriction = $this->_oConfig->bAdminMode == true ? '' : "AND UNIX_TIMESTAMP() - `{$this->_oConfig->sSQLPostsTable}`.`LifeTime`*24*60*60 < `{$this->_oConfig->sSQLPostsTable}`.`DateTime`"; $sMemberAdsSQL = "\n SELECT COUNT(*) FROM `{$this->_oConfig->sSQLPostsTable}` WHERE `IDProfile` = '{$iMemberID}'\n {$sStatus}\n {$sTimeRestriction}\n "; return (int) db_value($sMemberAdsSQL); }
function getBlockCode_Owner() { bx_sites_import('SearchResult'); $oSearchResult = new BxSitesSearchResult('user', process_db_input($this->_aProfile['NickName'], BX_TAGS_NO_ACTION, BX_SLASHES_NO_ACTION)); if ($s = $oSearchResult->displayResultBlock(true)) { return $s; } else { return MsgBox(_t('_Empty')); } }
/** * Common public methods. * Is used to display events on the Wall. */ function getSystem($aEvent, $sDisplayType = BX_WALL_VIEW_TIMELINE) { $sResult = ""; $sHandler = $aEvent['type'] . '_' . $aEvent['action']; if (!$this->_oConfig->isHandler($sHandler)) { return ''; } $aHandler = $this->_oConfig->getHandlers($sHandler); if (empty($aHandler['module_uri']) && empty($aHandler['module_class']) && empty($aHandler['module_method'])) { $sMethod = 'display' . str_replace(' ', '', ucwords(str_replace('_', ' ', $aHandler['alert_unit'] . '_' . $aHandler['alert_action']))); if (!method_exists($this, $sMethod)) { return ''; } $aResult = $this->{$sMethod}($aEvent, $sDisplayType); } else { $aEvent['js_mode'] = $this->_oConfig->getJsMode(); $sMethod = $aHandler['module_method'] . ($sDisplayType == BX_WALL_VIEW_OUTLINE ? '_' . BX_WALL_VIEW_OUTLINE : ''); $aResult = BxDolService::call($aHandler['module_uri'], $sMethod, array($aEvent), $aHandler['module_class']); if (isset($aResult['save'])) { $this->_oDb->updateEvent($aResult['save'], $aEvent['id']); } } $bResult = !empty($aResult); if ($bResult && isset($aResult['perform_delete']) && $aResult['perform_delete'] == true) { $this->_oDb->deleteEvent(array('id' => $aEvent['id'])); return ''; } else { if (!$bResult || $bResult && empty($aResult['content'])) { return ''; } } $sComments = ""; if ($sDisplayType == BX_WALL_VIEW_TIMELINE) { if (empty($aEvent['title']) && !empty($aResult['title']) || empty($aEvent['description']) && !empty($aResult['description'])) { $this->_oDb->updateEvent(array('title' => process_db_input($aResult['title'], BX_TAGS_STRIP), 'description' => process_db_input($aResult['description'], BX_TAGS_STRIP)), $aEvent['id']); } if (!in_array($aEvent['type'], array('profile', 'friend')) && $aEvent['action'] != 'commentPost') { $sType = $aEvent['type']; $iObjectId = $aEvent['object_id']; if (strpos($iObjectId, ',') !== false) { $sType = isset($aResult['grouped']['group_cmts_name']) ? $aResult['grouped']['group_cmts_name'] : ''; $iObjectId = isset($aResult['grouped']['group_id']) ? (int) $aResult['grouped']['group_id'] : 0; } $oComments = new BxWallCmts($sType, $iObjectId); if ($oComments->isEnabled()) { $sComments = $oComments->getCommentsFirstSystem('comment', $aEvent['id']); } else { $sComments = $this->getDefaultComments($aEvent['id']); } } else { $sComments = $this->getDefaultComments($aEvent['id']); } } return $this->parseHtmlByContent($aResult['content'], array('post_id' => $aEvent['id'], 'post_owner_icon' => get_member_icon($aEvent['owner_id'], 'none'), 'comments_content' => $sComments)); }
/** * Overwtire the method of parent class. * * @param BxDolAlerts $oAlert an instance of alert. */ function response($oAlert) { $bFromWall = !empty($oAlert->aExtras) && (int) $oAlert->aExtras['from_wall'] == 1; if (is_array($oAlert->aExtras) && isset($oAlert->aExtras['privacy_view']) && $oAlert->aExtras['privacy_view'] == BX_DOL_PG_HIDDEN) { return; } if ($bFromWall) { $this->_oModule->_iOwnerId = (int) $oAlert->aExtras['owner_id']; $sMedia = $this->_oModule->_oConfig->getCommonType($oAlert->sUnit); $aMedia = $this->_oModule->_oTemplate->_getCommonMedia($sMedia, $oAlert->iObject); $iOwnerId = $this->_oModule->_iOwnerId; $iObjectId = $this->_oModule->_getAuthorId(); $sType = $this->_oModule->_oConfig->getCommonPostPrefix() . $sMedia; $sAction = ''; $sContent = serialize(array('type' => $sMedia, 'id' => $oAlert->iObject)); $sTitle = $aMedia['title']; $sDescription = $aMedia['description']; } else { if ($this->_oModule->_oConfig->isSystemComment($oAlert->sUnit, $oAlert->sAction)) { $sType = $oAlert->aExtras['object_system']; $sAction = $oAlert->sUnit . '_' . $oAlert->sAction; if (!$this->_oModule->_oConfig->isHandler($sType . '_' . $sAction)) { return; } $iOwnerId = $oAlert->iSender; $iObjectId = $oAlert->iObject; $sContent = serialize(array('object_id' => $oAlert->aExtras['object_id'])); $sTitle = $sDescription = ''; } else { $iOwnerId = $oAlert->iSender; $iObjectId = $oAlert->iObject; $sType = $oAlert->sUnit; $sAction = $oAlert->sAction; $sContent = is_array($oAlert->aExtras) && !empty($oAlert->aExtras) ? serialize($oAlert->aExtras) : ''; $sTitle = $sDescription = ''; } } if ($oAlert->sUnit == 'profile' && $oAlert->sAction == 'delete') { $this->_oModule->_oDb->deleteEvent(array('owner_id' => $oAlert->iObject)); $this->_oModule->_oDb->deleteEventCommon(array('object_id' => $oAlert->iObject)); //delete all subscriptions $oSubscription = BxDolSubscription::getInstance(); $oSubscription->unsubscribe(array('type' => 'object_id', 'unit' => 'bx_wall', 'object_id' => $oAlert->iObject)); return; } if ($oAlert->sUnit == 'profile' && $oAlert->sAction == 'edit' && $iOwnerId != $iObjectId) { return; } $iId = $this->_oModule->_oDb->insertEvent(array('owner_id' => $iOwnerId, 'object_id' => $iObjectId, 'type' => $sType, 'action' => $sAction, 'content' => process_db_input($sContent, BX_TAGS_NO_ACTION, BX_SLASHES_NO_ACTION), 'title' => process_db_input($sTitle, BX_TAGS_NO_ACTION, BX_SLASHES_NO_ACTION), 'description' => process_db_input($sDescription, BX_TAGS_NO_ACTION, BX_SLASHES_NO_ACTION))); if ($bFromWall) { echo "<script>parent." . $this->_oModule->_oConfig->getJsObject('post') . "._getPost(null, " . $iId . ")</script>"; } else { $this->_oModule->_oDb->updateSimilarObject($iId, $oAlert); } }
function MemberEditNews() { global $max_l; global $max_h; $news_id = (int) $_POST['edit_id']; $news_text = strlen($_POST['text']) > $max_l ? "LEFT ( '" . process_db_input($_POST['text']) . "', {$max_l} )" : "'" . process_db_input($_POST['text']) . "'"; $news_header = strlen($_POST['header']) > $max_h ? "LEFT ( '" . process_db_input($_POST['header']) . "', {$max_h} )" : "'" . process_db_input($_POST['header']) . "'"; $news_snippet = "'" . process_db_input($_POST['snippet']) . "'"; $res = db_res("UPDATE `News` SET `Date` = NOW(), `Header` = {$news_header}, `Text` = {$news_text}, `Snippet`={$news_snippet} WHERE `ID` = {$news_id}"); return $res; }
/** * Function will return array of needed template ; * * @param string $sTemplateName - name of necessary template. * @param integer $iMemberId - ID of registered member. * @return array with template subject and its body. */ function getTemplate($sTemplateName, $iMemberId = 0) { if ($iMemberId != 0) { $aProfile = getProfileInfo($iMemberId); $iUseLang = $aProfile['LangID'] ? $aProfile['LangID'] : $this->iDefaultLangId; } else { $iUseLang = $this->iDefaultLangId; } $sSql = "SELECT `Subject`, `Body` FROM `sys_email_templates` WHERE `Name`='" . process_db_input($sTemplateName) . "' AND (`LangID` = '" . (int) $iUseLang . "' OR `LangID` = '0') ORDER BY `LangID` DESC LIMIT 1"; return $GLOBALS['MySQL']->getRow($sSql); }
/** * Update existing or create new template ; * * @param $sTemplateName (string) - name of template ; * @param $sTemplateSubj (string) - subject of template ; * @param $sTemplateBody (string) - text of template ; * @param $iLangID (integer) - needed language's ID; * @return HTML presentation data ; */ function setTemplate($sTemplateName, $sTemplateSubj, $sTemplateBody, $iLangID) { if (!db_value("SELECT `ID` FROM `sys_email_templates` WHERE `Name` = '" . process_db_input($sTemplateName) . "' AND `LangID` = '{$iLangID}'")) { $sQuery = "\n INSERT INTO\n `sys_email_templates` (`Name`, `Subject`, `Body`, `LangID`)\n VALUES\n (\n '" . process_db_input($sTemplateName) . "',\n '" . process_db_input($sTemplateSubj) . "',\n '" . process_db_input($sTemplateBody) . "',\n '" . (int) $iLangID . "'\n )\n "; $sMessage = 'Template was created'; } else { $sQuery = "\n UPDATE\n `sys_email_templates`\n SET\n `Subject` = '" . process_db_input($sTemplateSubj) . "',\n `Body` = '" . process_db_input($sTemplateBody) . "'\n WHERE\n `Name` = '" . process_db_input($sTemplateName) . "'\n AND\n `LangID` = '" . (int) $iLangID . "'\n LIMIT 1\n "; $sMessage = 'Template was updated'; } db_res($sQuery); return $this->genTemplatesForm($sTemplateName, $iLangID, $sMessage); }
function PageCompAds($oAds) { $sRetHtml = ''; $sRetHtml .= $oAds->PrintCommandForms(); if ($_REQUEST) { if (false !== bx_get('tag')) { $sTag = uri2title(process_db_input(bx_get('tag'), BX_TAGS_STRIP)); $sRetHtml .= $oAds->PrintAdvertisementsByTag($sTag); } } return $sRetHtml; }
/** * Function will create new message * * @param : $sObject (string) - object; * @param : $iHandler (string) - handler; * @param : $sMessage (string) - message; * @param : $iOwnerId (integer) - message's owner Id; * @param : $iIP integer * @return : void; */ function writeMessage($sObject, $iHandler, $sMessage, $iOwnerId = 0, $iIP = 0) { if (!isset($this->_aObjects[$sObject])) { return false; } $sMessage = process_db_input($sMessage, 0, BX_SLASHES_AUTO); $iOwnerId = (int) $iOwnerId; if (!preg_match('/^[0-9]+$/', $iIP)) { $iIP = 0; } $sQuery = "\n INSERT INTO\n `{$this->_aObjects[$sObject]['table']}`\n SET\n `HandlerID` = {$iHandler},\n `OwnerID` = {$iOwnerId},\n `Message` = '{$sMessage}',\n `Date` = TIMESTAMP( NOW() ),\n `IP` = {$iIP}\n "; $this->query($sQuery); }
/** * Common public methods. * Is used to display events on the Wall. */ function getSystem($aEvent, $sDisplayType = BX_WALL_VIEW_TIMELINE) { $sHandler = $aEvent['type'] . '_' . $aEvent['action']; if (!$this->_oConfig->isHandler($sHandler)) { return ''; } $aResult = $this->_getSystemData($aEvent, $sDisplayType); $bResult = !empty($aResult); if ($bResult && isset($aResult['perform_delete']) && $aResult['perform_delete'] == true) { $this->_oDb->deleteEvent(array('id' => $aEvent['id'])); return ''; } else { if (!$bResult || $bResult && empty($aResult['content'])) { return ''; } } $sResult = ""; switch ($sDisplayType) { case BX_WALL_VIEW_TIMELINE: if (empty($aEvent['title']) && !empty($aResult['title']) || empty($aEvent['description']) && !empty($aResult['description'])) { $this->_oDb->updateEvent(array('title' => process_db_input($aResult['title'], BX_TAGS_STRIP), 'description' => process_db_input($aResult['description'], BX_TAGS_STRIP)), $aEvent['id']); } if (!in_array($aEvent['type'], array('profile', 'friend'))) { $sType = $aEvent['type']; $iObjectId = $aEvent['object_id']; if ($aEvent['action'] == 'comment_add') { $aContent = unserialize($aEvent['content']); $iObjectId = (int) $aContent['object_id']; } if ($this->_oConfig->isGrouped($aEvent['type'], $aEvent['action'], $iObjectId)) { $sType = isset($aResult['grouped']['group_cmts_name']) ? $aResult['grouped']['group_cmts_name'] : ''; $iObjectId = isset($aResult['grouped']['group_id']) ? (int) $aResult['grouped']['group_id'] : 0; } $oComments = new BxWallCmts($sType, $iObjectId); if ($oComments->isEnabled()) { $sComments = $oComments->getCommentsFirstSystem('comment', $aEvent['id']); } else { $sComments = $this->getDefaultComments($aEvent['id']); } } else { $sComments = $this->getDefaultComments($aEvent['id']); } $sResult = $this->parseHtmlByTemplateName('balloon', array('post_type' => $aEvent['type'], 'post_id' => $aEvent['id'], 'post_owner_icon' => get_member_thumbnail($aEvent['owner_id'], 'none'), 'post_content' => $aResult['content'], 'comments_content' => $sComments)); break; case BX_WALL_VIEW_OUTLINE: $sResult = $this->parseHtmlByContent($aResult['content'], array('post_id' => $aEvent['id'], 'post_owner_icon' => get_member_icon($aEvent['owner_id'], 'none'), 'comments_content' => $sComments)); break; } return $sResult; }
/** * Prints total members statisric */ function contr_panel_members_total($w = "") { global $site; global $prof; global $PageCompMemberStat_db_num; $free_mode = getParam("free_mode") == "on" ? 1 : 0; // members statistics $total_c2 = strlen($_POST['total_c2']) ? $_POST['total_c2'] : getParam("default_country"); $total_arr = db_arr("SELECT COUNT(ID) FROM `Profiles` WHERE Status = 'Active'"); $total_arr_week = db_arr("SELECT COUNT(ID) FROM `Profiles` WHERE Status = 'Active' AND (TO_DAYS(NOW()) - TO_DAYS(LastReg)) <= 7"); if (!$free_mode) { $total_arr_gold = getMembersCount(MEMBERSHIP_ID_STANDARD, '', true); } $total_c_arr = db_arr("SELECT COUNT(ID) FROM `Profiles` WHERE Status = 'Active' AND `Country` = '" . process_db_input($total_c2) . "'"); $total_members = $total_arr[0]; $total_c_members = $total_c_arr[0]; $c_arr = $prof['countries']; $ret = ''; $ret .= '<div class="totalRegBlock">'; $ret .= '<div class="clear_both"></div>'; $ret .= '<div style="position:relative; float:left;"><img src="' . $site['icons'] . 'group.gif" alt="" /></div>'; $ret .= '<div style="position:relative; float:left; white-space:nowrap; left:5px; font-weight:bold; color:#000;">' . _t("_Total Registered") . '</div>'; $ret .= '<div class="clear_both"></div>'; $ret .= '<div style="position:relative; margin:0px 0px;"></div>'; $ret .= '<div class="member_stat_block">'; $ret .= '<div><img src="' . $site['icons'] . 'us.gif" alt="" /><span style="margin-left:5px;">' . _t("_Total") . ' - ' . $total_arr[0] . '</span></div>'; if (!$free_mode) { $ret .= '<div><img src="' . $site['icons'] . 'us.gif" alt="" /><span style="margin-left:5px;">' . _t("_Gold Members") . ' - ' . $total_arr_gold . '</span></div>'; } $ret .= '<div><img src="' . $site['icons'] . 'us.gif" alt="" /><span style="margin-left:5px;">' . _t("_New this week") . ' - ' . $total_arr_week[0] . '</span></div>'; $ret .= '<div><img src="' . $site['icons'] . 'us.gif" alt="" /><span style="margin-left:5px;">' . $total_c_members . ' ' . _t("_members") . ' ' . _t("_from") . '</span></div>'; $ret .= '<div class="mem_stat_country">'; $ret .= '<form action="' . $_SERVER['PHP_SELF'] . '" method="post" name="cForm2">'; $ret .= '<input type="hidden" name="total_c2" value="' . $total_c2 . '" />'; $ret .= '<select class="mem_stat_country_select" name="total_c2" onChange="javascript:this.form.submit();">'; foreach ($c_arr as $key => $value) { $ret .= '<option value="' . $key . '"'; if ($key == $total_c2) { $ret .= ' selected="selected"'; } $ret .= '>' . _t('__' . $value) . '</option>'; } $ret .= '</select>'; $ret .= '</form>'; $ret .= '</div>'; $ret .= '</div>'; $ret .= '</div>'; return $ret; }
function exists($sId = '') { if (empty($sId) && isset($_COOKIE[BX_DOL_SESSION_COOKIE])) { $sId = process_db_input($_COOKIE[BX_DOL_SESSION_COOKIE], BX_TAGS_STRIP); } $mixedSession = array(); if (($mixedSession = $this->oDb->exists($sId)) !== false) { $this->sId = $mixedSession['id']; $this->iUserId = (int) $mixedSession['user_id']; $this->aData = unserialize($mixedSession['data']); return true; } else { return false; } }
function finalizeCheckout(&$aData) { $this->_logInfo(__METHOD__, $aData); $iPending = (int) $aData['INVNUM']; $aPending = $this->_oDb->getPending(array('type' => 'id', 'id' => $iPending)); if (!empty($aPending['order']) || !empty($aPending['error_code']) || !empty($aPending['error_msg']) || (int) $aPending['processed'] != 0) { return array('code' => 0, 'message' => _t($this->_sLangsPrefix . 'err_already_processed')); } $iResponseCode = (int) $aData['RESULT']; $sResponseMessage = process_db_input($aData['RESPMSG'], BX_TAGS_STRIP); $aResult = array('code' => $iResponseCode == 0 ? 1 : 0, 'message' => $iResponseCode == 0 ? _t($this->_sLangsPrefix . 'msg_accepted') : $sResponseMessage, 'pending_id' => $iPending); //--- Update pending transaction ---// $this->_oDb->updatePending($iPending, array('order' => process_db_input($aData['PPREF'], BX_TAGS_STRIP), 'order_ref' => process_db_input($aData['PNREF'], BX_TAGS_STRIP), 'error_code' => $aResult['code'], 'error_msg' => $sResponseMessage)); return $aResult; }
function PageCodeInjections() { $aForm = array('form_attrs' => array('id' => 'adm-settings-injections', 'name' => 'adm-settings-injections', 'action' => $GLOBALS['site']['url_admin'] . 'basic_settings.php', 'method' => 'post'), 'params' => array('db' => array('submit_name' => 'save_injections')), 'inputs' => array('head' => array('type' => 'textarea', 'name' => 'head', 'caption' => _t('_adm_txt_settings_injection_head'), 'info' => _t('_adm_dsc_settings_injection_head')), 'body' => array('type' => 'textarea', 'name' => 'body', 'caption' => _t('_adm_txt_settings_injection_body'), 'info' => _t('_adm_dsc_settings_injection_body')), 'save_injections' => array('type' => 'submit', 'name' => 'save_injections', 'value' => _t("_adm_btn_settings_save")))); $oForm = new BxTemplFormView($aForm); $sResult = ''; if ($oForm->isSubmittedAndValid()) { $b = $GLOBALS['MySQL']->res("UPDATE `sys_injections` SET `data` = '" . process_db_input($_POST['head']) . "' WHERE `name` = 'sys_head'"); $b |= $GLOBALS['MySQL']->res("UPDATE `sys_injections` SET `data` = '" . process_db_input($_POST['body']) . "' WHERE `name` = 'sys_body'"); if ($b) { $GLOBALS['MySQL']->cleanCache('sys_injections.inc'); } $sResult = MsgBox(_t($b ? '_Success' : '_Error')); } $oForm->aInputs['head']['value'] = $GLOBALS['MySQL']->getOne("SELECT `data` FROM `sys_injections` WHERE `name` = 'sys_head'"); $oForm->aInputs['body']['value'] = $GLOBALS['MySQL']->getOne("SELECT `data` FROM `sys_injections` WHERE `name` = 'sys_body'"); return DesignBoxAdmin(_t('_adm_box_cpt_injections'), $GLOBALS['oAdmTemplate']->parseHtmlByName('design_box_content.html', array('content' => $sResult . $oForm->getCode()))); }
/** * Generating Main page code * * @return ALL presentation of data */ function PageCompPageMainCode() { $sRetHtml = ''; global $oClassifieds; $oClassifieds->sCurrBrowsedFile = $_SERVER['PHP_SELF']; $oClassifieds->sCurrBrowsedFile = 'classifieds.php'; $sRetHtml .= $oClassifieds->PrintCommandForms(); if ($_REQUEST) { if (isset($_GET['tag'])) { $sTag = process_db_input($_GET['tag']); $sRetHtml .= $oClassifieds->PrintAdvertisementsByTag($sTag); } } // else { // $sRetHtml .= $oClassifieds -> PrintClassifieds(); // } return $sRetHtml; }
function getFileIdByUri($sFileName, $sType = '') { $sFileName = process_db_input($sFileName); switch ($sType) { case 'photo': $sqlQuery = "SELECT `medID` FROM `sharePhotoFiles` WHERE `medUri`='{$sFileName}'"; break; case 'music': $sqlQuery = "SELECT `ID` FROM `RayMusicFiles` WHERE `Uri`='{$sFileName}'"; break; case 'video': $sqlQuery = "SELECT `ID` FROM `RayMovieFiles` WHERE `Uri`='{$sFileName}'"; break; default: break; } return (int) db_value($sqlQuery); }
function sendMessage($sUser, $sPwd, $sRecipient, $sSubj, $sText, $sSendTo) { $aRet = array(); if (!($iId = BxDolXMLRPCUtil::checkLogin($sUser, $sPwd))) { return new xmlrpcresp(new xmlrpcval(array('error' => new xmlrpcval(1, "int")), "struct")); } bx_import('BxTemplMailBox'); $sRecipient = process_db_input($sRecipient, BX_TAGS_NO_ACTION, BX_SLASHES_NO_ACTION); $aRecipient = db_arr("SELECT * FROM `Profiles` WHERE `NickName` = '{$sRecipient}'"); if (!$aRecipient) { return new xmlrpcval(BX_MAILBOX_SEND_UNKNOWN_RECIPIENT); } $aMailBoxSettings = array('member_id' => $iId); $oMailBox = new BxTemplMailBox('mail_page_compose', $aMailBoxSettings); $aComposeSettings = array('send_copy' => 'recipient' == $sSendTo || 'both' == $sSendTo ? true : false, 'notification' => false, 'send_copy_to_me' => 'me' == $sSendTo || 'both' == $sSendTo ? true : false); $oMailBox->sendMessage($sSubj, nl2br($sText), $aRecipient['ID'], $aComposeSettings); return new xmlrpcval($oMailBox->iSendMessageStatusCode); }
/** * Overwtire the method of parent class. * * @param BxDolAlerts $oAlert an instance of alert. */ function response($oAlert) { $bFromWall = !empty($oAlert->aExtras) && (int) $oAlert->aExtras['from_wall'] == 1; if ($bFromWall) { $this->_oModule->_iOwnerId = (int) $oAlert->aExtras['owner_id']; $sMedia = strtolower(str_replace('bx_', '', $oAlert->sUnit)); $aMediaInfo = $this->_oModule->_getCommonMedia($sMedia, $oAlert->iObject); $iOwnerId = $this->_oModule->_iOwnerId; $iObjectId = $this->_oModule->_getAuthorId(); $sType = $this->_oModule->_oConfig->getCommonPostPrefix() . $sMedia; $sAction = ''; $sContent = $aMediaInfo['content']; $sTitle = $aMediaInfo['title']; $sDescription = $aMediaInfo['description']; } else { $iOwnerId = $oAlert->iSender; $iObjectId = $oAlert->iObject; $sType = $oAlert->sUnit; $sAction = $oAlert->sAction; $sContent = is_array($oAlert->aExtras) && !empty($oAlert->aExtras) ? serialize($oAlert->aExtras) : ''; $sTitle = $sDescription = ''; } if ($oAlert->sUnit == 'profile' && $oAlert->sAction == 'delete') { $this->_oModule->_oDb->deleteEvent(array('owner_id' => $oAlert->iObject)); $this->_oModule->_oDb->deleteEventCommon(array('object_id' => $oAlert->iObject)); return; } else { if ($oAlert->sUnit == 'profile' && $oAlert->sAction == 'edit' && $iOwnerId != $iObjectId) { return; } } //profile edit|1|2 $iId = $this->_oModule->_oDb->insertEvent(array('owner_id' => $iOwnerId, 'object_id' => $iObjectId, 'type' => $sType, 'action' => $sAction, 'content' => process_db_input($sContent, BX_TAGS_NO_ACTION, BX_SLASHES_NO_ACTION), 'title' => process_db_input($sTitle, BX_TAGS_NO_ACTION, BX_SLASHES_NO_ACTION), 'description' => process_db_input($sDescription, BX_TAGS_NO_ACTION, BX_SLASHES_NO_ACTION))); if ($bFromWall) { echo "<script>parent." . $this->_oModule->_sJsPostObject . "._getPost(null, " . $iId . ")</script>"; } if (!$bFromWall && $this->_oModule->_oConfig->useFullCompilation()) { $aEvents = $this->_oModule->_oDb->getEvents(array('type' => 'id', 'object_id' => $iId)); $sContent = $this->_oModule->getSystem($aEvents[0]); $this->_oDb->updateEvent(array('content' => $sContent), $aEvents[0]['id']); } }
function BxDolSharedMediaView($iFile, $sMediaType, &$aSite, &$aDir, &$aMember) { $this->iFile = (int) $iFile; $this->sType = process_db_input($sMediaType); $this->oShared = new BxDolSharedMedia($sMediaType, $aSite, $aDir, $aMember); $this->aInfo = $this->oShared->getFileInfo($this->iFile); switch ($sMediaType) { case 'photo': $sComms = 'sharedPhoto'; break; case 'music': $sComms = 'sharedMusic'; break; case 'video': $sComms = 'sharedVideo'; break; } $this->oCmtsView = new BxTemplCmtsView($sComms, (int) $this->iFile); parent::BxDolPageView($sMediaType); }