function getProfileInfoExtra()
{
$oPrivacy = new BxDolPrivacy('sys_page_compose_privacy', 'id', 'user_id');
$aRet = array();
$r = db_res("SELECT `pc`.`Caption`, `pc`.`Content`, `pc`.`Func`, `pc`.`ID` AS `BlockID`\n FROM `sys_profile_fields` AS `pf` \n INNER JOIN `sys_page_compose` AS `pc` \n ON ((`pc`.`Func` = 'PFBlock' AND `pc`.`Content` = `pf`.`ID`) OR (`pc`.`Func` = 'GeneralInfo' AND " . BX_BLOCK_GENERALINFO . " = `pf`.`ID`) OR (`pc`.`Func` = 'AdditionalInfo' AND " . BX_BLOCK_ADDITIONALINFO . " = `pf`.`ID`))\n WHERE `pc`.`Page` = 'profile_info' AND `pf`.`Type` = 'block' AND `pc`.`Column` != 0 \n ORDER BY `pc`.`Column`, `pc`.`Order`");
while ($a = $r->fetch()) {
$iPrivacyId = (int) $GLOBALS['MySQL']->getOne("SELECT `id` FROM `sys_page_compose_privacy` WHERE `user_id`='" . $this->_iProfileID . "' AND `block_id`='" . $a['BlockID'] . "' LIMIT 1");
if ($iPrivacyId != 0 && !$oPrivacy->check('view_block', $iPrivacyId, $this->_iViewerId)) {
continue;
}
switch ($a['Func']) {
case 'GeneralInfo':
$i = BX_BLOCK_GENERALINFO;
break;
case 'AdditionalInfo':
$i = BX_BLOCK_ADDITIONALINFO;
break;
default:
$i = $a['Content'];
}
$aBlock = $this->getProfileInfoBlock($a['Caption'], $i);
if (false === $aBlock) {
continue;
}
$aRet[] = $aBlock;
}
if ($this->_iViewerId == $this->_iProfileID) {
$aOwnInfo[] = new xmlrpcval(array('Caption' => new xmlrpcval(_t('_E-mail')), 'Type' => new xmlrpcval('text'), 'Value1' => new xmlrpcval($this->_aProfile['Email'])), "struct");
$aOwnInfo[] = new xmlrpcval(array('Caption' => new xmlrpcval(_t('_Membership2')), 'Type' => new xmlrpcval('text'), 'Value1' => new xmlrpcval(strip_tags(GetMembershipStatus($this->_iProfileID, false, false)))), "struct");
$aOwnInfo[] = new xmlrpcval(array('Caption' => new xmlrpcval(_t('_Status')), 'Type' => new xmlrpcval('text'), 'Value1' => new xmlrpcval(_t('__' . $this->_aProfile['Status']))), "struct");
$aRet[] = new xmlrpcval(array('Info' => new xmlrpcval($aOwnInfo, "array"), 'Title' => new xmlrpcval(_t('_Account Info'))), "struct");
}
return new xmlrpcval($aRet, "array");
}
function BxBaseAlbumForm($sType, $iAlbum = 0)
{
$this->iOwnerId = (int) $_COOKIE['memberID'];
if ($this->iOwnerId == 0) {
return;
}
$this->iAlbumId = (int) $iAlbum;
$this->sType = strip_tags($sType);
$oPrivacy = new BxDolPrivacy('sys_albums', 'ID', 'Owner');
$aPrivField = $oPrivacy->getGroupChooser($this->iOwnerId, 'sys_albums', 'view');
$this->aForm = array('form_attrs' => array('name' => 'form_album', 'action' => '', 'method' => 'post', 'enctype' => 'multipart/form-data'), 'params' => array('db' => array('table' => 'sys_albums', 'key' => 'ID', 'uri' => 'Uri', 'uri_title' => 'Caption', 'submit_name' => 'save')), 'inputs' => array('Caption' => array('type' => 'text', 'name' => 'Caption', 'caption' => _t('_sys_album_caption_capt'), 'required' => true, 'checker' => array('func' => 'length', 'params' => array(3, 128), 'error' => _t('_sys_album_err_capt')), 'db' => array('pass' => 'Xss'), 'display' => true), 'Location' => array('type' => 'text', 'name' => 'Location', 'caption' => _t('_sys_album_caption_loc'), 'db' => array('pass' => 'Xss'), 'display' => true), 'Description' => array('type' => 'textarea', 'name' => 'Description', 'caption' => _t('_sys_album_caption_desc'), 'required' => true, 'html' => false, 'checker' => array('func' => 'length', 'params' => array(3, 255), 'error' => _t('_sys_album_err_desc')), 'db' => array('pass' => 'Xss')), 'allow_view_to' => $aPrivField, 'Type' => array('type' => 'hidden', 'name' => 'Type', 'db' => array('pass' => 'Xss'), 'value' => $this->sType), 'Control' => array('type' => 'input_set', 0 => array('type' => 'submit', 'name' => 'save', 'value' => _t("_sys_album_create")), 1 => array('type' => 'reset', 'name' => 'cancel', 'value' => _t("_sys_album_cancel")))));
$iAlbum = (int) $iAlbum;
if ($this->iAlbumId > 0) {
$oAlbum = new BxDolAlbums($this->sType);
$this->aInfo = $oAlbum->getAlbumInfo(array('fileId' => $iAlbum));
if ($this->iOwnerId != $this->aInfo['Owner']) {
return;
}
$this->aForm['inputs']['Control'] = array('type' => 'input_set', 'colspan' => true, 0 => array('type' => 'submit', 'name' => 'save', 'value' => _t("_sys_album_save_changes")), 1 => array('type' => 'submit', 'name' => 'delete', 'value' => _t("_sys_album_delete")), 2 => array('type' => 'submit', 'name' => 'launch', 'value' => _t("_sys_album_add")), 3 => array('type' => 'submit', 'name' => 'launch', 'value' => _t("_sys_album_edit_items")), 4 => array('type' => 'submit', 'name' => 'launch', 'value' => _t("_sys_album_organize")), 5 => array('type' => 'reset', 'name' => 'cancel', 'value' => _t("_sys_album_cancel")));
foreach ($this->aForm['inputs'] as $sKey => $aValue) {
if ($sKey != 'Control') {
$this->aForm['inputs'][$sKey]['value'] = $this->aInfo[$sKey];
}
}
}
}
function genBlock($iBlockID, $aBlock, $bStatic = true, $sDynamicType = 'tab')
{
//--- Privacy for Profile page ---//
$oPrivacy = new BxDolPrivacy('sys_page_compose_privacy', 'id', 'user_id');
$iPrivacyId = (int) $GLOBALS['MySQL']->getOne("SELECT `id` FROM `sys_page_compose_privacy` WHERE `user_id`='" . $this->oProfileGen->_iProfileID . "' AND `block_id`='" . $iBlockID . "' LIMIT 1");
if ($iPrivacyId != 0 && !$oPrivacy->check('view_block', $iPrivacyId, $this->iMemberID)) {
return false;
}
//--- Privacy for Profile page ---//
return parent::genBlock($iBlockID, $aBlock, $bStatic, $sDynamicType);
}
function BxDolTextData(&$oModule)
{
$this->_oModule = $oModule;
$this->_iOwnerId = BxDolTextData::getAuthorId();
$oCategories = new BxDolCategories();
$oCategories->getTagObjectConfig();
$this->_aForm = array('form_attrs' => array('id' => 'text_data', 'name' => 'text_data', 'action' => bx_html_attribute($_SERVER['PHP_SELF']), 'method' => 'post', 'enctype' => 'multipart/form-data'), 'params' => array('db' => array('table' => '', 'key' => 'id', 'uri' => 'uri', 'uri_title' => 'caption', 'submit_name' => 'post')), 'inputs' => array('author_id' => array('type' => 'hidden', 'name' => 'author_id', 'value' => $this->_iOwnerId, 'db' => array('pass' => 'Int')), 'caption' => array('type' => 'text', 'name' => 'caption', 'caption' => _t("_td_caption"), 'value' => '', 'required' => 1, 'checker' => array('func' => 'length', 'params' => array(3, 64), 'error' => _t('_td_err_incorrect_length')), 'db' => array('pass' => 'Xss')), 'snippet' => array('type' => 'textarea', 'html' => 0, 'name' => 'snippet', 'caption' => _t("_td_snippet"), 'value' => '', 'required' => 1, 'checker' => array('func' => 'length', 'params' => array(3, 200), 'error' => _t('_td_err_incorrect_length')), 'db' => array('pass' => 'Xss')), 'content' => array('type' => 'textarea', 'html' => 2, 'name' => 'content', 'caption' => _t("_td_content"), 'value' => '', 'required' => 1, 'checker' => array('func' => 'length', 'params' => array(3, 65536), 'error' => _t('_td_err_incorrect_length')), 'db' => array('pass' => 'XssHtml')), 'when' => array('type' => 'datetime', 'name' => 'when', 'caption' => _t("_td_date"), 'value' => date('Y-m-d H:i'), 'required' => 1, 'checker' => array('func' => 'DateTime', 'error' => _t('_td_err_empty_value')), 'db' => array('pass' => 'DateTime')), 'tags' => array('type' => 'text', 'name' => 'tags', 'caption' => _t("_td_tags"), 'value' => '', 'required' => 1, 'checker' => array('func' => 'length', 'params' => array(3, 64), 'error' => _t('_td_err_incorrect_length')), 'info' => _t('_sys_tags_note'), 'db' => array('pass' => 'Xss')), 'categories' => $oCategories->getGroupChooser($this->_oModule->_oConfig->getCategoriesSystemName(), $this->_iOwnerId, true), 'allow_comment_to' => array(), 'allow_vote_to' => array(), 'post' => array('type' => 'submit', 'name' => 'post', 'value' => _t("_td_post"))));
if (!empty($this->_iOwnerId)) {
$oPrivacy = new BxDolPrivacy();
$sModuleUri = $this->_oModule->_oConfig->getUri();
$this->_aForm['inputs']['allow_comment_to'] = $oPrivacy->getGroupChooser($this->_iOwnerId, $sModuleUri, 'comment');
$this->_aForm['inputs']['allow_vote_to'] = $oPrivacy->getGroupChooser($this->_iOwnerId, $sModuleUri, 'vote');
}
}
public function __construct($aOptions, $oTemplate)
{
parent::__construct($aOptions);
if ($oTemplate) {
$this->_oTemplate = $oTemplate;
} else {
$this->_oTemplate = BxDolTemplate::getInstance();
}
}
/**
* @description : function will generate profile block (used the profile template );
* @return : Html presentation data ;
*/
function PrintSearhResult($aProfileInfo, $aCoupleInfo = '', $aExtendedKey = null, $sTemplateName = '', $oCustomTemplate = null)
{
global $site;
global $aPreValues;
$iVisitorID = getLoggedId();
$bExtMode = !empty($_GET['mode']) && $_GET['mode'] == 'extended' || !empty($_GET['search_result_mode']) && $_GET['search_result_mode'] == 'ext';
$isShowMatchPercent = $bExtMode && $iVisitorID && $iVisitorID != $aProfileInfo['ID'] && getParam('view_match_percent') && getParam('enable_match');
$bPublic = $bExtMode ? bx_check_profile_visibility($aProfileInfo['ID'], $iVisitorID, true) : true;
if ($bPublic && $iVisitorID != $aProfileInfo['ID'] && !isAdmin()) {
$oPrivacy = new BxDolPrivacy('sys_page_compose_privacy', 'id', 'user_id');
$iBlockID = $GLOBALS['MySQL']->getOne("SELECT `ID` FROM `sys_page_compose` WHERE `Page` = 'profile' AND `Func` = 'Description' AND `Column` != 0");
$iPrivacyId = (int) $GLOBALS['MySQL']->getOne("SELECT `id` FROM `sys_page_compose_privacy` WHERE `user_id`='{$aProfileInfo['ID']}' AND `block_id`='{$iBlockID}' LIMIT 1");
$bPublic = !$iBlockID || !$iPrivacyId || $oPrivacy->check('view_block', $iPrivacyId, $iVisitorID);
}
$sProfileThumb = get_member_thumbnail($aProfileInfo['ID'], 'none', !$bExtMode, 'visitor');
$sProfileMatch = $isShowMatchPercent ? $GLOBALS['oFunctions']->getProfileMatch($iVisitorID, $aProfileInfo['ID']) : '';
$sProfileNickname = '<a href="' . getProfileLink($aProfileInfo['ID']) . '">' . getNickName($aProfileInfo['ID']) . '</a>';
$sProfileInfo = $GLOBALS['oFunctions']->getUserInfo($aProfileInfo['ID']);
$sProfileDesc = $bPublic ? strmaxtextlen($aProfileInfo['DescriptionMe'], 130) : _t('_sys_profile_private_text_title');
$sProfileZodiac = $bPublic && $bExtMode && getParam('zodiac') ? $GLOBALS['oFunctions']->getProfileZodiac($aProfileInfo['DateOfBirth']) : '';
$sProfile2ASc1 = $sProfile2ASc2 = $sProfile2Nick = $sProfile2Desc = $sProfile2Info = $sProfile2Zodiac = '';
if ($aCoupleInfo) {
$sProfile2Nick = '<a href="' . getProfileLink($aCoupleInfo['ID']) . '">' . getNickName($aCoupleInfo['ID']) . '</a>';
$sProfile2Info = $GLOBALS['oFunctions']->getUserInfo($aCoupleInfo['ID']);
$sProfile2Desc = $bPublic ? strmaxtextlen($aCoupleInfo['DescriptionMe'], 130) : _t('_sys_profile_private_text_title');
$sProfile2Zodiac = $bPublic && $bExtMode && getParam('zodiac') ? $GLOBALS['oFunctions']->getProfileZodiac($aCoupleInfo['DateOfBirth']) : '';
$sProfile2ASc1 = 'float:left;width:31%;margin-right:10px;';
$sProfile2ASc2 = 'float:left;width:31%;display:block;';
} else {
$sProfile2ASc2 = 'display:none;';
}
$aKeys = array('thumbnail' => $sProfileThumb, 'match' => $sProfileMatch, 'nick' => $sProfileNickname, 'info' => $sProfileInfo, 'i_am_desc' => $sProfileDesc, 'zodiac_sign' => $sProfileZodiac, 'nick2' => $sProfile2Nick, 'info2' => $sProfile2Info, 'i_am_desc2' => $sProfile2Desc, 'zodiac_sign2' => $sProfile2Zodiac, 'add_style_c1' => $sProfile2ASc1, 'add_style_c2' => $sProfile2ASc2);
if ($aExtendedKey and is_array($aExtendedKey) and !empty($aExtendedKey)) {
foreach ($aExtendedKey as $sKey => $sValue) {
$aKeys[$sKey] = $sValue;
}
} else {
$aKeys['ext_css_class'] = '';
}
return $oCustomTemplate ? $oCustomTemplate->parseHtmlByName($sTemplateName, $aKeys) : $GLOBALS['oSysTemplate']->parseHtmlByName($sTemplateName, $aKeys);
}
protected function addConditionsForPrivateContent($CNF, $oProfileAuthor)
{
// add conditions for private content
$oPrivacy = BxDolPrivacy::getObjectInstance($CNF['OBJECT_PRIVACY_VIEW']);
$a = $oPrivacy ? $oPrivacy->getContentPublicAsCondition($oProfileAuthor ? $oProfileAuthor->id() : 0) : array();
if (isset($a['restriction'])) {
$this->aCurrent['restriction'] = array_merge($this->aCurrent['restriction'], $a['restriction']);
}
if (isset($a['join'])) {
$this->aCurrent['join'] = array_merge($this->aCurrent['join'], $a['join']);
}
$this->setProcessPrivateContent(false);
}
function getUserInfo($sUser, $sPwd, $sNick, $sLang)
{
$iIdProfile = BxDolXMLRPCUtil::getIdByNickname($sNick);
if (!$iIdProfile || !($iId = BxDolXMLRPCUtil::checkLogin($sUser, $sPwd))) {
return new xmlrpcresp(new xmlrpcval(array('error' => new xmlrpcval(1, "int")), "struct"));
}
BxDolXMLRPCUtil::setLanguage($sLang);
if ($iIdProfile != $iId) {
// privacy
bx_import('BxDolPrivacy');
$oPrivacy = new BxDolPrivacy('Profiles', 'ID', 'ID');
if ($iIdProfile != $iId && !$oPrivacy->check('view', $iIdProfile, $iId)) {
return new xmlrpcval('-1');
}
// membership
$aCheckRes = checkAction($iId, ACTION_ID_VIEW_PROFILES, true, $iIdProfile);
if ($aCheckRes[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED) {
return new xmlrpcval($aCheckRes[CHECK_ACTION_MESSAGE]);
}
}
$aRet = BxDolXMLRPCUtil::getUserInfo($iIdProfile);
return new xmlrpcval($aRet, "struct");
}
protected function _getSqlPartsEventsList($aParams)
{
$sJoinClause = $sWhereClause = "";
if (isset($aParams['active'])) {
$sWhereClause .= $this->prepare("AND `{$this->_sTable}`.`active`=? ", (int) $aParams['active']);
}
//--- Apply modules or handlers filter
$sWhereModuleFilter = '';
if (!empty($aParams['modules']) && is_array($aParams['modules'])) {
$sWhereModuleFilter = "AND `" . $this->_sTable . "`.`type` IN (" . $this->implode_escape($aParams['modules']) . ") ";
}
if ($sWhereModuleFilter == '') {
$aHidden = $this->_oConfig->getHandlersHidden();
$sWhereModuleFilter = !empty($aHidden) && is_array($aHidden) ? "AND `" . $this->_sTableHandlers . "`.`id` NOT IN (" . $this->implode_escape($aHidden) . ") " : "";
}
if ($sWhereModuleFilter != '') {
$sWhereClause .= $sWhereModuleFilter;
}
//--- Check flag 'New'
if (!empty($aParams['new']) && !empty($aParams['owner_id'])) {
$sSql = $this->prepare("SELECT `event_id` FROM `" . $this->_sTableEvt2Usr . "` WHERE `user_id`=? LIMIT 1", (int) $aParams['owner_id']);
$iId = (int) $this->getOne($sSql);
$sWhereClause .= $this->prepare("AND `{$this->_sTable}`.`id`>? ", $iId);
}
//--- Apply privacy filter
$oPrivacy = BxDolPrivacy::getObjectInstance($this->_oConfig->getObject('privacy_view'));
$aQueryParts = $oPrivacy->getContentByGroupAsSQLPart(BX_DOL_PG_ALL);
$sWhereClause .= $aQueryParts['where'] . " ";
//--- Check type
if (!empty($aParams['owner_id'])) {
switch ($aParams['type']) {
case BX_BASE_MOD_NTFS_TYPE_OWNER:
$sWhereClause .= $this->prepare("AND `{$this->_sTable}`.`owner_id`=? ", $aParams['owner_id']);
break;
case BX_BASE_MOD_NTFS_TYPE_OBJECT_OWNER:
$sWhereClause .= $this->prepare("AND `{$this->_sTable}`.`owner_id`<>`{$this->_sTable}`.`object_owner_id` AND `{$this->_sTable}`.`object_owner_id`=? ", $aParams['owner_id']);
break;
case BX_BASE_MOD_NTFS_TYPE_CONNECTIONS:
$oConnection = BxDolConnection::getObjectInstance($this->_oConfig->getObject('conn_subscriptions'));
$aQueryParts = $oConnection->getConnectedContentAsSQLParts($this->_sPrefix . "events", 'owner_id', $aParams['owner_id']);
$sJoinClause .= ' ' . $aQueryParts['join'];
break;
}
}
return array($sJoinClause, $sWhereClause);
}
public function __construct($aInfo, $oTemplate = false)
{
parent::__construct($aInfo, $oTemplate);
$CNF =& $this->_oModule->_oConfig->CNF;
if (isset($this->aInputs[$CNF['FIELD_TEXT']])) {
$this->aInputs[$CNF['FIELD_TEXT']]['attrs'] = array_merge(array('id' => $CNF['FIELD_TEXT_ID']), is_array($this->aInputs[$CNF['FIELD_TEXT']]['attrs']) ? $this->aInputs[$CNF['FIELD_TEXT']]['attrs'] : array());
}
if (isset($this->aInputs[$CNF['FIELD_PHOTO']])) {
$this->aInputs[$CNF['FIELD_PHOTO']]['storage_object'] = $CNF['OBJECT_STORAGE'];
$this->aInputs[$CNF['FIELD_PHOTO']]['uploaders'] = array('sys_simple', 'sys_html5');
$this->aInputs[$CNF['FIELD_PHOTO']]['images_transcoder'] = $CNF['OBJECT_IMAGES_TRANSCODER_PREVIEW'];
$this->aInputs[$CNF['FIELD_PHOTO']]['multiple'] = true;
$this->aInputs[$CNF['FIELD_PHOTO']]['content_id'] = 0;
$this->aInputs[$CNF['FIELD_PHOTO']]['ghost_template'] = '';
}
if (isset($this->aInputs[$CNF['FIELD_ALLOW_VIEW_TO']])) {
bx_import('BxDolPrivacy');
$this->aInputs[$CNF['FIELD_ALLOW_VIEW_TO']] = BxDolPrivacy::getGroupChooser($CNF['OBJECT_PRIVACY_VIEW']);
}
}
/**
* Constructor
*/
function __construct(&$oModule)
{
parent::__construct('bx_blogs_posts', 'PostID', 'OwnerID');
}
/**
* Check profile existing, membership/acl, profile status and privacy.
* If some of visibility options are not allowed then appropritate page is shown and exit called.
* @param $iViewedId viewed member id
* @param $iViewerId viewer member id
* @return nothing
*/
function bx_check_profile_visibility($iViewedId, $iViewerId = 0, $bReturn = false)
{
global $logged, $site, $_page, $_page_cont, $p_arr;
// check if profile exists
if (!$iViewedId) {
if ($bReturn) {
return false;
}
$GLOBALS['oSysTemplate']->displayPageNotFound();
exit;
}
// check if viewer can view profile
$bPerform = $iViewedId == $iViewerId ? FALSE : TRUE;
$check_res = checkAction($iViewerId, ACTION_ID_VIEW_PROFILES, $bPerform, $iViewedId);
if ($check_res[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED && !$logged['admin'] && !$logged['moderator'] && $iViewerId != $iViewedId) {
if ($bReturn) {
return false;
}
$_page['header'] = "{$site['title']} " . _t("_Member Profile");
$_page['header_text'] = "{$site['title']} " . _t("_Member Profile");
$_page['name_index'] = 0;
$_page_cont[0]['page_main_code'] = MsgBox($check_res[CHECK_ACTION_MESSAGE]);
PageCode();
exit;
}
bx_import('BxBaseProfileView');
$oProfile = new BxBaseProfileGenerator($iViewedId);
$p_arr = $oProfile->_aProfile;
// check if viewed member is active
if (!($p_arr['ID'] && ($logged['admin'] || $logged['moderator'] || $oProfile->owner || $p_arr['Status'] == 'Active'))) {
if ($bReturn) {
return false;
}
header("HTTP/1.1 404 Not Found");
$GLOBALS['oSysTemplate']->displayMsg(_t("_Profile NA"));
exit;
}
// check privacy
if (!$logged['admin'] && !$logged['moderator'] && $iViewerId != $iViewedId) {
$oPrivacy = new BxDolPrivacy('Profiles', 'ID', 'ID');
if (!$oPrivacy->check('view', $iViewedId, $iViewerId)) {
if ($bReturn) {
return false;
}
bx_import('BxDolProfilePrivatePageView');
$oProfilePrivateView = new BxDolProfilePrivatePageView($oProfile, $site, $dir);
$_page['name_index'] = 7;
$_page_cont[7]['page_main_code'] = $oProfilePrivateView->getCode();
PageCode();
exit;
}
}
if ($bReturn) {
return true;
}
}
/**
* Get Select element with available groups.
*
* @param string $sObject privacy object name.
* @param integer $iOwnerId object's owner ID.
* @param array $aParams an array of custom selector's params (dynamic_groups - an array of arrays('key' => group_id, 'value' => group_title), title - the title to be used for generated field).
* @return an array with Select element description.
*/
public static function getGroupChooser($sObject, $iOwnerId = 0, $aParams = array())
{
$oPrivacy = BxDolPrivacy::getObjectInstance($sObject);
if (empty($oPrivacy)) {
return array();
}
$sModule = $oPrivacy->_aObject['module'];
$sAction = $oPrivacy->_aObject['action'];
if ($iOwnerId == 0) {
$iOwnerId = bx_get_logged_profile_id();
}
$sValue = $oPrivacy->_oDb->getDefaultGroupByUser($sModule, $sAction, $iOwnerId);
if (empty($sValue)) {
$sValue = $oPrivacy->_oDb->getDefaultGroup($sModule, $sAction);
}
$aValues = array();
$aGroups = $oPrivacy->_oDb->getGroupsBy(array('type' => 'active'));
foreach ($aGroups as $aGroup) {
if ((int) $aGroup['active'] == 0) {
continue;
}
$aValues[] = array('key' => $aGroup['id'], 'value' => _t($aGroup['title']));
}
if (isset($aParams['dynamic_groups']) && is_array($aParams['dynamic_groups'])) {
$aValues = array_merge($aValues, $aParams['dynamic_groups']);
}
$sName = self::getFieldName($sAction);
$sTitle = isset($aParams['title']) && !empty($aParams['title']) ? $aParams['title'] : '';
if (empty($sTitle)) {
$sTitle = $oPrivacy->_oDb->getTitle($sModule, $sAction);
$sTitle = _t(!empty($sTitle) ? $sTitle : '_' . $sName);
}
return array('type' => 'select', 'name' => $sName, 'caption' => $sTitle, 'value' => $sValue, 'values' => $aValues, 'checker' => array('func' => 'avail', 'error' => _t('_ps_ferr_incorrect_select')), 'db' => array('pass' => 'Int'));
}
/**
* Constructor
*/
function BxPhotosPrivacy($sTable = 'bx_photos_main', $sId = 'ID', $sOwner = 'Owner')
{
parent::BxDolPrivacy($sTable, $sId, $sOwner);
}
/**
* Get location array
* @param $sPart module/part name
* @param $iEntryId entry's id which location is edited
* @param $iViewer viewer profile id
* @return false - location undefined, -1 - access denied, array - all good
*/
function serviceGetLocation($sPart, $iEntryId, $iViewer = false)
{
if (false === $iViewer) {
$iViewer = getLoggedId();
}
if ('profiles' == $sPart) {
if (!bx_check_profile_visibility($iEntryId, $iViewer, true)) {
return -1;
}
} else {
bx_import('BxDolPrivacy');
$oPrivacy = new BxDolPrivacy($this->_aParts[$sPart]['join_table'], $this->_aParts[$sPart]['join_field_id'], $this->_aParts[$sPart]['join_field_author']);
if (!$oPrivacy->check('view', $iEntryId, $iViewer)) {
return -1;
}
}
$aLocation = $this->_oDb->getDirectLocation($iEntryId, $this->_aParts[$sPart]);
if (!$aLocation || !$aLocation['lat'] && $aLocation['lng']) {
return false;
}
if (false === $aLocation['zoom'] || -1 == $aLocation['zoom']) {
$aLocation['zoom'] = getParam("bx_wmap_edit_{$sPart}_zoom");
}
if (!$aLocation['type']) {
$aLocation['type'] = getParam("bx_wmap_edit_{$sPart}_map_type");
}
return $aLocation;
}
/**
* Constructor
*/
function BxEventsPrivacy(&$oModule)
{
$this->oModule = $oModule;
parent::BxDolPrivacy($oModule->_oDb->_sPrefix . 'main', 'ID', 'ResponsibleID');
}
/**
* Constructor
*/
function BxSoundsPrivacy($sTable = 'RayMp3Files', $sId = 'ID', $sOwner = 'Owner')
{
parent::BxDolPrivacy($sTable, $sId, $sOwner);
}
/**
* Constructor
*/
function __construct(&$oModule)
{
parent::__construct($oModule->_oDb->getPrefix() . 'product_files', 'id', 'author_id');
}
/**
* Constructor
*/
function __construct(&$oModule)
{
parent::__construct($oModule->_oDb->sTablePrefix . 'privacy', 'author_id', 'author_id');
}
exit;
}
// Check if member can view profile
$check_res = checkAction($memberID, ACTION_ID_VIEW_PROFILES, true, $profileID);
if ($check_res[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED && !$logged['admin'] && !$logged['moderator'] && $memberID != $profileID) {
$_page['header'] = "{$site['title']} " . _t("_Member Profile");
$_page['header_text'] = "{$site['title']} " . _t("_Member Profile");
$_page['name_index'] = 0;
$_page_cont[0]['page_main_code'] = MsgBox($check_res[CHECK_ACTION_MESSAGE]);
PageCode();
exit;
}
$oProfile = new BxBaseProfileGenerator($profileID);
if (!$logged['admin'] && !$logged['moderator'] && $memberID != $profileID) {
//Check privacy
$oPrivacy = new BxDolPrivacy('Profiles', 'ID', 'ID');
if (!$oPrivacy->check('view', $profileID, $memberID)) {
$_page['name_index'] = 0;
$_page['header'] = "{$site['title']} " . _t("_Member Profile");
$_page['header_text'] = "{$site['title']} " . _t("_Member Profile");
$_page_cont[0]['page_main_code'] = MsgBox(_t('_INVALID_ROLE'));
PageCode();
exit;
}
}
$oProfile->oCmtsView->getExtraCss();
$oProfile->oCmtsView->getExtraJs();
$oProfile->oVotingView->getExtraJs();
$p_arr = $oProfile->_aProfile;
if (!($p_arr['ID'] && ($logged['admin'] || $logged['moderator'] || $oProfile->owner || $p_arr['Status'] == 'Active'))) {
header("HTTP/1.1 404 Not Found");
/**
* @return CHECK_ACTION_RESULT_ALLOWED if access is granted or error message if access is forbidden. So make sure to make strict(===) checking.
*/
public function checkAllowedView($aDataEntry, $isPerformAction = false)
{
$CNF =& $this->_oConfig->CNF;
// moderator and owner always have access
if ($aDataEntry[$CNF['FIELD_AUTHOR']] == $this->_iProfileId || $this->_isModerator($isPerformAction)) {
return CHECK_ACTION_RESULT_ALLOWED;
}
// check ACL
$aCheck = checkActionModule($this->_iProfileId, 'view entry', $this->getName(), $isPerformAction);
if ($aCheck[CHECK_ACTION_RESULT] !== CHECK_ACTION_RESULT_ALLOWED) {
return $aCheck[CHECK_ACTION_MESSAGE];
}
// check privacy
if (!empty($CNF['OBJECT_PRIVACY_VIEW'])) {
bx_import('BxDolPrivacy');
$oPrivacy = BxDolPrivacy::getObjectInstance($CNF['OBJECT_PRIVACY_VIEW']);
if ($oPrivacy && !$oPrivacy->check($aDataEntry[$CNF['FIELD_ID']])) {
return _t('_sys_access_denied_to_private_content');
}
}
return CHECK_ACTION_RESULT_ALLOWED;
}
/**
* Constructor
*/
function BxSimpleMessengerPrivacy(&$oModule)
{
parent::BxDolPrivacy($oModule->_oDb->sTablePrefix . 'privacy', 'author_id', 'author_id');
}
/**
* Class constructor;
*/
function __construct(&$oModule)
{
parent::__construct($oModule->_oDb->sTablePrefix . 'data', 'id_poll', 'id_profile');
}
/**
* Constructor
*/
function BxStorePrivacyProduct(&$oModule)
{
$this->oModule = $oModule;
parent::BxDolPrivacy($oModule->_oDb->getPrefix() . 'products', 'id', 'author_id');
}
function _checkUserPrivacy($iId, $iIdProfile)
{
$mixedAccessDenied = false;
if ($iIdProfile != $iId) {
// membership
$aCheckRes = checkAction($iId, ACTION_ID_VIEW_PROFILES, true, $iIdProfile);
if ($aCheckRes[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED) {
$mixedAccessDenied = strip_tags($aCheckRes[CHECK_ACTION_MESSAGE]);
}
// privacy
if (false === $mixedAccessDenied) {
bx_import('BxDolPrivacy');
$oPrivacy = new BxDolPrivacy('Profiles', 'ID', 'ID');
if ($iIdProfile != $iId && !$oPrivacy->check('view', $iIdProfile, $iId)) {
$mixedAccessDenied = '-1';
}
}
}
bx_import('BxDolAlerts');
$oZ = new BxDolAlerts('mobile', 'view_profile', $iIdProfile, $iId, array('access_denied' => &$mixedAccessDenied));
$oZ->alert();
if (false !== $mixedAccessDenied) {
return new xmlrpcval($mixedAccessDenied);
}
return true;
}
require_once 'inc/header.inc.php';
require_once BX_DIRECTORY_PATH_INC . 'design.inc.php';
bx_import('BxDolPrivacy');
bx_import('BxTemplPrivacyView');
check_logged();
if (!isLogged()) {
login_form();
exit;
}
$iId = getLoggedId();
$oPrivacyView = new BxTemplPrivacyView($iId);
if (isset($_POST['ps_action']) && $_POST['ps_action'] == 'get_chooser' && $iId != 0) {
$sPageName = (int) $_POST['ps_page_name'];
$iProfileId = (int) $_POST['ps_profile_id'];
$iBlockId = (int) $_POST['ps_block_id'];
$oPrivacy = new BxDolPrivacy('sys_page_compose_privacy', 'id', 'user_id');
$sCode = "";
$iMemberId = getLoggedId();
if ($iMemberId == $iProfileId) {
$aSelect = $oPrivacy->getGroupChooser($iMemberId, $sPageName, 'view_block');
$iCurGroupId = (int) $GLOBALS['MySQL']->getOne("SELECT `allow_view_block_to` FROM `sys_page_compose_privacy` WHERE `user_id`='" . $iMemberId . "' AND `block_id`='" . $iBlockId . "' LIMIT 1");
if ($iCurGroupId == 0) {
$iCurGroupId = (int) $aSelect['value'];
}
$aItems = array();
foreach ($aSelect['values'] as $aValue) {
if ($aValue['key'] == $iCurGroupId) {
$sAlt = $aValue['value'];
}
$aItems[] = array('block_id' => $iBlockId, 'group_id' => $aValue['key'], 'class' => $aValue['key'] == $iCurGroupId ? 'dbPrivacyGroupActive' : 'dbPrivacyGroup', 'title' => $aValue['value']);
}
function __construct($sMode = '', $aParams = array())
{
parent::__construct($sMode, $aParams);
$this->aCurrent = array('name' => 'bx_posts', 'object_metatags' => 'bx_posts', 'title' => _t('_bx_posts_page_title_browse'), 'table' => 'bx_posts_posts', 'ownFields' => array('id', 'title', 'text', 'thumb', 'author', 'added'), 'searchFields' => array('title', 'text'), 'restriction' => array('author' => array('value' => '', 'field' => 'author', 'operator' => '='), 'status' => array('value' => 'active', 'field' => 'status', 'operator' => '=')), 'paginate' => array('perPage' => getParam('bx_posts_per_page_browse'), 'start' => 0), 'sorting' => 'last', 'rss' => array('title' => '', 'link' => '', 'image' => '', 'profile' => 0, 'fields' => array('Guid' => 'link', 'Link' => 'link', 'Title' => 'title', 'DateTimeUTS' => 'added', 'Desc' => 'text')), 'ident' => 'id');
$this->sFilterName = 'bx_posts_filter';
$this->oModule = $this->getMain();
$oProfileAuthor = null;
$CNF =& $this->oModule->_oConfig->CNF;
switch ($sMode) {
case 'author':
bx_import('BxDolProfile');
$oProfileAuthor = BxDolProfile::getInstance((int) $aParams['author']);
if (!$oProfileAuthor) {
$this->isError = true;
break;
}
$this->aCurrent['restriction']['author']['value'] = $oProfileAuthor->id();
$this->sBrowseUrl = 'page.php?i=' . $CNF['URI_AUTHOR_ENTRIES'] . '&profile_id={profile_id}';
$this->aCurrent['title'] = _t('_bx_posts_page_title_browse_by_author');
$this->aCurrent['rss']['link'] = 'modules/?r=posts/rss/' . $sMode . '/' . $oProfileAuthor->id();
break;
case 'public':
bx_import('BxDolPermalinks');
$this->sBrowseUrl = BxDolPermalinks::getInstance()->permalink($CNF['URL_HOME']);
$this->aCurrent['title'] = _t('_bx_posts_page_title_browse_recent');
$this->aCurrent['rss']['link'] = 'modules/?r=posts/rss/' . $sMode;
break;
case 'popular':
bx_import('BxDolPermalinks');
$this->sBrowseUrl = BxDolPermalinks::getInstance()->permalink($CNF['URL_POPULAR']);
$this->aCurrent['title'] = _t('_bx_posts_page_title_browse_popular');
$this->aCurrent['rss']['link'] = 'modules/?r=posts/rss/' . $sMode;
$this->aCurrent['sorting'] = 'popular';
break;
case '':
// search results
$this->sBrowseUrl = BX_DOL_SEARCH_KEYWORD_PAGE;
$this->aCurrent['title'] = _t('_bx_posts');
$this->aCurrent['paginate']['perPage'] = 3;
unset($this->aCurrent['rss']);
break;
default:
$sMode = '';
$this->isError = true;
}
// add replaceable markers and replace them
if ($oProfileAuthor) {
$this->addMarkers($oProfileAuthor->getInfo());
// profile info is replacable
$this->addMarkers(array('profile_id' => $oProfileAuthor->id()));
// profile id is replacable
$this->addMarkers(array('display_name' => $oProfileAuthor->getDisplayName()));
// profile display name is replacable
}
$this->sBrowseUrl = $this->_replaceMarkers($this->sBrowseUrl);
$this->aCurrent['title'] = $this->_replaceMarkers($this->aCurrent['title']);
// add conditions for private content
bx_import('BxDolPrivacy');
$oPrivacy = BxDolPrivacy::getObjectInstance($CNF['OBJECT_PRIVACY_VIEW']);
$a = $oPrivacy ? $oPrivacy->getContentPublicAsCondition($oProfileAuthor ? $oProfileAuthor->id() : 0) : array();
if (isset($a['restriction'])) {
$this->aCurrent['restriction'] = array_merge($this->aCurrent['restriction'], $a['restriction']);
}
if (isset($a['join'])) {
$this->aCurrent['join'] = array_merge($this->aCurrent['join'], $a['join']);
}
$this->setProcessPrivateContent(false);
}
/**
* Constructor
*/
function BxBlogsPrivacy(&$oModule)
{
parent::BxDolPrivacy('bx_blogs_posts', 'PostID', 'OwnerID');
}
/**
* Constructor
*/
function __construct(&$oModule)
{
parent::__construct('bx_ads_main', 'ID', 'IDProfile');
}
function getBlockCode_Privacy()
{
$oPrivacy = new BxDolPrivacy('sys_page_compose_privacy', 'id', 'user_id');
$this->aFormPrivacy['inputs']['allow_view_to'] = $oPrivacy->getGroupChooser(getLoggedId(), 'profile', 'view');
$this->aFormPrivacy['inputs']['allow_view_to']['value'] = (string) $this->aProfiles[0]['allow_view_to'];
$oForm = new BxTemplFormView($this->aFormPrivacy);
$oForm->initChecker();
if ($oForm->isSubmittedAndValid()) {
$iProfileId = (int) $_POST['profile_id'];
$iAllowViewTo = (int) $_POST['allow_view_to'];
if ((int) db_res("UPDATE `Profiles` SET `allow_view_to`='" . $iAllowViewTo . "' WHERE `ID`='" . $iProfileId . "' LIMIT 1") > 0) {
$sStatusText = '_Save profile successful';
}
}
if ($sStatusText) {
$sStatusText = MsgBox(_t($sStatusText), 3);
}
return $sStatusText . $oForm->getCode();
}
