function getProfileInfoExtra() { $oPrivacy = new BxDolPrivacy('sys_page_compose_privacy', 'id', 'user_id'); $aRet = array(); $r = db_res("SELECT `pc`.`Caption`, `pc`.`Content`, `pc`.`Func`, `pc`.`ID` AS `BlockID`\n FROM `sys_profile_fields` AS `pf` \n INNER JOIN `sys_page_compose` AS `pc` \n ON ((`pc`.`Func` = 'PFBlock' AND `pc`.`Content` = `pf`.`ID`) OR (`pc`.`Func` = 'GeneralInfo' AND " . BX_BLOCK_GENERALINFO . " = `pf`.`ID`) OR (`pc`.`Func` = 'AdditionalInfo' AND " . BX_BLOCK_ADDITIONALINFO . " = `pf`.`ID`))\n WHERE `pc`.`Page` = 'profile_info' AND `pf`.`Type` = 'block' AND `pc`.`Column` != 0 \n ORDER BY `pc`.`Column`, `pc`.`Order`"); while ($a = $r->fetch()) { $iPrivacyId = (int) $GLOBALS['MySQL']->getOne("SELECT `id` FROM `sys_page_compose_privacy` WHERE `user_id`='" . $this->_iProfileID . "' AND `block_id`='" . $a['BlockID'] . "' LIMIT 1"); if ($iPrivacyId != 0 && !$oPrivacy->check('view_block', $iPrivacyId, $this->_iViewerId)) { continue; } switch ($a['Func']) { case 'GeneralInfo': $i = BX_BLOCK_GENERALINFO; break; case 'AdditionalInfo': $i = BX_BLOCK_ADDITIONALINFO; break; default: $i = $a['Content']; } $aBlock = $this->getProfileInfoBlock($a['Caption'], $i); if (false === $aBlock) { continue; } $aRet[] = $aBlock; } if ($this->_iViewerId == $this->_iProfileID) { $aOwnInfo[] = new xmlrpcval(array('Caption' => new xmlrpcval(_t('_E-mail')), 'Type' => new xmlrpcval('text'), 'Value1' => new xmlrpcval($this->_aProfile['Email'])), "struct"); $aOwnInfo[] = new xmlrpcval(array('Caption' => new xmlrpcval(_t('_Membership2')), 'Type' => new xmlrpcval('text'), 'Value1' => new xmlrpcval(strip_tags(GetMembershipStatus($this->_iProfileID, false, false)))), "struct"); $aOwnInfo[] = new xmlrpcval(array('Caption' => new xmlrpcval(_t('_Status')), 'Type' => new xmlrpcval('text'), 'Value1' => new xmlrpcval(_t('__' . $this->_aProfile['Status']))), "struct"); $aRet[] = new xmlrpcval(array('Info' => new xmlrpcval($aOwnInfo, "array"), 'Title' => new xmlrpcval(_t('_Account Info'))), "struct"); } return new xmlrpcval($aRet, "array"); }
function BxBaseAlbumForm($sType, $iAlbum = 0) { $this->iOwnerId = (int) $_COOKIE['memberID']; if ($this->iOwnerId == 0) { return; } $this->iAlbumId = (int) $iAlbum; $this->sType = strip_tags($sType); $oPrivacy = new BxDolPrivacy('sys_albums', 'ID', 'Owner'); $aPrivField = $oPrivacy->getGroupChooser($this->iOwnerId, 'sys_albums', 'view'); $this->aForm = array('form_attrs' => array('name' => 'form_album', 'action' => '', 'method' => 'post', 'enctype' => 'multipart/form-data'), 'params' => array('db' => array('table' => 'sys_albums', 'key' => 'ID', 'uri' => 'Uri', 'uri_title' => 'Caption', 'submit_name' => 'save')), 'inputs' => array('Caption' => array('type' => 'text', 'name' => 'Caption', 'caption' => _t('_sys_album_caption_capt'), 'required' => true, 'checker' => array('func' => 'length', 'params' => array(3, 128), 'error' => _t('_sys_album_err_capt')), 'db' => array('pass' => 'Xss'), 'display' => true), 'Location' => array('type' => 'text', 'name' => 'Location', 'caption' => _t('_sys_album_caption_loc'), 'db' => array('pass' => 'Xss'), 'display' => true), 'Description' => array('type' => 'textarea', 'name' => 'Description', 'caption' => _t('_sys_album_caption_desc'), 'required' => true, 'html' => false, 'checker' => array('func' => 'length', 'params' => array(3, 255), 'error' => _t('_sys_album_err_desc')), 'db' => array('pass' => 'Xss')), 'allow_view_to' => $aPrivField, 'Type' => array('type' => 'hidden', 'name' => 'Type', 'db' => array('pass' => 'Xss'), 'value' => $this->sType), 'Control' => array('type' => 'input_set', 0 => array('type' => 'submit', 'name' => 'save', 'value' => _t("_sys_album_create")), 1 => array('type' => 'reset', 'name' => 'cancel', 'value' => _t("_sys_album_cancel"))))); $iAlbum = (int) $iAlbum; if ($this->iAlbumId > 0) { $oAlbum = new BxDolAlbums($this->sType); $this->aInfo = $oAlbum->getAlbumInfo(array('fileId' => $iAlbum)); if ($this->iOwnerId != $this->aInfo['Owner']) { return; } $this->aForm['inputs']['Control'] = array('type' => 'input_set', 'colspan' => true, 0 => array('type' => 'submit', 'name' => 'save', 'value' => _t("_sys_album_save_changes")), 1 => array('type' => 'submit', 'name' => 'delete', 'value' => _t("_sys_album_delete")), 2 => array('type' => 'submit', 'name' => 'launch', 'value' => _t("_sys_album_add")), 3 => array('type' => 'submit', 'name' => 'launch', 'value' => _t("_sys_album_edit_items")), 4 => array('type' => 'submit', 'name' => 'launch', 'value' => _t("_sys_album_organize")), 5 => array('type' => 'reset', 'name' => 'cancel', 'value' => _t("_sys_album_cancel"))); foreach ($this->aForm['inputs'] as $sKey => $aValue) { if ($sKey != 'Control') { $this->aForm['inputs'][$sKey]['value'] = $this->aInfo[$sKey]; } } } }
function genBlock($iBlockID, $aBlock, $bStatic = true, $sDynamicType = 'tab') { //--- Privacy for Profile page ---// $oPrivacy = new BxDolPrivacy('sys_page_compose_privacy', 'id', 'user_id'); $iPrivacyId = (int) $GLOBALS['MySQL']->getOne("SELECT `id` FROM `sys_page_compose_privacy` WHERE `user_id`='" . $this->oProfileGen->_iProfileID . "' AND `block_id`='" . $iBlockID . "' LIMIT 1"); if ($iPrivacyId != 0 && !$oPrivacy->check('view_block', $iPrivacyId, $this->iMemberID)) { return false; } //--- Privacy for Profile page ---// return parent::genBlock($iBlockID, $aBlock, $bStatic, $sDynamicType); }
function BxDolTextData(&$oModule) { $this->_oModule = $oModule; $this->_iOwnerId = BxDolTextData::getAuthorId(); $oCategories = new BxDolCategories(); $oCategories->getTagObjectConfig(); $this->_aForm = array('form_attrs' => array('id' => 'text_data', 'name' => 'text_data', 'action' => bx_html_attribute($_SERVER['PHP_SELF']), 'method' => 'post', 'enctype' => 'multipart/form-data'), 'params' => array('db' => array('table' => '', 'key' => 'id', 'uri' => 'uri', 'uri_title' => 'caption', 'submit_name' => 'post')), 'inputs' => array('author_id' => array('type' => 'hidden', 'name' => 'author_id', 'value' => $this->_iOwnerId, 'db' => array('pass' => 'Int')), 'caption' => array('type' => 'text', 'name' => 'caption', 'caption' => _t("_td_caption"), 'value' => '', 'required' => 1, 'checker' => array('func' => 'length', 'params' => array(3, 64), 'error' => _t('_td_err_incorrect_length')), 'db' => array('pass' => 'Xss')), 'snippet' => array('type' => 'textarea', 'html' => 0, 'name' => 'snippet', 'caption' => _t("_td_snippet"), 'value' => '', 'required' => 1, 'checker' => array('func' => 'length', 'params' => array(3, 200), 'error' => _t('_td_err_incorrect_length')), 'db' => array('pass' => 'Xss')), 'content' => array('type' => 'textarea', 'html' => 2, 'name' => 'content', 'caption' => _t("_td_content"), 'value' => '', 'required' => 1, 'checker' => array('func' => 'length', 'params' => array(3, 65536), 'error' => _t('_td_err_incorrect_length')), 'db' => array('pass' => 'XssHtml')), 'when' => array('type' => 'datetime', 'name' => 'when', 'caption' => _t("_td_date"), 'value' => date('Y-m-d H:i'), 'required' => 1, 'checker' => array('func' => 'DateTime', 'error' => _t('_td_err_empty_value')), 'db' => array('pass' => 'DateTime')), 'tags' => array('type' => 'text', 'name' => 'tags', 'caption' => _t("_td_tags"), 'value' => '', 'required' => 1, 'checker' => array('func' => 'length', 'params' => array(3, 64), 'error' => _t('_td_err_incorrect_length')), 'info' => _t('_sys_tags_note'), 'db' => array('pass' => 'Xss')), 'categories' => $oCategories->getGroupChooser($this->_oModule->_oConfig->getCategoriesSystemName(), $this->_iOwnerId, true), 'allow_comment_to' => array(), 'allow_vote_to' => array(), 'post' => array('type' => 'submit', 'name' => 'post', 'value' => _t("_td_post")))); if (!empty($this->_iOwnerId)) { $oPrivacy = new BxDolPrivacy(); $sModuleUri = $this->_oModule->_oConfig->getUri(); $this->_aForm['inputs']['allow_comment_to'] = $oPrivacy->getGroupChooser($this->_iOwnerId, $sModuleUri, 'comment'); $this->_aForm['inputs']['allow_vote_to'] = $oPrivacy->getGroupChooser($this->_iOwnerId, $sModuleUri, 'vote'); } }
public function __construct($aOptions, $oTemplate) { parent::__construct($aOptions); if ($oTemplate) { $this->_oTemplate = $oTemplate; } else { $this->_oTemplate = BxDolTemplate::getInstance(); } }
/** * @description : function will generate profile block (used the profile template ); * @return : Html presentation data ; */ function PrintSearhResult($aProfileInfo, $aCoupleInfo = '', $aExtendedKey = null, $sTemplateName = '', $oCustomTemplate = null) { global $site; global $aPreValues; $iVisitorID = getLoggedId(); $bExtMode = !empty($_GET['mode']) && $_GET['mode'] == 'extended' || !empty($_GET['search_result_mode']) && $_GET['search_result_mode'] == 'ext'; $isShowMatchPercent = $bExtMode && $iVisitorID && $iVisitorID != $aProfileInfo['ID'] && getParam('view_match_percent') && getParam('enable_match'); $bPublic = $bExtMode ? bx_check_profile_visibility($aProfileInfo['ID'], $iVisitorID, true) : true; if ($bPublic && $iVisitorID != $aProfileInfo['ID'] && !isAdmin()) { $oPrivacy = new BxDolPrivacy('sys_page_compose_privacy', 'id', 'user_id'); $iBlockID = $GLOBALS['MySQL']->getOne("SELECT `ID` FROM `sys_page_compose` WHERE `Page` = 'profile' AND `Func` = 'Description' AND `Column` != 0"); $iPrivacyId = (int) $GLOBALS['MySQL']->getOne("SELECT `id` FROM `sys_page_compose_privacy` WHERE `user_id`='{$aProfileInfo['ID']}' AND `block_id`='{$iBlockID}' LIMIT 1"); $bPublic = !$iBlockID || !$iPrivacyId || $oPrivacy->check('view_block', $iPrivacyId, $iVisitorID); } $sProfileThumb = get_member_thumbnail($aProfileInfo['ID'], 'none', !$bExtMode, 'visitor'); $sProfileMatch = $isShowMatchPercent ? $GLOBALS['oFunctions']->getProfileMatch($iVisitorID, $aProfileInfo['ID']) : ''; $sProfileNickname = '<a href="' . getProfileLink($aProfileInfo['ID']) . '">' . getNickName($aProfileInfo['ID']) . '</a>'; $sProfileInfo = $GLOBALS['oFunctions']->getUserInfo($aProfileInfo['ID']); $sProfileDesc = $bPublic ? strmaxtextlen($aProfileInfo['DescriptionMe'], 130) : _t('_sys_profile_private_text_title'); $sProfileZodiac = $bPublic && $bExtMode && getParam('zodiac') ? $GLOBALS['oFunctions']->getProfileZodiac($aProfileInfo['DateOfBirth']) : ''; $sProfile2ASc1 = $sProfile2ASc2 = $sProfile2Nick = $sProfile2Desc = $sProfile2Info = $sProfile2Zodiac = ''; if ($aCoupleInfo) { $sProfile2Nick = '<a href="' . getProfileLink($aCoupleInfo['ID']) . '">' . getNickName($aCoupleInfo['ID']) . '</a>'; $sProfile2Info = $GLOBALS['oFunctions']->getUserInfo($aCoupleInfo['ID']); $sProfile2Desc = $bPublic ? strmaxtextlen($aCoupleInfo['DescriptionMe'], 130) : _t('_sys_profile_private_text_title'); $sProfile2Zodiac = $bPublic && $bExtMode && getParam('zodiac') ? $GLOBALS['oFunctions']->getProfileZodiac($aCoupleInfo['DateOfBirth']) : ''; $sProfile2ASc1 = 'float:left;width:31%;margin-right:10px;'; $sProfile2ASc2 = 'float:left;width:31%;display:block;'; } else { $sProfile2ASc2 = 'display:none;'; } $aKeys = array('thumbnail' => $sProfileThumb, 'match' => $sProfileMatch, 'nick' => $sProfileNickname, 'info' => $sProfileInfo, 'i_am_desc' => $sProfileDesc, 'zodiac_sign' => $sProfileZodiac, 'nick2' => $sProfile2Nick, 'info2' => $sProfile2Info, 'i_am_desc2' => $sProfile2Desc, 'zodiac_sign2' => $sProfile2Zodiac, 'add_style_c1' => $sProfile2ASc1, 'add_style_c2' => $sProfile2ASc2); if ($aExtendedKey and is_array($aExtendedKey) and !empty($aExtendedKey)) { foreach ($aExtendedKey as $sKey => $sValue) { $aKeys[$sKey] = $sValue; } } else { $aKeys['ext_css_class'] = ''; } return $oCustomTemplate ? $oCustomTemplate->parseHtmlByName($sTemplateName, $aKeys) : $GLOBALS['oSysTemplate']->parseHtmlByName($sTemplateName, $aKeys); }
protected function addConditionsForPrivateContent($CNF, $oProfileAuthor) { // add conditions for private content $oPrivacy = BxDolPrivacy::getObjectInstance($CNF['OBJECT_PRIVACY_VIEW']); $a = $oPrivacy ? $oPrivacy->getContentPublicAsCondition($oProfileAuthor ? $oProfileAuthor->id() : 0) : array(); if (isset($a['restriction'])) { $this->aCurrent['restriction'] = array_merge($this->aCurrent['restriction'], $a['restriction']); } if (isset($a['join'])) { $this->aCurrent['join'] = array_merge($this->aCurrent['join'], $a['join']); } $this->setProcessPrivateContent(false); }
function getUserInfo($sUser, $sPwd, $sNick, $sLang) { $iIdProfile = BxDolXMLRPCUtil::getIdByNickname($sNick); if (!$iIdProfile || !($iId = BxDolXMLRPCUtil::checkLogin($sUser, $sPwd))) { return new xmlrpcresp(new xmlrpcval(array('error' => new xmlrpcval(1, "int")), "struct")); } BxDolXMLRPCUtil::setLanguage($sLang); if ($iIdProfile != $iId) { // privacy bx_import('BxDolPrivacy'); $oPrivacy = new BxDolPrivacy('Profiles', 'ID', 'ID'); if ($iIdProfile != $iId && !$oPrivacy->check('view', $iIdProfile, $iId)) { return new xmlrpcval('-1'); } // membership $aCheckRes = checkAction($iId, ACTION_ID_VIEW_PROFILES, true, $iIdProfile); if ($aCheckRes[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED) { return new xmlrpcval($aCheckRes[CHECK_ACTION_MESSAGE]); } } $aRet = BxDolXMLRPCUtil::getUserInfo($iIdProfile); return new xmlrpcval($aRet, "struct"); }
protected function _getSqlPartsEventsList($aParams) { $sJoinClause = $sWhereClause = ""; if (isset($aParams['active'])) { $sWhereClause .= $this->prepare("AND `{$this->_sTable}`.`active`=? ", (int) $aParams['active']); } //--- Apply modules or handlers filter $sWhereModuleFilter = ''; if (!empty($aParams['modules']) && is_array($aParams['modules'])) { $sWhereModuleFilter = "AND `" . $this->_sTable . "`.`type` IN (" . $this->implode_escape($aParams['modules']) . ") "; } if ($sWhereModuleFilter == '') { $aHidden = $this->_oConfig->getHandlersHidden(); $sWhereModuleFilter = !empty($aHidden) && is_array($aHidden) ? "AND `" . $this->_sTableHandlers . "`.`id` NOT IN (" . $this->implode_escape($aHidden) . ") " : ""; } if ($sWhereModuleFilter != '') { $sWhereClause .= $sWhereModuleFilter; } //--- Check flag 'New' if (!empty($aParams['new']) && !empty($aParams['owner_id'])) { $sSql = $this->prepare("SELECT `event_id` FROM `" . $this->_sTableEvt2Usr . "` WHERE `user_id`=? LIMIT 1", (int) $aParams['owner_id']); $iId = (int) $this->getOne($sSql); $sWhereClause .= $this->prepare("AND `{$this->_sTable}`.`id`>? ", $iId); } //--- Apply privacy filter $oPrivacy = BxDolPrivacy::getObjectInstance($this->_oConfig->getObject('privacy_view')); $aQueryParts = $oPrivacy->getContentByGroupAsSQLPart(BX_DOL_PG_ALL); $sWhereClause .= $aQueryParts['where'] . " "; //--- Check type if (!empty($aParams['owner_id'])) { switch ($aParams['type']) { case BX_BASE_MOD_NTFS_TYPE_OWNER: $sWhereClause .= $this->prepare("AND `{$this->_sTable}`.`owner_id`=? ", $aParams['owner_id']); break; case BX_BASE_MOD_NTFS_TYPE_OBJECT_OWNER: $sWhereClause .= $this->prepare("AND `{$this->_sTable}`.`owner_id`<>`{$this->_sTable}`.`object_owner_id` AND `{$this->_sTable}`.`object_owner_id`=? ", $aParams['owner_id']); break; case BX_BASE_MOD_NTFS_TYPE_CONNECTIONS: $oConnection = BxDolConnection::getObjectInstance($this->_oConfig->getObject('conn_subscriptions')); $aQueryParts = $oConnection->getConnectedContentAsSQLParts($this->_sPrefix . "events", 'owner_id', $aParams['owner_id']); $sJoinClause .= ' ' . $aQueryParts['join']; break; } } return array($sJoinClause, $sWhereClause); }
public function __construct($aInfo, $oTemplate = false) { parent::__construct($aInfo, $oTemplate); $CNF =& $this->_oModule->_oConfig->CNF; if (isset($this->aInputs[$CNF['FIELD_TEXT']])) { $this->aInputs[$CNF['FIELD_TEXT']]['attrs'] = array_merge(array('id' => $CNF['FIELD_TEXT_ID']), is_array($this->aInputs[$CNF['FIELD_TEXT']]['attrs']) ? $this->aInputs[$CNF['FIELD_TEXT']]['attrs'] : array()); } if (isset($this->aInputs[$CNF['FIELD_PHOTO']])) { $this->aInputs[$CNF['FIELD_PHOTO']]['storage_object'] = $CNF['OBJECT_STORAGE']; $this->aInputs[$CNF['FIELD_PHOTO']]['uploaders'] = array('sys_simple', 'sys_html5'); $this->aInputs[$CNF['FIELD_PHOTO']]['images_transcoder'] = $CNF['OBJECT_IMAGES_TRANSCODER_PREVIEW']; $this->aInputs[$CNF['FIELD_PHOTO']]['multiple'] = true; $this->aInputs[$CNF['FIELD_PHOTO']]['content_id'] = 0; $this->aInputs[$CNF['FIELD_PHOTO']]['ghost_template'] = ''; } if (isset($this->aInputs[$CNF['FIELD_ALLOW_VIEW_TO']])) { bx_import('BxDolPrivacy'); $this->aInputs[$CNF['FIELD_ALLOW_VIEW_TO']] = BxDolPrivacy::getGroupChooser($CNF['OBJECT_PRIVACY_VIEW']); } }
/** * Constructor */ function __construct(&$oModule) { parent::__construct('bx_blogs_posts', 'PostID', 'OwnerID'); }
/** * Check profile existing, membership/acl, profile status and privacy. * If some of visibility options are not allowed then appropritate page is shown and exit called. * @param $iViewedId viewed member id * @param $iViewerId viewer member id * @return nothing */ function bx_check_profile_visibility($iViewedId, $iViewerId = 0, $bReturn = false) { global $logged, $site, $_page, $_page_cont, $p_arr; // check if profile exists if (!$iViewedId) { if ($bReturn) { return false; } $GLOBALS['oSysTemplate']->displayPageNotFound(); exit; } // check if viewer can view profile $bPerform = $iViewedId == $iViewerId ? FALSE : TRUE; $check_res = checkAction($iViewerId, ACTION_ID_VIEW_PROFILES, $bPerform, $iViewedId); if ($check_res[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED && !$logged['admin'] && !$logged['moderator'] && $iViewerId != $iViewedId) { if ($bReturn) { return false; } $_page['header'] = "{$site['title']} " . _t("_Member Profile"); $_page['header_text'] = "{$site['title']} " . _t("_Member Profile"); $_page['name_index'] = 0; $_page_cont[0]['page_main_code'] = MsgBox($check_res[CHECK_ACTION_MESSAGE]); PageCode(); exit; } bx_import('BxBaseProfileView'); $oProfile = new BxBaseProfileGenerator($iViewedId); $p_arr = $oProfile->_aProfile; // check if viewed member is active if (!($p_arr['ID'] && ($logged['admin'] || $logged['moderator'] || $oProfile->owner || $p_arr['Status'] == 'Active'))) { if ($bReturn) { return false; } header("HTTP/1.1 404 Not Found"); $GLOBALS['oSysTemplate']->displayMsg(_t("_Profile NA")); exit; } // check privacy if (!$logged['admin'] && !$logged['moderator'] && $iViewerId != $iViewedId) { $oPrivacy = new BxDolPrivacy('Profiles', 'ID', 'ID'); if (!$oPrivacy->check('view', $iViewedId, $iViewerId)) { if ($bReturn) { return false; } bx_import('BxDolProfilePrivatePageView'); $oProfilePrivateView = new BxDolProfilePrivatePageView($oProfile, $site, $dir); $_page['name_index'] = 7; $_page_cont[7]['page_main_code'] = $oProfilePrivateView->getCode(); PageCode(); exit; } } if ($bReturn) { return true; } }
/** * Get Select element with available groups. * * @param string $sObject privacy object name. * @param integer $iOwnerId object's owner ID. * @param array $aParams an array of custom selector's params (dynamic_groups - an array of arrays('key' => group_id, 'value' => group_title), title - the title to be used for generated field). * @return an array with Select element description. */ public static function getGroupChooser($sObject, $iOwnerId = 0, $aParams = array()) { $oPrivacy = BxDolPrivacy::getObjectInstance($sObject); if (empty($oPrivacy)) { return array(); } $sModule = $oPrivacy->_aObject['module']; $sAction = $oPrivacy->_aObject['action']; if ($iOwnerId == 0) { $iOwnerId = bx_get_logged_profile_id(); } $sValue = $oPrivacy->_oDb->getDefaultGroupByUser($sModule, $sAction, $iOwnerId); if (empty($sValue)) { $sValue = $oPrivacy->_oDb->getDefaultGroup($sModule, $sAction); } $aValues = array(); $aGroups = $oPrivacy->_oDb->getGroupsBy(array('type' => 'active')); foreach ($aGroups as $aGroup) { if ((int) $aGroup['active'] == 0) { continue; } $aValues[] = array('key' => $aGroup['id'], 'value' => _t($aGroup['title'])); } if (isset($aParams['dynamic_groups']) && is_array($aParams['dynamic_groups'])) { $aValues = array_merge($aValues, $aParams['dynamic_groups']); } $sName = self::getFieldName($sAction); $sTitle = isset($aParams['title']) && !empty($aParams['title']) ? $aParams['title'] : ''; if (empty($sTitle)) { $sTitle = $oPrivacy->_oDb->getTitle($sModule, $sAction); $sTitle = _t(!empty($sTitle) ? $sTitle : '_' . $sName); } return array('type' => 'select', 'name' => $sName, 'caption' => $sTitle, 'value' => $sValue, 'values' => $aValues, 'checker' => array('func' => 'avail', 'error' => _t('_ps_ferr_incorrect_select')), 'db' => array('pass' => 'Int')); }
/** * Constructor */ function BxPhotosPrivacy($sTable = 'bx_photos_main', $sId = 'ID', $sOwner = 'Owner') { parent::BxDolPrivacy($sTable, $sId, $sOwner); }
/** * Get location array * @param $sPart module/part name * @param $iEntryId entry's id which location is edited * @param $iViewer viewer profile id * @return false - location undefined, -1 - access denied, array - all good */ function serviceGetLocation($sPart, $iEntryId, $iViewer = false) { if (false === $iViewer) { $iViewer = getLoggedId(); } if ('profiles' == $sPart) { if (!bx_check_profile_visibility($iEntryId, $iViewer, true)) { return -1; } } else { bx_import('BxDolPrivacy'); $oPrivacy = new BxDolPrivacy($this->_aParts[$sPart]['join_table'], $this->_aParts[$sPart]['join_field_id'], $this->_aParts[$sPart]['join_field_author']); if (!$oPrivacy->check('view', $iEntryId, $iViewer)) { return -1; } } $aLocation = $this->_oDb->getDirectLocation($iEntryId, $this->_aParts[$sPart]); if (!$aLocation || !$aLocation['lat'] && $aLocation['lng']) { return false; } if (false === $aLocation['zoom'] || -1 == $aLocation['zoom']) { $aLocation['zoom'] = getParam("bx_wmap_edit_{$sPart}_zoom"); } if (!$aLocation['type']) { $aLocation['type'] = getParam("bx_wmap_edit_{$sPart}_map_type"); } return $aLocation; }
/** * Constructor */ function BxEventsPrivacy(&$oModule) { $this->oModule = $oModule; parent::BxDolPrivacy($oModule->_oDb->_sPrefix . 'main', 'ID', 'ResponsibleID'); }
/** * Constructor */ function BxSoundsPrivacy($sTable = 'RayMp3Files', $sId = 'ID', $sOwner = 'Owner') { parent::BxDolPrivacy($sTable, $sId, $sOwner); }
/** * Constructor */ function __construct(&$oModule) { parent::__construct($oModule->_oDb->getPrefix() . 'product_files', 'id', 'author_id'); }
/** * Constructor */ function __construct(&$oModule) { parent::__construct($oModule->_oDb->sTablePrefix . 'privacy', 'author_id', 'author_id'); }
exit; } // Check if member can view profile $check_res = checkAction($memberID, ACTION_ID_VIEW_PROFILES, true, $profileID); if ($check_res[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED && !$logged['admin'] && !$logged['moderator'] && $memberID != $profileID) { $_page['header'] = "{$site['title']} " . _t("_Member Profile"); $_page['header_text'] = "{$site['title']} " . _t("_Member Profile"); $_page['name_index'] = 0; $_page_cont[0]['page_main_code'] = MsgBox($check_res[CHECK_ACTION_MESSAGE]); PageCode(); exit; } $oProfile = new BxBaseProfileGenerator($profileID); if (!$logged['admin'] && !$logged['moderator'] && $memberID != $profileID) { //Check privacy $oPrivacy = new BxDolPrivacy('Profiles', 'ID', 'ID'); if (!$oPrivacy->check('view', $profileID, $memberID)) { $_page['name_index'] = 0; $_page['header'] = "{$site['title']} " . _t("_Member Profile"); $_page['header_text'] = "{$site['title']} " . _t("_Member Profile"); $_page_cont[0]['page_main_code'] = MsgBox(_t('_INVALID_ROLE')); PageCode(); exit; } } $oProfile->oCmtsView->getExtraCss(); $oProfile->oCmtsView->getExtraJs(); $oProfile->oVotingView->getExtraJs(); $p_arr = $oProfile->_aProfile; if (!($p_arr['ID'] && ($logged['admin'] || $logged['moderator'] || $oProfile->owner || $p_arr['Status'] == 'Active'))) { header("HTTP/1.1 404 Not Found");
/** * @return CHECK_ACTION_RESULT_ALLOWED if access is granted or error message if access is forbidden. So make sure to make strict(===) checking. */ public function checkAllowedView($aDataEntry, $isPerformAction = false) { $CNF =& $this->_oConfig->CNF; // moderator and owner always have access if ($aDataEntry[$CNF['FIELD_AUTHOR']] == $this->_iProfileId || $this->_isModerator($isPerformAction)) { return CHECK_ACTION_RESULT_ALLOWED; } // check ACL $aCheck = checkActionModule($this->_iProfileId, 'view entry', $this->getName(), $isPerformAction); if ($aCheck[CHECK_ACTION_RESULT] !== CHECK_ACTION_RESULT_ALLOWED) { return $aCheck[CHECK_ACTION_MESSAGE]; } // check privacy if (!empty($CNF['OBJECT_PRIVACY_VIEW'])) { bx_import('BxDolPrivacy'); $oPrivacy = BxDolPrivacy::getObjectInstance($CNF['OBJECT_PRIVACY_VIEW']); if ($oPrivacy && !$oPrivacy->check($aDataEntry[$CNF['FIELD_ID']])) { return _t('_sys_access_denied_to_private_content'); } } return CHECK_ACTION_RESULT_ALLOWED; }
/** * Constructor */ function BxSimpleMessengerPrivacy(&$oModule) { parent::BxDolPrivacy($oModule->_oDb->sTablePrefix . 'privacy', 'author_id', 'author_id'); }
/** * Class constructor; */ function __construct(&$oModule) { parent::__construct($oModule->_oDb->sTablePrefix . 'data', 'id_poll', 'id_profile'); }
/** * Constructor */ function BxStorePrivacyProduct(&$oModule) { $this->oModule = $oModule; parent::BxDolPrivacy($oModule->_oDb->getPrefix() . 'products', 'id', 'author_id'); }
function _checkUserPrivacy($iId, $iIdProfile) { $mixedAccessDenied = false; if ($iIdProfile != $iId) { // membership $aCheckRes = checkAction($iId, ACTION_ID_VIEW_PROFILES, true, $iIdProfile); if ($aCheckRes[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED) { $mixedAccessDenied = strip_tags($aCheckRes[CHECK_ACTION_MESSAGE]); } // privacy if (false === $mixedAccessDenied) { bx_import('BxDolPrivacy'); $oPrivacy = new BxDolPrivacy('Profiles', 'ID', 'ID'); if ($iIdProfile != $iId && !$oPrivacy->check('view', $iIdProfile, $iId)) { $mixedAccessDenied = '-1'; } } } bx_import('BxDolAlerts'); $oZ = new BxDolAlerts('mobile', 'view_profile', $iIdProfile, $iId, array('access_denied' => &$mixedAccessDenied)); $oZ->alert(); if (false !== $mixedAccessDenied) { return new xmlrpcval($mixedAccessDenied); } return true; }
require_once 'inc/header.inc.php'; require_once BX_DIRECTORY_PATH_INC . 'design.inc.php'; bx_import('BxDolPrivacy'); bx_import('BxTemplPrivacyView'); check_logged(); if (!isLogged()) { login_form(); exit; } $iId = getLoggedId(); $oPrivacyView = new BxTemplPrivacyView($iId); if (isset($_POST['ps_action']) && $_POST['ps_action'] == 'get_chooser' && $iId != 0) { $sPageName = (int) $_POST['ps_page_name']; $iProfileId = (int) $_POST['ps_profile_id']; $iBlockId = (int) $_POST['ps_block_id']; $oPrivacy = new BxDolPrivacy('sys_page_compose_privacy', 'id', 'user_id'); $sCode = ""; $iMemberId = getLoggedId(); if ($iMemberId == $iProfileId) { $aSelect = $oPrivacy->getGroupChooser($iMemberId, $sPageName, 'view_block'); $iCurGroupId = (int) $GLOBALS['MySQL']->getOne("SELECT `allow_view_block_to` FROM `sys_page_compose_privacy` WHERE `user_id`='" . $iMemberId . "' AND `block_id`='" . $iBlockId . "' LIMIT 1"); if ($iCurGroupId == 0) { $iCurGroupId = (int) $aSelect['value']; } $aItems = array(); foreach ($aSelect['values'] as $aValue) { if ($aValue['key'] == $iCurGroupId) { $sAlt = $aValue['value']; } $aItems[] = array('block_id' => $iBlockId, 'group_id' => $aValue['key'], 'class' => $aValue['key'] == $iCurGroupId ? 'dbPrivacyGroupActive' : 'dbPrivacyGroup', 'title' => $aValue['value']); }
function __construct($sMode = '', $aParams = array()) { parent::__construct($sMode, $aParams); $this->aCurrent = array('name' => 'bx_posts', 'object_metatags' => 'bx_posts', 'title' => _t('_bx_posts_page_title_browse'), 'table' => 'bx_posts_posts', 'ownFields' => array('id', 'title', 'text', 'thumb', 'author', 'added'), 'searchFields' => array('title', 'text'), 'restriction' => array('author' => array('value' => '', 'field' => 'author', 'operator' => '='), 'status' => array('value' => 'active', 'field' => 'status', 'operator' => '=')), 'paginate' => array('perPage' => getParam('bx_posts_per_page_browse'), 'start' => 0), 'sorting' => 'last', 'rss' => array('title' => '', 'link' => '', 'image' => '', 'profile' => 0, 'fields' => array('Guid' => 'link', 'Link' => 'link', 'Title' => 'title', 'DateTimeUTS' => 'added', 'Desc' => 'text')), 'ident' => 'id'); $this->sFilterName = 'bx_posts_filter'; $this->oModule = $this->getMain(); $oProfileAuthor = null; $CNF =& $this->oModule->_oConfig->CNF; switch ($sMode) { case 'author': bx_import('BxDolProfile'); $oProfileAuthor = BxDolProfile::getInstance((int) $aParams['author']); if (!$oProfileAuthor) { $this->isError = true; break; } $this->aCurrent['restriction']['author']['value'] = $oProfileAuthor->id(); $this->sBrowseUrl = 'page.php?i=' . $CNF['URI_AUTHOR_ENTRIES'] . '&profile_id={profile_id}'; $this->aCurrent['title'] = _t('_bx_posts_page_title_browse_by_author'); $this->aCurrent['rss']['link'] = 'modules/?r=posts/rss/' . $sMode . '/' . $oProfileAuthor->id(); break; case 'public': bx_import('BxDolPermalinks'); $this->sBrowseUrl = BxDolPermalinks::getInstance()->permalink($CNF['URL_HOME']); $this->aCurrent['title'] = _t('_bx_posts_page_title_browse_recent'); $this->aCurrent['rss']['link'] = 'modules/?r=posts/rss/' . $sMode; break; case 'popular': bx_import('BxDolPermalinks'); $this->sBrowseUrl = BxDolPermalinks::getInstance()->permalink($CNF['URL_POPULAR']); $this->aCurrent['title'] = _t('_bx_posts_page_title_browse_popular'); $this->aCurrent['rss']['link'] = 'modules/?r=posts/rss/' . $sMode; $this->aCurrent['sorting'] = 'popular'; break; case '': // search results $this->sBrowseUrl = BX_DOL_SEARCH_KEYWORD_PAGE; $this->aCurrent['title'] = _t('_bx_posts'); $this->aCurrent['paginate']['perPage'] = 3; unset($this->aCurrent['rss']); break; default: $sMode = ''; $this->isError = true; } // add replaceable markers and replace them if ($oProfileAuthor) { $this->addMarkers($oProfileAuthor->getInfo()); // profile info is replacable $this->addMarkers(array('profile_id' => $oProfileAuthor->id())); // profile id is replacable $this->addMarkers(array('display_name' => $oProfileAuthor->getDisplayName())); // profile display name is replacable } $this->sBrowseUrl = $this->_replaceMarkers($this->sBrowseUrl); $this->aCurrent['title'] = $this->_replaceMarkers($this->aCurrent['title']); // add conditions for private content bx_import('BxDolPrivacy'); $oPrivacy = BxDolPrivacy::getObjectInstance($CNF['OBJECT_PRIVACY_VIEW']); $a = $oPrivacy ? $oPrivacy->getContentPublicAsCondition($oProfileAuthor ? $oProfileAuthor->id() : 0) : array(); if (isset($a['restriction'])) { $this->aCurrent['restriction'] = array_merge($this->aCurrent['restriction'], $a['restriction']); } if (isset($a['join'])) { $this->aCurrent['join'] = array_merge($this->aCurrent['join'], $a['join']); } $this->setProcessPrivateContent(false); }
/** * Constructor */ function BxBlogsPrivacy(&$oModule) { parent::BxDolPrivacy('bx_blogs_posts', 'PostID', 'OwnerID'); }
/** * Constructor */ function __construct(&$oModule) { parent::__construct('bx_ads_main', 'ID', 'IDProfile'); }
function getBlockCode_Privacy() { $oPrivacy = new BxDolPrivacy('sys_page_compose_privacy', 'id', 'user_id'); $this->aFormPrivacy['inputs']['allow_view_to'] = $oPrivacy->getGroupChooser(getLoggedId(), 'profile', 'view'); $this->aFormPrivacy['inputs']['allow_view_to']['value'] = (string) $this->aProfiles[0]['allow_view_to']; $oForm = new BxTemplFormView($this->aFormPrivacy); $oForm->initChecker(); if ($oForm->isSubmittedAndValid()) { $iProfileId = (int) $_POST['profile_id']; $iAllowViewTo = (int) $_POST['allow_view_to']; if ((int) db_res("UPDATE `Profiles` SET `allow_view_to`='" . $iAllowViewTo . "' WHERE `ID`='" . $iProfileId . "' LIMIT 1") > 0) { $sStatusText = '_Save profile successful'; } } if ($sStatusText) { $sStatusText = MsgBox(_t($sStatusText), 3); } return $sStatusText . $oForm->getCode(); }