/**
* get a list of comments for an RSS feed
*
* @param Object $PAGEDATA The page
*
* @return array array of articles
**/
function Comments_rssHandler($PAGEDATA)
{
$hideComments = isset($PAGEDATA->vars['hide_comments']) && $PAGEDATA->vars['hide_comments'];
if ($hideComments) {
die('comments are hidden');
}
require_once SCRIPTBASE . 'ww.plugins/comments/frontend/libs.php';
$comments = Comments_getListOfComments($PAGEDATA, 'desc', 10);
$items = array();
foreach ($comments as $comment) {
$items[] = array('title' => 'comment by ' . $comment['name'], 'description' => $comment['comment'], 'link' => '//' . $_SERVER['HTTP_HOST'] . $PAGEDATA->getRelativeURL() . '#comments-' . $comment['id'], 'guid' => 'comment-' . $comment['id'], 'pubDate' => Core_dateM2H($comment['cdate'], 'rfc822'));
}
return array('title' => 'Comments for ' . $PAGEDATA->getRelativeURL(), 'link' => '//' . $_SERVER['HTTP_HOST'] . $PAGEDATA->getRelativeURL() . '#comments', 'description' => 'Comments for ' . $PAGEDATA->getRelativeURL(), 'generator' => 'WebME CMS', 'items' => $items);
}
/**
* retrieve HTML summary for a set page
*
* @param int $id ID of the page
*
* @return string HTML summary for a set page
*/
function PageSummaries_getHtml($id)
{
$PAGEDATA = Page::getInstance($id);
global $sitedomain;
$r = dbRow('select * from page_summaries where page_id="' . $PAGEDATA->id . '"');
if (!count($r)) {
return '<em>' . __('This page is marked as a page summary, but there is no ' . 'information on how to handle it.') . '</em>';
}
if ($r['rss']) {
return PageSummaries_rssToHtml($r['rss']);
}
// { build rss
$title = $PAGEDATA->title == '' ? $sitedomain : htmlspecialchars($PAGEDATA->title);
$rss = '<' . '?xml version="1.0" ?' . '><rss version="2.0"><channel><title>' . $title . '</title>';
$rss .= '<link>' . $_SERVER['REQUEST_URI'] . '</link><description>RSS for ' . $PAGEDATA->name . '</description>';
$category = $PAGEDATA->category ? ' and category="' . $PAGEDATA->category . '"' : '';
$containedpages = PageSummaries_getContainedPages($r['parent_id']);
if (count($containedpages)) {
$q2 = dbAll('select edate,name,title,body from pages where id in (' . join(',', $containedpages) . ')' . $category . ' order by cdate desc limit 20');
foreach ($q2 as $r2) {
$rss .= '<item>';
if (!$r2['title']) {
$r2['title'] = $r2['name'];
}
$rss .= '<title>' . htmlspecialchars($r2['title']) . '</title>';
$rss .= '<pubDate>' . Core_dateM2H($r2['edate']) . '</pubDate>';
// { build body
if ($r['amount_to_show'] == 0 || $r['amount_to_show'] == 1) {
$length = $r['amount_to_show'] == 0 ? 300 : 600;
$body = substr(preg_replace('/<[^>]*>/', '', str_replace(array('&', ' ', '‘'), array('&', ' ', '''), $r2['body'])), 0, $length) . '...';
} else {
$body = $r2['body'];
}
$body = str_replace('€', '€', $body);
// }
$rss .= '<description>' . $body . '</description>';
$rss .= '<link>http://' . $_SERVER['HTTP_HOST'] . '/' . urlencode(str_replace(' ', '-', $r2['name'])) . '</link>';
$rss .= '</item>';
}
}
$rss .= '</channel></rss>';
dbQuery('update page_summaries set rss="' . addslashes($rss) . '" where page_id="' . $PAGEDATA->id . '"');
// }
return PageSummaries_rssToHtml($rss);
}
/**
* show the news in Headline mode
*
* @param array $PAGEDATA the page object
*
* @return string HTML of the news
*/
function News_displayHeadlines($PAGEDATA)
{
$items_per_page = isset($PAGEDATA->vars['news_items']) ? $PAGEDATA->vars['news_items'] : 5;
$p = isset($_REQUEST['news_page']) ? (int) $_REQUEST['news_page'] : 0;
if ($p < 0) {
$p = 0;
}
$arr = Core_cacheLoad('pages', 'news-' . $GLOBALS['id'] . '-' . $p . '-' . $items_per_page);
if ($arr === false) {
$order_by = isset($PAGEDATA->vars['news_order']) ? addslashes($PAGEDATA->vars['news_order']) : 'associated_date desc';
$rs = dbAll('select * from pages where parent=' . $GLOBALS['id'] . ' order by ' . $order_by . ',cdate desc limit ' . $p . ',' . $items_per_page);
$num_stories = dbOne('select count(id) as num from pages where parent=' . $GLOBALS['id'], 'num');
Core_cacheSave('pages', 'news-' . $GLOBALS['id'] . '-' . $p . '-' . $items_per_page, array($num_stories, $rs));
} else {
$num_stories = $arr[0];
$rs = $arr[1];
unset($arr);
}
$nextprev = array();
$nextprev[] = '<span class="page_n_of_n">' . __('page %1 of %2', array(1 + floor($p / $items_per_page), ceil($num_stories / $items_per_page)), 'core') . '</span>';
if ($p) {
$nextprev[] = '<a class="prev" href="?news_page=' . ($p - $items_per_page) . '">' . __('Previous Page') . '</a>';
}
if ($p + $items_per_page < $num_stories) {
$nextprev[] = '<a class="next" href="?news_page=' . ($p + $items_per_page) . '">' . __('Next Page') . '</a>';
}
$nextprev = '<div class="nextprev">' . join(' | ', $nextprev) . '</div>';
$html = $nextprev;
$links = array();
foreach ($rs as $r) {
$page = Page::getInstance($r['id'], $r);
$content = isset($PAGEDATA->vars['news_display']) && $PAGEDATA->vars['news_display'] == 'full' ? $page->render() : substr(preg_replace('/<[^>]*>/', '', preg_replace('#<h1>[^<]*</h1>#', '', $page->render())), 0, 600);
$date = isset($PAGEDATA->vars['news_title']) && $PAGEDATA->vars['news_title'] == 'yes' ? '<h2 class="news-header"><a href="' . $page->getRelativeURL() . '">' . htmlspecialchars($page->name) . '</a></h2>' . '<a class="news-date" href="' . $page->getRelativeURL() . '">' . __('posted on %1', array(Core_dateM2H($page->associated_date)), 'core') . '</a>' : '';
if (!isset($page->associated_date) || !$page->associated_date) {
$page->associated_date = $page->cdate;
}
$links[] = $date . '<p class="news-paragraph">' . $content . '...</p>';
}
$html .= join('<div class="news-break"></div>', $links);
$html .= $nextprev;
return $html;
}
/**
* produce a HTML version of the product
*
* @param string $product the product to render
* @param string $template multi-view product or single-view?
* @param boolean $add_wrapper wrap in div.products-product before return
*
* @return string html of the product
*/
function render($product, $template = 'singleview', $add_wrapper = true)
{
global $DBVARS, $PAGEDATA;
$GLOBALS['products_template_used'] = $template;
if (isset($DBVARS['online_store_currency'])) {
$csym = $DBVARS['online_store_currency'];
}
$smarty = Products_setupSmarty();
$smarty->assign('product', $product);
$smarty->assign('product_id', $product->get('id'));
$smarty->assign('_name', __FromJson($product->name));
$smarty->assign('_stock_number', $product->stock_number);
if (!is_array(@$this->data_fields)) {
$this->data_fields = array();
}
$productVals = array();
foreach ($this->data_fields as $f) {
$f->n = preg_replace('/[^a-zA-Z0-9\\-_]/', '_', $f->n);
$val = $product->get($f->n);
$required = @$f->r ? ' required' : '';
switch ($f->t) {
case 'checkbox':
// {
$val = $val ? __('Yes') : __('No');
$smarty->assign($f->n, $val);
break;
// }
// }
case 'colour':
// {
if (@$f->u) {
// user-definable
WW_addScript('/j/mColorPicker/mColorPicker.js');
$h = '<input class="color-picker" ' . 'name="products_values_' . $f->n . '" ' . 'style="height:20px;width:20px;" ' . 'value="' . htmlspecialchars($val) . '" ' . 'data-text="hidden"/>' . '<style>#mColorPickerFooter,#mColorPickerImg{display:none}</style>';
WW_addInlineScript('$(".color-picker")' . '.mColorPicker({"imageFolder":"/j/mColorPicker/images/"});');
} else {
$h = 'TODO';
}
$smarty->assign($f->n, $h);
break;
// }
// }
case 'date':
// {
if (@$f->u) {
// user-definable
$smarty->assign($f->n, '<input class="product-field date ' . $f->n . $required . '" name="' . 'products_values_' . $f->n . '"/>');
$format = @$f->e ? $f->e : 'yy-mm-dd';
$y = date('Y');
WW_addInlineScript('$("input[name=products_values_' . $f->n . ']").datepicker({' . '"dateFormat":"' . $format . '",' . 'changeYear:true,changeMonth:true,yearRange:"1900:' . $y . '"' . '});');
WW_addInlineScript('$("input.hasDatepicker").each(function() {' . 'if (this.value!="") return;' . '$(this).datepicker("setDate", "+0");' . '});');
} else {
$val = Core_dateM2H($val);
$smarty->assign($f->n, $val);
}
break;
// }
// }
case 'hidden':
// {
$smarty->assign($f->n, '<input type="hidden" name="products_values_' . $f->n . '" value="' . htmlspecialchars($val) . '"/>');
break;
// }
// }
case 'selectbox':
// {
if (@$f->u) {
$valid_entries = explode("\n", $val);
foreach ($valid_entries as $k => $v) {
$v = trim($v);
if ($v == '') {
unset($valid_entries[$k]);
} else {
$valid_entries[$k] = $v;
}
}
if (!count($valid_entries)) {
$valid_entries = explode("\n", $f->e);
}
$h = '<select name="products_values_' . $f->n . '" class="' . $required . '">';
$translateable = @$f->tr && 1;
foreach ($valid_entries as $e) {
$e = trim($e);
if ($e == '' || !in_array($e, $valid_entries)) {
continue;
}
$o = $e;
$p = '';
if (strpos($e, '|') !== false) {
$bits = explode('|', $e);
$e = $bits[0];
$p = 'price="' . (int) $bits[1] . '"';
}
$h .= '<option ' . $p . ' value="' . htmlspecialchars($o) . '"';
if ($translateable) {
$h .= ' class="__"';
}
$h .= '>' . htmlspecialchars($e) . '</option>';
}
$h .= '</select>';
} else {
$val = preg_replace('/\\|.*/', '', $val);
$h = $val;
}
$smarty->assign($f->n, $h);
break;
// }
// }
case 'selected-image':
// {
$smarty->assign($f->n, '<input type="hidden" name="products_values_' . $f->n . '" ' . 'class="product-field ' . $f->n . $required . '"/>');
break;
// }
// }
case 'textarea':
// { textarea
if (@$f->u) {
$val = trim(preg_replace('/<[^>]*>/', '', $val));
$smarty->assign($f->n, '<textarea class="product-field ' . $f->n . $required . '" name="products_values_' . $f->n . '">' . htmlspecialchars($val) . '</textarea>');
} else {
$smarty->assign($f->n, $val);
}
break;
// }
// }
case 'user':
// {
$u = User::getInstance($val, false, false);
$val = $u ? $u->get('name') : 'no name';
$smarty->assign($f->n, $val);
break;
// }
// }
default:
// { everything else
if (@$f->u) {
$smarty->assign($f->n, '<input class="product-field ' . $f->n . $required . '" value="' . htmlspecialchars($val) . '" name="products_values_' . $f->n . '"/>');
} else {
$smarty->assign($f->n, $val);
}
// }
}
$productVals[$f->n] = $val;
$PAGEDATA->title = str_replace('{{$' . $f->n . '}}', $val, $PAGEDATA->title);
}
if (isset($PAGEDATA->vars['products_pagedescriptionoverride']) && $PAGEDATA->vars['products_pagedescriptionoverride']) {
$desc = preg_replace('/<[^>]*>/', '', $productVals['description']);
$desc = trim(preg_replace('/\\s+/m', ' ', $desc));
$PAGEDATA->description = substr($desc, 0, 153) . '...';
}
if (isset($product->ean)) {
$smarty->assign('_ean', $product->ean);
}
// { $_name, $_stock_number, $_ean
$PAGEDATA->title = str_replace(array('{{$_name}}', '{{$_stock_number}}', '{{$_ean}}'), array($product->get('_name'), $product->get('_stock_number'), $product->vals['ean']), $PAGEDATA->title);
// }
$html = '';
if ($add_wrapper) {
$classes = array('products-product');
if ($this->stock_control) {
$classes[] = 'stock-control';
}
$html .= '<div class="' . join(' ', $classes) . '" id="products-' . $product->get('id') . '">';
}
$html .= $smarty->fetch(USERBASE . '/ww.cache/products/templates/types_' . $template . '_' . $this->id);
if ($template == 'singleview') {
$PAGEDATA->vars['header_html'] = (isset($PAGEDATA->vars['header_html']) ? $PAGEDATA->vars['header_html'] : '') . '<link rel="canonical" href="' . htmlspecialchars($product->getRelativeUrl()) . '" />';
if ($this->allow_comments) {
$html .= Core_commentsShow('http://' . $_SERVER['HTTP_HOST'] . $product->getRelativeURL());
}
}
if ($add_wrapper) {
$html .= '</div>';
}
return $html;
}
// { dashboard
$c .= '<div id="t-dashboard">';
$sql = 'select users.id as uid,users.name as user, threads.name as thread,' . 'posts.body as body, posts.id as id, posts.created_date as date,' . 'forums.name as forum, forums.moderator_groups as groups' . ' from user_accounts as users, forums_threads as threads, forums_posts ' . 'as posts, forums ' . 'where users.id=posts.author_id and threads.id=posts.thread_id ' . 'and threads.forum_id = forums.id and posts.moderated=0 ' . 'and forums.page_id = ' . $page['id'];
$posts = dbAll($sql);
$c .= '<strong>Posts Requiring Moderation</strong>';
$c .= '<table id="forum-datatable-requires-moderation" class="forum-page-table">' . '<thead>';
$c .= '<tr><th>Date</th>';
$c .= '<th>Author</th>';
$c .= '<th>Forum</th>';
$c .= '<th>Thread</th>';
$c .= '<th>Posts</th>';
$c .= '<th>Moderation</th>';
$c .= '</tr></thead><tbody>';
foreach ($posts as $post) {
$c .= '<tr id="post-for-moderation-' . $post['id'] . '">';
$c .= '<td>' . Core_dateM2H($post['date']) . '</td>';
$c .= '<td>' . htmlspecialchars($post['user']) . '</td>';
$c .= '<td>' . htmlspecialchars($post['forum']) . '</td>';
$c .= '<td>' . htmlspecialchars($post['thread']) . '</td>';
$c .= '<td>' . htmlspecialchars($post['body']) . '</td>';
$c .= '<td>';
$c .= '<a class="approve" id="approve_' . $post['id'] . '" ' . 'href="javascript:;">Approve</a><br />' . '<a class="delete" id="delete_' . $post['id'] . '" ' . 'href="javascript:;">Delete</a>';
$c .= '</td></tr>';
}
$c .= '</tbody></table></div>';
// }
// { forums
$c .= '<div id="t-forums">';
$forums = dbAll('select name, id from forums where page_id = ' . $page['id']);
$groups = dbAll('select name, id from groups');
$c .= '<table id="forum-moderators-table">';
/**
* display a specific thread
*
* @param object &$PAGEDATA the page object
* @param int &$id the thread's ID
*
* @return string HTML of the forum creation tool
*/
function Forum_showThread(&$PAGEDATA, &$id)
{
require_once SCRIPTBASE . 'ww.incs/bb2html.php';
WW_addCSS('/ww.plugins/forum/frontend/forum.css');
$script = '$(function(){$(".ratings").ratings();});';
WW_addScript('ratings/ratings.js');
WW_addInlineScript($script);
$thread = dbRow('select * from forums_threads where id=' . $id);
$forum_id = $thread['forum_id'];
if (!$thread || !count($thread)) {
return '<em class="error">Error: this thread does not exist!</em>';
}
$c = Forum_getForumBreadcrumbs($PAGEDATA, $thread['forum_id']) . ' » <a href="' . $PAGEDATA->getRelativeUrl() . '?forum-f=' . $forum_id . '&forum-t=' . $id . '">' . htmlspecialchars($thread['name']) . '</a>';
$c .= '<table id="forum-posts"><tr><th>Author</th><th>Post</th></tr>';
$posts = dbAll('select * from forums_posts where thread_id=' . $id . ' and moderated = 1 order by created_date');
foreach ($posts as $post) {
$user = User::getInstance($post['author_id']);
if ($user) {
$user_name = $user->get('name');
$user_id = $post['author_id'];
$user_email = $user->get('email');
} else {
$user_name = 'unknown';
$user_id = 0;
$user_email = '';
}
$c .= '<tr p-data=\'({"id":' . $post['id'] . ',"cdate":"' . $post['created_date'] . '"' . ',"uid":' . $post['author_id'] . '})\'>' . '<td class="user-details"><a name="forum-c-' . $post['id'] . '"></a>' . htmlspecialchars($user_name) . '</td>' . '<td><div class="post-header">Posted: ' . Core_dateM2H($post['created_date'], 'datetime') . '</div></td></tr>';
$count_posts = $user_id ? dbOne('select count(id) from forums_posts where author_id=' . $user->get('id'), 'count(id)') : 0;
$emailHash = md5(trim(strtolower($user_email)));
$c .= '<tr><td><img class="avatar" data-uid="' . $user_id . '" />' . '<span>Posts: ' . $count_posts . '</span>' . '<p>Helpfulness:' . '<span class="ratings" id="forum_user_' . $user_email . '"' . ' type="forum_user">rating</span></p>';
$c .= '</td><td class="post">' . bb2html($post['body']) . '</td></tr>';
}
$c .= '</table>';
// { post form
if (isset($_SESSION['userdata']) && $_SESSION['userdata']['id']) {
$c .= '<div id="forum-post-submission-form"><script defer="defer">var forum_id=' . $forum_id . ',forum_thread_id=' . $id . ';</script></div>';
WW_addScript('//cdn.ckeditor.com/4.4.3/standard/ckeditor.js');
WW_addScript('//cdn.ckeditor.com/4.4.3/standard/adapters/jquery.js');
WW_addScript('forum/frontend/forum.js');
} else {
$c .= '<div class="forum-not-logged-in">In order to post to this thread,' . ' you must <a href="/_r?type=loginpage">login' . '</a> first.</div>';
}
// }
return $c;
}
$history = array();
$orders = dbAll('select meta,id,status,total,user_id,date_created from online_store_orders' . ' order by date_created desc');
foreach ($orders as $order) {
if ($order['user_id'] != 0 && $order['user_id'] == $user['id']) {
array_push($history, $order);
}
}
if (count($history) == 0) {
return $html .= '<p><i>No recent orders</i></p>';
}
WW_addScript('online-store/frontend/user-profile.js');
$html .= '<table id="online_store_orders">
<tr>
<th>' . __('Date', 'core') . '</th>
<th>' . __('Amount', 'core') . '</th>
<th>' . __('Status', 'core') . '</th>
<th>' . __('Invoice', 'core') . '</th>
</tr>';
foreach ($history as $order) {
$status = $order['status'] == 1 ? 'Paid' : 'Unpaid';
$meta = json_decode($order['meta'], true);
$oid = $order['id'];
$html .= '<tr>' . '<td>' . Core_dateM2H($order['date_created']) . '</td>' . '<td>' . $order['total'] . '</td>' . '<td>' . $status . '</td>' . '<td>' . '<a href="' . $PAGEDATA->getRelativeUrl() . '?onlinestore_iid=' . $oid . '">' . __('Details') . '</a> | ';
if (isset($meta['invoice-type']) && $meta['invoice-type'] == 'pdf') {
$html .= '<a href="javascript:os_invoice(' . $oid . ', \'pdf\', true)">PDF</a>';
} else {
$html .= '<a href="javascript:os_invoice(' . $oid . ', \'html\')">' . __('Invoice') . '</a>' . ' (<a href="javascript:os_invoice(' . $oid . ', \'html\', true)">' . __('print') . '</a> | ' . '<a href="javascript:os_invoice(' . $oid . ', \'pdf\', true)">PDF</a>)';
}
$html .= '</td></tr>';
}
$html .= '</table>';
*
* @category None
* @package None
* @author Kae Verens <*****@*****.**>
* @license GPL 2.0
* @link http://kvsites.ie/
*/
if (!Core_isAdmin()) {
Core_quit();
}
require SCRIPTBASE . 'ww.plugins/sms/admin/libs.php';
echo '<div id="sms_wrapper">';
$clink = '<a href="javascript:sms_edit(0);">Create Addressbook</a>';
echo $clink;
$rs = dbAll('select * from sms_addressbooks order by name');
if (count($rs)) {
// show addressbooks
echo '<table><tr><th>Name</th><td>Created Date</td><td>Subscribers</td></tr>';
foreach ($rs as $r) {
if ($r['subscribers'] == '') {
$r['subscribers'] = '[]';
}
$ss = json_decode($r['subscribers']);
echo '<tr id="sms_row_' . $r['id'] . '">' . '<td>' . htmlspecialchars($r['name']) . '</td>' . '<td>' . Core_dateM2H($r['date_created']) . '</td>' . '<td>' . count($ss) . '</td>' . '<td><a href="javascript:sms_edit(' . $r['id'] . ')">edit</a></td>' . '<td><a href="javascript:sms_delete(' . $r['id'] . ')">[x]</a></td>' . '</tr>';
}
echo '</table>';
} else {
echo '<em>No addressbooks exist yet. Please create one: ' . $clink . '</em>';
}
echo '</div>';
echo '<script src="/ww.plugins/sms/admin/addressbooks.js"></script>';
/**
* sends a form, or displays the form instead with errors on top
*
* @param array $page page db row
* @param array $vars page meta data
* @param array $form_fields array of fields
*
* @return HTML of either the result, or the form with errors on top
*/
function Form_send($page, $vars, $form_fields)
{
$c = '';
$plaintext = '';
$values = array();
$email = '';
foreach ($form_fields as $r2) {
$name = preg_replace('/[^a-zA-Z0-9_]/', '', $r2['name']);
$separator = "\n" . str_repeat('-', 80) . "\n";
$val = '';
switch ($r2['type']) {
case 'checkbox':
// {
$val = @$_REQUEST[$name];
$values[$r2['name']] = $val == 'on' ? 'yes' : 'no';
if ($val == 'on') {
$plaintext .= 'selected option: ' . htmlspecialchars($r2['name']) . $separator;
}
break;
// }
// }
case 'date':
case 'ccdate':
// {
$val = Core_dateM2H(@$_REQUEST[$name]);
if ($r2['type'] == 'ccdate') {
$val = preg_replace('#.* ([a-zA-Z]*, [0-9]+)#', "\$1", $val);
}
$values[$r2['name']] = $val;
$plaintext .= htmlspecialchars($r2['name']) . "\n" . htmlspecialchars($val) . $separator;
break;
// }
// }
case 'email':
// {
$val = @$_REQUEST[$name];
$values[$r2['name']] = $val;
$plaintext .= htmlspecialchars($r2['name']) . "\n" . htmlspecialchars($val) . $separator;
$email = $val;
break;
// }
// }
case 'file':
// { build $files array which emulates the $_FILES array
// { first remove old uploads
$dir = USERBASE . '/f/.files/forms/';
if (!is_dir($dir)) {
break;
}
$fs = new DirectoryIterator($dir);
$time = time();
foreach ($fs as $f) {
if ($f->isDot()) {
continue;
}
if ($f->isDir()) {
$diff = $time - $f->getMTime();
if ($diff > 600) {
// file is older than 10 minutes
CoreDirectory::delete($f->getPathname());
}
}
}
// }
$session_id = session_id();
$dir .= $session_id;
if (!is_dir($dir)) {
break;
}
$_FILES = array();
$uploads = new DirectoryIterator($dir);
foreach ($uploads as $upload) {
if ($upload->isDot() || $upload->isDir()) {
continue;
}
array_push($_FILES, array('name' => $upload->getFileName(), 'type' => mime_content_type($upload->getPathname()), 'tmp_name' => $upload->getPathname(), 'error' => 0, 'size' => $upload->getSize()));
}
break;
// }
// }
case 'html-block':
case 'next-page-link':
case 'previous-page-link':
case 'page-break':
// { not inputs - don't add them
break;
// }
// }
default:
// {
$val = @$_REQUEST[$name];
$values[$r2['name']] = $val;
$val = nl2br($val);
$plaintext .= htmlspecialchars($r2['name']) . "\n" . htmlspecialchars($val) . $separator;
// }
}
}
$from_field = preg_replace('/[^a-zA-Z]/', '', $vars['forms_replyto']);
$from = isset($_REQUEST[$from_field]) ? $_REQUEST[$from_field] : '';
if (@$vars['forms_create_user']) {
$id = dbOne('select id from user_accounts where email="' . addslashes($email) . '"', 'id');
if (!$id) {
dbQuery('insert into user_accounts set email="' . addslashes($email) . '",' . 'extras="' . addslashes(json_encode($values)) . '"');
$id = dbLastInsertId();
if (isset($_FILES) && count($_FILES)) {
@mkdir(USERBASE . '/f/user-files');
@mkdir(USERBASE . '/f/user-files/' . $id);
foreach ($_FILES as $file) {
copy($file['tmp_name'], USERBASE . '/f/user-files/' . $id . '/' . $file['name']);
}
}
}
}
if ($vars['forms_send_as_email']) {
$form = Form_readonly($page['id'], $vars, $form_fields);
$to = $vars['forms_recipient'];
$form = str_replace(array('<input type="submit" value="' . __('Submit Form') . '" />', '<form action="' . $_SERVER['REQUEST_URI'] . '" method="post" ' . 'class="ww_form" enctype="multipart/form-data">', '</form>'), '', $form);
cmsMail($to, $from, $_SERVER['HTTP_HOST'] . ' ' . __FromJson($page['name']), '<html><head></head><body>' . $form . '</body></html>', $_FILES);
if (is_dir(USERBASE . '/f/.files/forms/' . session_id())) {
// remove uploaded files
CoreDirectory::delete(USERBASE . '/f/.files/forms/' . session_id());
}
}
if ($vars['forms_record_in_db']) {
Form_saveValues($page['id'], $form_fields);
}
$c .= '<div id="thankyoumessage">' . $vars['forms_successmsg'] . '</div>';
return $c;
}
<?php
if (!Core_isAdmin()) {
Core_quit();
}
echo '<h2>Credits</h2><p>You have <strong>' . (int) $GLOBALS['DBVARS']['sitecredits-credits'] . '</strong> credits.</p><button id="buy-credits">Buy Credits</button>';
WW_addScript('site-credits/admin/overview.js');
echo '<h2>Account history</h2>';
$rs = dbAll('select cdate, description, amt, total from sitecredits_accounts order by ' . 'cdate desc');
if ($rs && count($rs)) {
echo '<table><tr><th>Date</th><th>Description</th><th>Amt</th><th>Total' . '</th></tr>';
foreach ($rs as $r) {
echo '<tr><td>' . Core_dateM2H($r['cdate']) . '</td>' . '<td>' . htmlspecialchars($r['description']) . '</td>' . '<td>' . $r['amt'] . '</td><td>' . $r['total'] . '</td></tr>';
}
echo '</table>';
} else {
echo '<p>No credits accounting history to show.</p>';
}
<?php
$filters = array();
if (isset($_REQUEST['from_date'])) {
$filters[] = 'meeting_date>"' . addslashes($_REQUEST['from_date']) . '"' . ' and meeting_date<"' . addslashes($_REQUEST['from_date']) . ' 24"';
}
$sql = 'select * from meetings';
if (count($filters)) {
$sql .= ' where (' . join(') and (', $filters) . ')';
}
$sql .= ' order by meeting_time';
$meetings = dbAll($sql);
echo '<table id="meetings">' . '<thead><tr><th>Meeting Time</th><th>Who</th><th>Is Meeting Who</th>' . '<th>Question List</th><th> </th></tr></thead>';
echo '<tbody>';
foreach ($meetings as $meeting) {
$user = User::getInstance($meeting['user_id'], false, false);
$customer = User::getInstance($meeting['customer_id'], false, false);
$formname = dbOne('select name from forms_nonpage where id=' . $meeting['form_id'], 'name');
$username = $user ? $user->get('name') : 'no such user';
$customername = $customer ? $customer->get('name') : 'no such user';
echo '<tr id="meeting-' . $meeting['id'] . '">' . '<td>' . Core_dateM2H($meeting['meeting_time'], 'datetime') . '</td>' . '<td>' . htmlspecialchars($username) . '</td>' . '<td>' . htmlspecialchars($customername) . '</td>' . '<td>' . $formname . '</td>' . '<td><a href="#" class="edit">' . __('Edit') . '</a>' . ' | <a href="#" class="delete">' . __('[x]') . '</a></td>' . '</tr>';
}
echo '</tbody></table>';
echo '<button id="meetings-create">' . __('Create') . '</button>';
WW_addScript('/ww.plugins/meetings/admin.js');
/**
* frontend of the classified ads thing
*
* @param object $PAGEDATA the page object
*
* @return html
*/
function ClassifiedAds_frontend($PAGEDATA)
{
global $unused_uri;
$html = $PAGEDATA->render();
$bits = false;
if ($unused_uri == '') {
$cid = 0;
} else {
$bits = explode('/', preg_replace('/\\/$/', '', $unused_uri));
$cid = ClassifiedAds_getCategoryId($bits);
}
$sql = 'select name from classifiedads_categories where id=' . $cid;
WW_addInlineScript('var classifiedads_categoryId=' . $cid . ', classifiedads_categoryName="' . addslashes(dbOne($sql, 'name')) . '"' . ', classifiedads_paypal="' . $PAGEDATA->vars['classified-ads-paypal'] . '";');
$html = '<div id="classifiedads-wrapper">';
// { breadcrumbs
if ($bits) {
$html .= '<div class="breadcrumbs">' . ClassifiedAds_getBreadcrumbs($PAGEDATA, $bits);
if ($cid) {
$html .= ' <span class="divider">»</span>' . ' <button class="classifiedads-advertise-button">' . 'Advertise Here</button>';
WW_addScript('classified-ads/frontend/advertise.js');
}
$html .= '</div>';
}
// }
if ($bits && preg_match('/^[0-9]+-.*/', $bits[count($bits) - 1])) {
$ad_id = (int) preg_replace('/[^0-9].*/', '', $bits[count($bits) - 1]);
$ad = ClassifiedAds::get($ad_id);
$html .= '<div id="classifiedads-single">' . '<h2>' . htmlspecialchars($ad['title']) . '</h2>' . '<table id="classifiedads-ad-details"><tr>' . '<td class="classifiedads-creation-date">Posted: ' . Core_dateM2H($ad['creation_date']) . '</td>' . '<td class="classifiedads-location">Location: ' . htmlspecialchars($ad['location']) . '</td>' . '<td class="classifiedads-cost">Cost: €' . htmlspecialchars($ad['cost']) . '</td></tr></table>';
$images = array();
$dir = '/userfiles/' . $ad['user_id'] . '/classified-ads/' . $ad['id'];
if (file_exists(USERBASE . '/f' . $dir)) {
$files = new DirectoryIterator(USERBASE . '/f' . $dir);
foreach ($files as $f) {
if ($f->isDot() || $f->isDir()) {
continue;
}
$images[] = '<a href="/f' . $dir . '/' . $f->getFilename() . '" target="popup">' . '<img src="/a/f=getImg/w=128/h=128' . $dir . '/' . $f->getFilename() . '"' . ' style="max-width:128px;max-height:128px"/></a>';
}
}
$html .= '<p class="classified-ads-body">' . nl2br(htmlspecialchars($ad['body'])) . '</p>' . join('', $images);
$html .= '<table class="classifiedads-contact"><tr>';
if ($ad['phone']) {
$html .= '<td>Phone: ' . htmlspecialchars($ad['phone']) . '</td>';
}
/* if ($ad['email']) {
$html.='<td>Email: <a href="#" class="classified-ads-email"'
.' data-ad-id="'.$ad['id'].'">click to send</a></td>';
} */
$html .= '</tr></table>';
$html .= '</div>';
} else {
// show sub-categories and ads
// { sub-categories
$subcats = dbAll('select id, icon, name from classifiedads_categories where parent=' . $cid . ' order by name');
if (count($subcats)) {
$html .= '<div id="classifiedads-subcats">' . '<h2>Categories</h2><ul>';
foreach ($subcats as $cat) {
$url = ClassifiedAds_getCategoryUrl($cat['id']);
$html .= '<li>' . '<a href="' . $url . '">';
if ($cat['icon']) {
$html .= '<img src="/a/f=getImg/' . $cat['icon'] . '/w=32/h=32"/>';
}
$html .= htmlspecialchars($cat['name']);
$html .= '</a></li>';
}
$html .= '</div>';
}
// }
// { ads
$subcatsRecursive = ClassifiedAds_getCategoryIdsRecursive($cid);
$ads = ClassifiedAds::getByCategories($subcatsRecursive);
$html .= '<table id="classifiedads-ads">' . '<thead><tr><th colspan="2">Title</th><th>Location</th><th>Posted</th>' . '<th>Price</th></tr></thead><tbody>';
$today = date('Y-m-d');
foreach ($ads as $ad) {
if ($ad['expiry_date'] < $today) {
dbQuery('delete from classifiedads_ad where id=' . $ad['id']);
Core_cacheClear('classifiedads_ad');
continue;
}
$url = ClassifiedAds_getCategoryUrl($ad['category_id']) . '/' . $ad['id'] . '-' . preg_replace('/[^a-z0-9A-Z]/', '-', $ad['title']);
$img = '';
$adDir = '/userfiles/' . $ad['user_id'] . '/classified-ads/' . $ad['id'];
$dir = USERBASE . '/f' . $adDir;
if (file_exists($dir)) {
$files = new DirectoryIterator($dir);
foreach ($files as $f) {
if (!$f->isDot()) {
$img = '<img style="max-width:64px;max-height:64px;" src="/a/f=getImg/w=64/h=64' . $adDir . '/' . $f->getFilename() . '"/>';
break;
}
}
}
$html .= '<tr class="ad-top-details"><td rowspan="2">' . $img . '</td><td><a href="' . $url . '">' . htmlspecialchars($ad['title']) . '</a></td>' . '<td class="location">' . htmlspecialchars($ad['location']) . '</td>' . '<td class="posted">' . Core_dateM2H($ad['creation_date']) . '</td>' . '<td class="price">€' . htmlspecialchars($ad['cost']) . '</td>' . '</tr><tr class="ad-bottom-details">' . '<td colspan="4">' . $ad['excerpt'] . '</td></tr>';
}
$html .= '</tbody></table>';
// }
}
$html .= '</div>';
$html .= @$PAGEDATA->vars['footer'];
WW_addCSS('/ww.plugins/classified-ads/frontend/style.css');
WW_addScript('/j/uploader.js');
return $html;
}
$sql = 'select status,id,invoice_num, total,date_created,authorised' . ' from online_store_orders' . ' where ' . $filter . ' order by date_created desc';
$rs = dbAll($sql);
if (is_array($rs) && count($rs)) {
$c .= '<div style="margin:0 10%">' . '<table id="onlinestore-orders-table" width="100%" class="desc"><thead><tr>' . '<th><input type="checkbox" id="onlinestore-orders-selectall"/></th>' . '<th>' . __('Order ID') . '</th>' . '<th>' . __('Invoice Num') . '</th>' . '<th>' . __('Date') . '</th>' . '<th>' . __('Amount') . '</th>' . '<th>' . __('Items') . '</th>' . '<th>' . __('Invoice') . '</th>' . '<th>' . __('Checkout Form') . '</th>' . '<th>' . __('Status') . '</th>' . '</tr></thead><tbody>';
foreach ($rs as $r) {
$c .= '<tr data-id="' . $r['id'] . '">' . '<td><input class="mass-actions" type="checkbox"/></td>' . '<td>' . $r['id'] . '</td>' . '<td>' . htmlspecialchars($r['invoice_num']) . '</td>' . '<td><span style="display:none">' . $r['date_created'] . '</span>' . Core_dateM2H($r['date_created']) . '</td><td>' . $csym . sprintf('%.2f', $r['total']) . '</td>' . '<td><a href="javascript:os_listItems(' . $r['id'] . ')">' . __('Items') . '</a></td>' . '<td><a href="javascript:os_invoice(' . $r['id'] . ')">' . __('Invoice') . '</a>' . ' (<a href="javascript:os_invoice(' . $r['id'] . ',true)">' . __('Print') . '</a>)</td>' . '<td>' . '<a href="javascript:onlinestoreFormValues(' . $r['id'] . ')">' . __('Checkout Form') . '</a>' . '</td>' . '<td><a href="javascript:onlinestoreStatus(' . $r['id'] . ',' . (int) $r['status'] . ')" ' . 'id="os_status_' . $r['id'] . '">' . htmlspecialchars($statii[(int) $r['status']]) . '</a>';
if ($r['authorised']) {
$c .= ' <strong>' . __('Authorised') . '</strong>';
}
$c .= '</td></tr>';
}
$c .= '</tbody></table></div>' . '<select id="onlinestore-orders-action"><option value="0"> -- </option>' . '<option value="1">' . __('Mark as Unpaid') . '</option>' . '<option value="2">' . __('Mark as Paid') . '</option>' . '<option value="3">' . __('Mark as Dispatched') . '</option>' . '<option value="4">' . __('Download as PDF') . '</option>' . '</select>';
} else {
$c .= '<em>' . __('No orders with this status exist') . '</em>';
}
$c .= '</div>';
// }
// { authorised payments
if ($has_authrs) {
$c .= '<div id="online-store-authorised"><table class="wide"><tr><th>' . '<input type="checkbox"/></th><th>' . __('ID') . '</th><th>' . __('Date') . '</th><th>' . __('Total') . '</th>' . '<th>' . __('Status') . '</th></tr>';
foreach ($authrs as $r) {
$c .= '<tr id="capture' . $r['id'] . '"><td><input type="checkbox" id="auth' . $r['id'] . '"/></td>' . '<td>' . $r['id'] . '</td><td>' . Core_dateM2H($r['date_created']) . '</td>' . '<td>' . $r['total'] . '</td><td>' . $statii[(int) $r['status']] . '</td></tr>';
}
/* TODO: translation needed */
$c .= '</table><input type="button" value="Capture selected transactions"/>';
$c .= '</div>';
}
// }
$c .= '</div>';
echo $c;
WW_addScript('/ww.plugins/online-store/admin/orders.js');
$trusted = $is_admin || dbOne('select value from site_vars where name="no_moderation"', 'value') ? 1 : 0;
if (!is_numeric($page)) {
echo '{"status":0, "message":"The page id should be a number"}';
} elseif (!dbOne('select id from pages where id = ' . $page, 'id')) {
echo '{"status":0, "message":"No page with that id exists"}';
} else {
dbQuery('insert into comments set
name = "' . addslashes($name) . '",
email = "' . addslashes($email) . '",
objectid = ' . $page . ',
isvalid = ' . $trusted . ',
cdate = now(),
comment = "' . addslashes($comment) . '",
homepage ="' . addslashes($site) . '"');
$id = dbOne('select last_insert_id() as id', 'id');
// $_SESSION['comment_ids'][] = $id; // turning this off to avoid confusion...
if (isset($DBVARS['comments_moderatorEmail']) && $DBVARS['comments_moderatorEmail']) {
mail($DBVARS['comments_moderatorEmail'], '[' . $_SERVER['HTTP_HOST'] . '] new comment', addslashes($name) . " has commented on your site:\n" . addslashes($comment) . "\n\nTo approve or delete this comment, please log into your administration area and go to Communication>Comments", 'From: noreply@' . $_SERVER['HTTP_HOST'] . "\nReply-to: noreply@" . $_SERVER['HTTP_HOST']);
}
$count = dbOne('select count(id) from comments
where objectid = ' . $page, 'count(id)');
$datetime = dbOne('select cdate from comments where id = ' . $id, 'cdate');
$date = Core_dateM2H($datetime);
if ($count > 1) {
$addIntroString = 0;
} else {
$addIntroString = 1;
}
$data = array('status' => 1, 'id' => $id, 'name' => $name, 'humandate' => $date, 'mysqldate' => $datetime, 'comment' => $comment, 'add' => $addIntroString, 'moderated' => $trusted ? 0 : 1);
echo json_encode($data);
}
if (strpos($img, '<img') === 0) {
$img = preg_replace('/>.*/', '', $img);
$img = preg_replace('/.*src="([^"]*)".*/', '\\1', $img);
$img = preg_replace('#^/f/#', '', $img);
$thumb = '<img src="/a/f=getImg/w=' . $vars->thumbnailw . '/h=' . $vars->thumbnailh . '/' . $img . '" style="float:left;"/>';
}
}
$body = '';
if ($vars->characters_shown) {
$body = preg_replace('#<h1[^<]*</h1>#', '', $pagerendered);
$body = str_replace(array("\n", "\r"), ' ', $body);
$body = preg_replace('/<script defer="defer"[^>]*>.*?<\\/script>/', '', $body);
$body = preg_replace('/<[^>]*>/', '', $body);
$body = '<br /><i>' . substr($body, 0, $vars->characters_shown) . '...</i>';
}
$links[] = '<a href="' . $page->getRelativeURL() . '"><strong>' . htmlspecialchars(__FromJson($page->name)) . '</strong><div class="date">' . Core_dateM2H($page->associated_date) . '</div><span class="news-body">' . $thumb . $body . '</span></a>';
}
$html .= '<div id="news-wrapper-' . $vars->id . '" class="news_excerpts_wrapper"><ul class="news_excerpts"><li>' . join('</li><li>', $links) . '</li></ul></div>';
if (isset($vars->scrolling) && $vars->scrolling) {
$n_items = isset($vars->stories_to_show) && is_numeric($vars->stories_to_show) ? $vars->stories_to_show : 2;
if (isset($vars->scrolling) && $vars->scrolling) {
WW_addScript('/j/jquery.vticker.js');
WW_addCSS('/ww.plugins/news/c/scroller.css');
$html .= '<script defer="defer">$(function(){
$("#news-wrapper-' . $vars->id . '").vTicker({
speed: 15000,
pause: 5000,
showItems: ' . $n_items . ',
animation: "",
mousePause: true
});
$c .= '<thead>';
$c .= '<tr>';
foreach ($datafields as $data) {
$name = $data->ti ? $data->ti : ucwords(str_replace('_', ' ', $data->n));
$c .= '<th>' . htmlspecialchars(ucfirst($name)) . '</th>';
}
$c .= '</tr>';
$c .= '</thead>';
$c .= '<tbody>';
$c .= '<tr>';
foreach ($datafields as $data) {
$c .= '<td>';
switch ($data->t) {
case 'date':
// {
$c .= Core_dateM2H($product->vals[$data->n]);
break;
// }
// }
case 'checkbox':
// {
if (isset($product->vals[$data->n])) {
$c .= __('Yes');
} else {
$c .= __('No');
}
break;
// }
// }
case 'textarea':
// {
/**
* display products in a datatable format
*
* @param array $products array of product IDS to show
* @param string $direction the orientation of the table
*
* @return string
*/
function Product_datatableMultiple($products, $direction)
{
$headers = array();
$header_types = array();
$data = array();
foreach ($products as $pid) {
$row = array();
$product = Product::getInstance($pid);
$type = ProductType::getInstance($product->vals['product_type_id']);
if (!isset($type)) {
$ptid = $product->vals['product_type_id'];
return '<em>' . __('Product Type with ID %1 does not exist - please alert the admin of' . ' this site.', array($ptid), 'core') . '</em>';
}
$row['name'] = $product->name;
if (!is_array($type->data_fields)) {
return __('Product Type "%1" has no data fields.', array($type->name), 'core');
}
foreach ($type->data_fields as $df) {
switch ($df->t) {
case 'checkbox':
// {
$row[$df->n] = isset($product->vals[$df->n]) && $product->vals[$df->n] ? __('Yes') : __('No');
break;
// }
// }
case 'date':
// {
$row[$df->n] = Core_dateM2H($product->vals[$df->n]);
break;
// }
// }
case 'textarea':
// {
$row[$df->n] = $product->vals[$df->n];
break;
// }
// }
default:
// {
$row[$df->n] = htmlspecialchars($product->vals[$df->n]);
break;
// }
}
if (!in_array($df->n, $headers)) {
if ($df->ti) {
$headers[$df->n] = $df->ti;
} else {
$headers[$df->n] = ucwords($df->n);
}
$header_types[$df->n] = $df->t;
}
}
$data[] = $row;
}
switch ($direction) {
case 'horizontal':
// {
// { datatables
WW_addScript('http://ajax.aspnetcdn.com/ajax/jquery.dataTables/1.9.4/' . 'jquery.dataTables.min.js');
WW_addScript('/j/datatables-delay.js');
WW_addCSS('http://ajax.aspnetcdn.com/ajax/jquery.dataTables/1.9.4/css/' . 'jquery.dataTables.css');
WW_addCSS('http://ajax.aspnetcdn.com/ajax/jquery.dataTables/1.9.4/css/' . 'jquery.dataTables_themeroller.css');
// }
WW_addScript('products/frontend/show-horizontal.js');
WW_addCSS('/ww.plugins/products/frontend/show-horizontal.css');
$html = '<table class="product-horizontal">';
$html .= '<thead><tr>';
foreach ($headers as $n => $v) {
$html .= '<th o="' . htmlspecialchars($n) . '">' . htmlspecialchars($v) . '</th>';
}
$html .= '</tr></thead><tbody>';
foreach ($data as $row) {
$html .= '<tr>';
foreach ($headers as $n => $d) {
$html .= '<td>' . $row[$n] . '</td>';
}
$html .= '</tr>';
}
$html .= '</tbody>';
$html .= '<tfoot><tr>';
foreach ($headers as $key => $name) {
if ($header_types[$key] == 'checkbox') {
$html .= '<th><select name="search_' . $name . '"><option></option>' . '<option value="0">' . __('No') . '</option>' . '<option value="1">' . __('Yes') . '</option>' . '</select></th>';
} else {
$html .= '<th><input type="text" name="search_' . $name . '" /></th>';
}
}
$html .= '</tr></tfoot></table>';
break;
// }
// }
case 'vertical':
// {
$html = '<table class="product-vertical">';
foreach ($headers as $n => $d) {
$html .= '<tr class="' . $n . '"><th>' . $d . '</th>';
foreach ($data as $row) {
$html .= '<td>' . $row[$n] . '</td>';
}
$html .= '</tr>';
}
$html .= '</table>';
break;
// }
}
return $html;
}
if (!isset($excerpt_length)) {
$excerpt_length = 200;
}
if (isset($PAGEDATA->vars['blog_excerpt_length'])) {
$excerpt_length = (int) $PAGEDATA->vars['blog_excerpt_length'];
if ($excerpt_length < 10) {
$excerpt_length = 200;
}
}
foreach ($rs as $r) {
$sclass = $r['status'] == '1' ? 'blog-published' : 'blog-unpublished';
$c .= '<div class="blog-excerpt-wrapper ' . $sclass . '" id="blog-entry-' . $r['id'] . '">';
$c .= '<h2 class="blog-header">' . htmlspecialchars($r['title']) . '</h2>';
$user = User::getInstance($r['user_id']);
$name = $user ? $user->name : 'unknown';
$c .= '<div class="blog-meta">' . '<span class="blog-author" data-uid="' . $r['user_id'] . '">' . $name . '</span>' . '<span class="blog-separator"> ~ </span>' . '<span class="blog-date-published">' . Core_dateM2H($r['pdate']) . '</span>' . '</div>';
// }
$excerpt = $r['excerpt'] ? $r['excerpt'] : substr(preg_replace('/\\s+/', ' ', str_replace(' ', ' ', preg_replace('/<[^>]*>/', ' ', $r['body']))), 0, $excerpt_length) . '...';
// { image
if (!$r['excerpt_image']) {
$img = preg_replace('/.*<img.*?src="([^"]*)".*/m', '\\1', str_replace(array("\n", "\r"), ' ', $r['body']));
if (strpos($img, '/f') === 0) {
$r['excerpt_image'] = preg_replace('#^/f/#', '', $img);
}
}
$img = '';
if ($r['excerpt_image']) {
if (!isset($excerptImageSizeX)) {
$excerptImageSizeX = 100;
}
if (!isset($excerptImageSizeY)) {
function forum_user_profile($PAGEDATA, $user)
{
$script = '$(function(){$(".rating").ratings();});
';
WW_addScript('ratings/ratings.js');
WW_addInlineScript($script);
$threads = dbOne('select count(id) from forums_threads where creator_id=' . $user['id'], 'count(id)');
$posts = dbOne('select count(id) from forums_posts where author_id=' . $user['id'], 'count(id)');
$emailHash = md5(trim(strtolower($user['email'])));
$html = '<h1>Forum</h1>
<table style="border:1px solid #ccc;margin:10px">
<tr>
<td rowspan="3">
<img class="avatar" data-uid="' . $user['id'] . '"/>
</td>
<th>Threads Created:</th>
<td>' . $threads . '</tr>
</tr>
<tr>
<th>Posts:</th>
<td>' . $posts . '</td>
</tr>
<tr>
<th>Helpfulness Rating:</th>
<td><p id="forum_user_' . $user['id'] . '"
class="rating" type="forum_user">rating</p></td>
</tr>
</table>';
$recent = dbAll('select * from forums_posts where author_id=' . $user['id'] . ' order by created_date desc limit 4');
$ids = array();
foreach ($recent as $post) {
if (!in_array($post['thread_id'], $ids)) {
array_push($ids, $post['thread_id']);
}
}
$threads = dbAll('select * from forums_threads where id=' . implode(' or id=', $ids));
$html .= '<h1>Forum - Your Recent Posts</h1>
<table style="border:1px solid #ccc;margin:10px">
<tr>
<th>Thread</th>
<th>Date</th>
<th>Post</th>
</tr>';
foreach ($recent as $post) {
foreach ($threads as $thread) {
if ($thread['id'] == $post['thread_id']) {
$thread_id = $thread['id'];
$name = $thread['name'];
$forum = $thread['forum_id'];
break;
}
}
$pagename = dbOne('select name from pages where id=(select page_id from forums where id=1)', 'name');
$link = '/_r?type=forum&forum-f=' . $forum . '&forum-t=' . $thread_id;
$html .= '<tr>
<td><a href="' . $link . '">' . $name . '</a></td>
<td>' . Core_dateM2H($post['created_date']) . '</td>
<td>' . substr($post['body'], 0, 40) . ' [...]</td>
</tr>';
}
$html .= '</table>';
return $html;
}
$garr = array();
foreach ($grs as $gr) {
if (!isset($groups[$gr['groups_id']])) {
$groups[$gr['groups_id']] = dbOne("select name from groups where id={$gr['groups_id']} limit 1", 'name');
}
$garr[] = $groups[$gr['groups_id']];
}
echo join(', ', $garr);
echo '</td>';
// }
// { last login
echo '<td><span class="nodisplay">' . $user['last_login'] . '</span>';
if ($user['last_login'] == '0000-00-00 00:00:00') {
echo 'never</td>';
} else {
echo Core_dateM2H($user['last_login']) . '</td>';
}
// }
// { last view
echo '<td><span class="nodisplay">' . $user['last_view'] . '</span>';
if ($user['last_view'] == '0000-00-00 00:00:00') {
echo 'never</td>';
} else {
echo Core_dateM2H($user['last_view']) . '</td>';
}
// }
echo '<td><a href="siteoptions.php?page=users&id=' . $user['id'] . '">edi' . 't</a> <a href="siteoptions.php?page=users&id=' . $user['id'] . '&' . 'action=delete" onclick="return confirm(\'are you sure you want to del' . 'ete this user?\')">[x]</a></td></tr>';
}
echo '</tbody></table>';
// }
WW_addScript('/ww.admin/siteoptions/users-list.js');
/**
* The main display function
*
* @param Object $page Page Info
*
* @return $html The comments and an add comment form
**/
function Comments_displayComments($page)
{
if (!$GLOBALS['access_allowed']) {
return '';
}
// { order of display
$commentboxfirst = isset($page->vars['comments_show_box_at_top']) && $page->vars['comments_show_box_at_top'];
// }
// { get list of existing comments
$hideComments = isset($page->vars['hide_comments']) && $page->vars['hide_comments'];
if ($hideComments) {
if (count(@$_SESSION['comment_ids'])) {
$query = 'select * from comments where objectid=' . $page->id . ' and id in (' . join(', ', $_SESSION['comment_ids']) . ')';
} else {
$query = '';
}
} else {
if (count(@$_SESSION['comment_ids'])) {
$query = 'select * from comments where objectid=' . $page->id . ' and (isvalid=1 or id in (' . join(', ', $_SESSION['comment_ids']) . '))';
} else {
$query = 'select * from comments where objectid=' . $page->id . ' and isvalid=1';
}
}
if ($query) {
$sql = $query . ' order by cdate ' . ($commentboxfirst ? 'desc' : 'asc');
$md5 = md5($sql);
$comments = Core_cacheLoad('comments', $md5);
if ($comments === false) {
$comments = dbAll($sql);
Core_cacheSave('comments', $md5, $comments);
}
}
// }
$clist = '';
if (count($comments)) {
$clist = '<div id="start-comments" class="comments-list"><a name="comments"></a>' . '<strong>Comments</strong>';
foreach ($comments as $comment) {
$id = $comment['id'];
$datetime = $comment['cdate'];
$allowedToEdit = Core_isAdmin() || isset($_SESSION['comment_ids']) && is_array($_SESSION['comment_ids']) && in_array($id, $_SESSION['comment_ids'], false);
$clist .= '<div class="comment-wrapper';
if ($allowedToEdit) {
$clist .= ' comment-editable" ' . 'cdate="' . $datetime . '" comment="' . htmlspecialchars($comment['comment']) . '"';
} else {
$clist .= '" ';
}
$clist .= 'id="comment-wrapper-' . $comment['id'] . '"' . '><a name="comments-' . $id . '"></a>' . '<div class="comment-info" id="comment-info-' . $id . '">Posted by ';
if (!empty($comment['site'])) {
$clist .= '<a href="' . $comment['site'] . '" target=_blank>' . htmlspecialchars($comment['name']) . '</a>';
} else {
$clist .= htmlspecialchars($comment['name']);
}
$clist .= ' on ' . Core_dateM2H($datetime) . '</div>' . '<div id="comment-' . $id . '" class="comments-comment">' . htmlspecialchars($comment['comment']) . '</div></div>';
}
$clist .= '</div>';
} else {
$clist .= '';
}
// { get comment box HTML
$allowComments = Core_cacheLoad('comments', 'allow-' . $page->id, -1);
if ($allowComments === -1) {
$allowComments = dbOne('select value from page_vars where name="allow_comments" and page_id=' . $page->id, 'value');
Core_cacheSave('comments', 'allow-' . $page->id, $allowComments);
}
$cbhtml = $allowComments == 'on' ? Comments_showCommentForm($page->id) : '';
if ($allowComments == 'on') {
WW_addScript('comments/frontend/comments-frontend.js');
$cbhtml .= '<script src="//ajax.aspnetcdn.com/ajax/jquery.validate/1.9/' . 'jquery.validate.min.js"></script>';
}
WW_addCSS('/ww.plugins/comments/frontend/comments.css');
// }
return $commentboxfirst ? $cbhtml . $clist : $clist . $cbhtml;
}
