本文整理汇总了PHP中COM_killJS函数的典型用法代码示例。如果您正苦于以下问题:PHP COM_killJS函数的具体用法?PHP COM_killJS怎么用?PHP COM_killJS使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了COM_killJS函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: applyFilter
/**
* Apply a basic filter
*
* @param string|array $var
* @param bool $isNumeric
* @return string|array
*/
public static function applyFilter($var, $isNumeric = false)
{
if (is_array($var)) {
return array_map(__METHOD__, $var);
}
if (is_callable('COM_applyBasicFilter')) {
$var = COM_applyBasicFilter($var);
} else {
// Simulate COM_applyBasicFilter
$var = \GLText::remove4byteUtf8Chars($var);
$var = strip_tags($var);
if (is_callable('COM_killJS')) {
$var = COM_killJS($var);
// doesn't help a lot right now, but still ...
} else {
$var = preg_replace('/(\\s)+[oO][nN](\\w*) ?=/', '\\1in\\2=', $var);
}
if ($isNumeric) {
// Note: PHP's is_numeric() accepts values like 4e4 as numeric
if (!is_numeric($var) || preg_match('/^-?\\d+$/', $var) == 0) {
$var = 0;
}
} else {
$var = preg_replace('/\\/\\*.*/', '', $var);
$var = explode("'", $var);
$var = explode('"', $var[0]);
$var = explode('`', $var[0]);
$var = explode(';', $var[0]);
$var = explode(',', $var[0]);
$var = explode('\\', $var[0]);
$var = $var[0];
}
}
return $var;
}
示例2: ppApplyFilter
function ppApplyFilter($parameter, $isnumeric = false, $returnzero = true)
{
$p = COM_stripslashes($parameter);
$p = strip_tags($p);
$p = COM_killJS($p);
if ($isnumeric) {
// Note: PHP's is_numeric() accepts values like 4e4 as numeric
// Strip out any common number formatting characters
$p = preg_replace('/[\\s-\\(\\)]+/', '', $p);
if (!is_numeric($p) || preg_match('/^([0-9]+)$/', $p) == 0) {
if ($returnzero) {
$p = 0;
} else {
$p = '';
}
}
} else {
$pa = explode("'", $p);
$pa = explode('"', $pa['0']);
$pa = explode('`', $pa['0']);
$p = $pa['0'];
}
return $p;
}
示例3: userprofile
/**
* Shows a profile for a user
*
* This grabs the user profile for a given user and displays it
*
* @param int $user User ID of profile to get
* @param int $msg Message to display (if != 0)
* @return string HTML for user profile page
*
*/
function userprofile($user, $msg = 0)
{
global $_CONF, $_TABLES, $_USER, $LANG01, $LANG04, $LANG09, $LANG_LOGIN;
$retval = '';
if (empty($_USER['username']) && ($_CONF['loginrequired'] == 1 || $_CONF['profileloginrequired'] == 1)) {
$retval .= COM_siteHeader('menu');
$retval .= COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header'));
$login = new Template($_CONF['path_layout'] . 'submit');
$login->set_file(array('login' => 'submitloginrequired.thtml'));
$login->set_var('xhtml', XHTML);
$login->set_var('login_message', $LANG_LOGIN[2]);
$login->set_var('site_url', $_CONF['site_url']);
$login->set_var('site_admin_url', $_CONF['site_admin_url']);
$login->set_var('layout_url', $_CONF['layout_url']);
$login->set_var('lang_login', $LANG_LOGIN[3]);
$login->set_var('lang_newuser', $LANG_LOGIN[4]);
$login->parse('output', 'login');
$retval .= $login->finish($login->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$retval .= COM_siteFooter();
return $retval;
}
$result = DB_query("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,homepage,about,location,pgpkey,photo,email FROM {$_TABLES['userinfo']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['users']}.uid = {$user}");
$nrows = DB_numRows($result);
if ($nrows == 0) {
// no such user
return COM_refresh($_CONF['site_url'] . '/index.php');
}
$A = DB_fetchArray($result);
$display_name = COM_getDisplayName($user, $A['username'], $A['fullname']);
// format date/time to user preference
$curtime = COM_getUserDateTimeFormat($A['regdate']);
$A['regdate'] = $curtime[0];
$user_templates = new Template($_CONF['path_layout'] . 'users');
$user_templates->set_file(array('profile' => 'profile.thtml', 'row' => 'commentrow.thtml', 'strow' => 'storyrow.thtml'));
$user_templates->set_var('xhtml', XHTML);
$user_templates->set_var('site_url', $_CONF['site_url']);
$user_templates->set_var('start_block_userprofile', COM_startBlock($LANG04[1] . ' ' . $display_name));
$user_templates->set_var('end_block', COM_endBlock());
$user_templates->set_var('lang_username', $LANG04[2]);
if ($_CONF['show_fullname'] == 1) {
$user_templates->set_var('username', $A['fullname']);
$user_templates->set_var('user_fullname', $A['username']);
} else {
$user_templates->set_var('username', $A['username']);
$user_templates->set_var('user_fullname', $A['fullname']);
}
if (SEC_hasRights('user.edit')) {
global $_IMAGE_TYPE, $LANG_ADMIN;
$edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG_ADMIN['edit'] . '" title="' . $LANG_ADMIN['edit'] . '"' . XHTML . '>';
$edit_link_url = COM_createLink($edit_icon, "{$_CONF['site_admin_url']}/user.php?mode=edit&uid={$A['uid']}");
$user_templates->set_var('edit_link', $edit_link_url);
}
$photo = USER_getPhoto($user, $A['photo'], $A['email'], -1);
$user_templates->set_var('user_photo', $photo);
$user_templates->set_var('lang_membersince', $LANG04[67]);
$user_templates->set_var('user_regdate', $A['regdate']);
$user_templates->set_var('lang_email', $LANG04[5]);
$user_templates->set_var('user_id', $user);
$user_templates->set_var('lang_sendemail', $LANG04[81]);
$user_templates->set_var('lang_homepage', $LANG04[6]);
$user_templates->set_var('user_homepage', COM_killJS($A['homepage']));
$user_templates->set_var('lang_location', $LANG04[106]);
$user_templates->set_var('user_location', strip_tags($A['location']));
$user_templates->set_var('lang_bio', $LANG04[7]);
$user_templates->set_var('user_bio', nl2br(stripslashes($A['about'])));
$user_templates->set_var('lang_pgpkey', $LANG04[8]);
$user_templates->set_var('user_pgp', nl2br($A['pgpkey']));
$user_templates->set_var('start_block_last10stories', COM_startBlock($LANG04[82] . ' ' . $display_name));
$user_templates->set_var('start_block_last10comments', COM_startBlock($LANG04[10] . ' ' . $display_name));
$user_templates->set_var('start_block_postingstats', COM_startBlock($LANG04[83] . ' ' . $display_name));
$user_templates->set_var('lang_title', $LANG09[16]);
$user_templates->set_var('lang_date', $LANG09[17]);
// for alternative layouts: use these as headlines instead of block titles
$user_templates->set_var('headline_last10stories', $LANG04[82]);
$user_templates->set_var('headline_last10comments', $LANG04[10]);
$user_templates->set_var('headline_postingstats', $LANG04[83]);
$result = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL());
$nrows = DB_numRows($result);
$tids = array();
for ($i = 0; $i < $nrows; $i++) {
$T = DB_fetchArray($result);
$tids[] = $T['tid'];
}
$topics = "'" . implode("','", $tids) . "'";
// list of last 10 stories by this user
if (count($tids) > 0) {
$sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = {$user}) AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
$sql .= " ORDER BY unixdate DESC LIMIT 10";
$result = DB_query($sql);
//.........这里部分代码省略.........
示例4: COM_applyBasicFilter
/**
* Filter parameters
*
* NOTE: Use this function instead of COM_applyFilter for parameters
* _not_ coming in through a GET or POST request.
*
* @param string $parameter the parameter to test
* @param boolean $isnumeric true if $parameter is supposed to be numeric
* @return string the filtered parameter (may now be empty or 0)
* @see COM_applyFilter
*
*/
function COM_applyBasicFilter($parameter, $isnumeric = false)
{
$log_manipulation = false;
// set to true to log when the filter applied
$p = strip_tags($parameter);
$p = COM_killJS($p);
// doesn't help a lot right now, but still ...
if ($isnumeric) {
// Note: PHP's is_numeric() accepts values like 4e4 as numeric
if (!is_numeric($p) || preg_match('/^-?\\d+$/', $p) == 0) {
$p = 0;
}
} else {
$p = preg_replace('/\\/\\*.*/', '', $p);
$pa = explode("'", $p);
$pa = explode('"', $pa[0]);
$pa = explode('`', $pa[0]);
$pa = explode(';', $pa[0]);
$pa = explode(',', $pa[0]);
$pa = explode('\\', $pa[0]);
$p = $pa[0];
}
if ($log_manipulation) {
if (strcmp($p, $parameter) != 0) {
COM_errorLog("Filter applied: >> {$parameter} << filtered to {$p} [IP {$_SERVER['REMOTE_ADDR']}]", 1);
}
}
return $p;
}
示例5: MG_getFile
//.........这里部分代码省略.........
if ($_MG_CONF['discard_original'] == 1) {
$quota += @filesize(MG_getFilePath('disp', $media_filename, 'jpg'));
}
DB_change($_TABLES['mg_albums'], 'album_disk_usage', $quota, 'album_id', intval($album_id));
if ($errors) {
@unlink($tmpPath);
COM_errorLog("MG Upload: Problem uploading a media object");
return array(false, $errMsg);
}
if (($mimeType != 'application/zip' || $_MG_CONF['zip_enabled'] == 0) && $errors == 0) {
// Now we need to process an uploaded thumbnail
if ($gotTN == 1) {
$mp3TNFilename = $_MG_CONF['tmp_path'] . 'mp3tn' . time() . '.jpg';
$fn = fopen($mp3TNFilename, "w");
fwrite($fn, $mp3AttachdedThumbnail);
fclose($fn);
$saveThumbnailName = $_MG_CONF['path_mediaobjects'] . 'tn/' . $media_filename[0] . '/tn_' . $media_filename;
MG_attachThumbnail($album_id, $mp3TNFilename, $saveThumbnailName);
@unlink($mp3TNFilename);
$atttn = 1;
} else {
if ($atttn == 1) {
$saveThumbnailName = $_MG_CONF['path_mediaobjects'] . 'tn/' . $media_filename[0] . '/tn_' . $media_filename;
MG_attachThumbnail($album_id, $thumbnail, $saveThumbnailName);
}
}
if ($video_attached_thumbnail) {
$atttn = 1;
}
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: Building SQL and preparing to enter database");
}
if ($_MG_CONF['htmlallowed'] != 1) {
$media_desc = addslashes(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($description)))));
$media_caption = addslashes(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($caption)))));
$media_keywords = addslashes(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($keywords)))));
} else {
$media_desc = addslashes(COM_checkHTML(COM_killJS($description)));
$media_caption = addslashes(COM_checkHTML(COM_killJS($caption)));
$media_keywords = addslashes(COM_checkHTML(COM_killJS($keywords)));
}
// Check and see if moderation is on. If yes, place in mediasubmission
if ($album->moderate == 1 && !$root_album->owner_id) {
$tableMedia = $_TABLES['mg_mediaqueue'];
$tableMediaAlbum = $_TABLES['mg_media_album_queue'];
$queue = 1;
} else {
$tableMedia = $_TABLES['mg_media'];
$tableMediaAlbum = $_TABLES['mg_media_albums'];
$queue = 0;
}
$original_filename = addslashes($file);
if ($album->filename_title) {
if ($media_caption == '') {
$pos = strrpos($original_filename, '.');
if ($pos === false) {
$media_caption = $original_filename;
} else {
$media_caption = substr($original_filename, 0, $pos);
}
}
}
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: Inserting media record into mg_media");
}
$resolution_x = 0;
示例6: edituser
//.........这里部分代码省略.........
$preferences->set_var('lang_password_email_legend', $LANG04[129]);
$preferences->set_var('lang_personal_info_legend', $LANG04[130]);
$preferences->set_var('lang_resynch', $LANG04[166]);
$display_name = COM_getDisplayName($_USER['uid']);
//$preferences->set_var ('start_block_profile',
// COM_startBlock ($LANG04[1] . ' ' . $display_name));
//$preferences->set_var ('end_block', COM_endBlock ());
$preferences->set_var('profile_headline', $LANG04[1] . ' ' . $display_name);
if ($_CONF['allow_user_photo'] == 1) {
$preferences->set_var('enctype', 'enctype="multipart/form-data"');
} else {
$preferences->set_var('enctype', '');
}
$preferences->set_var('fullname_value', htmlspecialchars($A['fullname']));
$preferences->set_var('new_username_value', htmlspecialchars($_USER['username']));
if ($A['remoteservice'] == '') {
$preferences->set_var('password_value', '');
$preferences->parse('password_option', 'password', true);
$preferences->parse('current_password_option', 'current_password', true);
$preferences->set_var('resynch_option', '');
} else {
$preferences->set_var('password_option', '');
$preferences->set_var('current_password_option', '');
if ($_CONF['user_login_method']['oauth'] && strpos($_USER['remoteservice'], 'oauth.') === 0) {
// OAuth only supports re-synch at the moment
$preferences->set_var('resynch_checked', '');
$preferences->parse('resynch_option', 'resynch', true);
} else {
$preferences->set_var('resynch_option', '');
}
}
if ($_CONF['allow_username_change'] == 1) {
$preferences->parse('username_option', 'username', true);
} else {
$preferences->set_var('username_option', '');
}
$selection = '<select id="cooktime" name="cooktime">' . LB;
$selection .= COM_optionList($_TABLES['cookiecodes'], 'cc_value,cc_descr', $A['cookietimeout'], 0);
$selection .= '</select>';
$preferences->set_var('cooktime_selector', $selection);
$preferences->set_var('email_value', htmlspecialchars($A['email']));
$preferences->set_var('homepage_value', htmlspecialchars(COM_killJS($A['homepage'])));
$preferences->set_var('location_value', htmlspecialchars(strip_tags($A['location'])));
$preferences->set_var('signature_value', htmlspecialchars($A['sig']));
if ($_CONF['allow_user_photo'] == 1) {
$photo = USER_getPhoto($_USER['uid'], $A['photo'], $A['email'], -1);
if (empty($photo)) {
$preferences->set_var('display_photo', '');
} else {
if (empty($A['photo'])) {
// external avatar
$photo = '<br' . XHTML . '>' . $photo;
} else {
// uploaded photo - add delete option
$photo = '<br' . XHTML . '>' . $photo . '<br' . XHTML . '>' . $LANG04[79] . ' <input type="checkbox" name="delete_photo"' . XHTML . '>' . LB;
}
$preferences->set_var('display_photo', $photo);
}
if (empty($_CONF['image_lib'])) {
$scaling = $LANG04[162];
} else {
$scaling = $LANG04[161];
}
$preferences->set_var('photo_max_dimensions', sprintf($LANG04[160], $_CONF['max_photo_width'], $_CONF['max_photo_height'], $_CONF['max_photo_size'], $scaling));
$preferences->parse('userphoto_option', 'photo', true);
} else {
$preferences->set_var('userphoto_option', '');
}
$result = DB_query("SELECT about,pgpkey FROM {$_TABLES['userinfo']} WHERE uid = {$_USER['uid']}");
$A = DB_fetchArray($result);
$reqid = substr(md5(uniqid(rand(), 1)), 1, 16);
DB_change($_TABLES['users'], 'pwrequestid', $reqid, 'uid', $_USER['uid']);
$preferences->set_var('about_value', htmlspecialchars($A['about']));
$preferences->set_var('pgpkey_value', htmlspecialchars($A['pgpkey']));
$preferences->set_var('uid_value', $reqid);
$preferences->set_var('username_value', htmlspecialchars($_USER['username']));
if ($_CONF['allow_account_delete'] == 1) {
$preferences->set_var('lang_deleteaccount', $LANG04[156]);
$preferences->set_var('delete_text', $LANG04[95]);
$preferences->set_var('lang_button_delete', $LANG04[96]);
$preferences->set_var('delete_mode', 'confirmdelete');
$preferences->set_var('account_id', $reqid);
if (isset($LANG04[157])) {
$preferences->set_var('lang_deleteoption', $LANG04[157]);
} else {
$preferences->set_var('lang_deleteoption', $LANG04[156]);
}
$preferences->parse('delete_account_option', 'deleteaccount', false);
} else {
$preferences->set_var('delete_account_option', '');
}
// Call custom account form and edit function if enabled and exists
if ($_CONF['custom_registration'] and function_exists('CUSTOM_userEdit')) {
$preferences->set_var('customfields', CUSTOM_userEdit($_USER['uid']));
}
PLG_profileVariablesEdit($_USER['uid'], $preferences);
$retval = $preferences->finish($preferences->parse('output', 'profile'));
$retval .= PLG_profileBlocksEdit($_USER['uid']);
return $retval;
}
示例7: USER_userinfoPanel
function USER_userinfoPanel($U, $newuser = 0)
{
global $_CONF, $_SYSTEM, $_TABLES, $_USER, $LANG_MYACCOUNT, $LANG04;
$uid = $U['uid'];
// set template
$userform = new Template($_CONF['path_layout'] . 'admin/user/');
$userform->set_file('user', 'userinfopanel.thtml');
$userform->set_var(array('lang_personal_info_legend' => $LANG04[130], 'lang_userinfo_help_title' => $LANG04[148], 'lang_userinfo_help' => $LANG04[149], 'lang_homepage' => $LANG04[6], 'lang_location' => $LANG04[106], 'lang_signature' => $LANG04[32], 'lang_about' => $LANG04[7], 'lang_pgpkey' => $LANG04[8], 'lang_social_follow' => $LANG04[198], 'lang_social_info' => $LANG04[199], 'lang_social_service' => $LANG04[200], 'lang_social_username' => $LANG04[201]));
$follow_me = SOC_followMeProfile($uid);
if (is_array($follow_me) && count($follow_me) > 0) {
$userform->set_block('user', 'social_links', 'sl');
$userform->set_var('social_followme_enabled', true);
foreach ($follow_me as $service) {
$userform->set_var('service_display_name', $service['service_display_name']);
$userform->set_var('service', $service['service']);
$userform->set_var('service_username', $service['service_username']);
$userform->parse('sl', 'social_links', true);
}
} else {
$userform->unset_var('social_followme_enabled');
}
if ($_CONF['allow_user_photo'] == 1) {
$userform->set_var('lang_userphoto', $LANG04[77]);
}
$userform->set_var('homepage_value', @htmlspecialchars(COM_killJS($U['homepage']), ENT_NOQUOTES, COM_getEncodingt()));
$userform->set_var('location_value', @htmlspecialchars(strip_tags($U['location']), ENT_NOQUOTES, COM_getEncodingt()));
$userform->set_var('signature_value', @htmlspecialchars($U['sig'], ENT_NOQUOTES, COM_getEncodingt()));
$userform->set_var('about_value', @htmlspecialchars($U['about'], ENT_NOQUOTES, COM_getEncodingt()));
$userform->set_var('pgpkey_value', @htmlspecialchars($U['pgpkey'], ENT_NOQUOTES, COM_getEncodingt()));
if ($_CONF['allow_user_photo'] == 1) {
if (!empty($uid) && $uid > 1) {
$photo = USER_getPhoto($uid, $U['photo'], $U['email'], -1);
if (empty($photo)) {
$userform->set_var('display_photo', '');
} else {
if (empty($U['photo'])) {
// external avatar
$photo = '<br/>' . $photo;
} else {
// uploaded photo - add delete option
$photo = '<br/>' . $photo . '<br/>' . $LANG04[79] . ' <input type="checkbox" name="delete_photo"/>' . LB;
}
$userform->set_var('display_photo', $photo);
}
} else {
$userform->set_var('display_photo', '');
}
}
if (!empty($uid) && $uid > 1) {
$userform->set_var('plugin_userinfo_personalinfo', PLG_profileEdit($uid, 'userinfo', 'personalinfo'));
$userform->set_var('plugin_userinfo', PLG_profileEdit($uid, 'userinfo'));
if ($_CONF['custom_registration'] && function_exists('CUSTOM_userEdit')) {
$userform->set_var('customfields', CUSTOM_userEdit($uid));
}
}
$retval = $userform->finish($userform->parse('output', 'user'));
return $retval;
}
示例8: MG_saveCategory
function MG_saveCategory($cat_id)
{
global $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $_POST;
$update = 0;
$A['cat_id'] = COM_applyFilter($_POST['cat_id'], true);
// if ($_MG_CONF['htmlallowed'] == 1 ) {
// $A['cat_name'] = DB_escapeString(COM_checkHTML(COM_killJS($_POST['cat_name'])));
// $A['cat_description'] = DB_escapeString(COM_checkHTML(COM_killJS($_POST['cat_desc'])));
// } else {
$A['cat_name'] = DB_escapeString(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($_POST['cat_name'])))));
$A['cat_description'] = DB_escapeString(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($_POST['cat_desc'])))));
// }
if ($A['cat_name'] == "") {
return MG_errorHandler($LANG_MG01['category_error']);
}
$sql = "SELECT MAX(cat_order) + 1 AS nextcat_order FROM " . $_TABLES['mg_category'];
$result = DB_query($sql);
$row = DB_fetchArray($result);
if ($row == NULL || $result == NULL) {
$A['cat_order'] = 10;
} else {
$A['cat_order'] = $row['nextcat_order'];
if ($A['cat_order'] < 0) {
$A['cat_order'] = 10;
}
}
if ($A['cat_order'] == NULL) {
$A['cat_order'] = 10;
}
//
// -- Let's make sure we don't have any SQL overflows...
//
$A['cat_name'] = substr($A['cat_name'], 0, 254);
if ($A['cat_id'] == 0) {
COM_errorLog("Media Gallery Internal Error - cat_id = 0 - Contact support@glfusion.org ");
return MG_genericError($LANG_MG00['access_denied_msg']);
}
DB_save($_TABLES['mg_category'], "cat_id,cat_name,cat_description,cat_order", "'{$A['cat_id']}','{$A['cat_name']}','{$A['cat_description']}',{$A['cat_order']}");
echo COM_refresh($_MG_CONF['admin_url'] . 'category.php');
exit;
}
示例9: userprofile
//.........这里部分代码省略.........
}
if (isset($A['photo']) && empty($A['photo'])) {
$A['photo'] = '(none)';
// user does not have a photo
}
$lastlogin = $A['lastlogin'];
$lasttime = COM_getUserDateTimeFormat($lastlogin);
$photo = USER_getPhoto($user, $A['photo'], $A['email'], -1, 0);
$user_templates->set_var('user_photo', $photo);
$user_templates->set_var('lang_membersince', $LANG04[67]);
$user_templates->set_var('user_regdate', $A['regdate']);
if ($_CONF['lastlogin'] && $A['showonline']) {
$user_templates->set_var('lang_lastlogin', $LANG28[35]);
if (!empty($lastlogin)) {
$user_templates->set_var('user_lastlogin', $lasttime[0]);
} else {
$user_templates->set_var('user_lastlogin', $LANG28[36]);
}
}
if ($A['showonline']) {
if (DB_count($_TABLES['sessions'], 'uid', (int) $user)) {
$user_templates->set_var('online', 'online');
}
}
$user_templates->set_var('lang_email', $LANG04[5]);
$user_templates->set_var('user_id', $user);
if ($A['email'] == '' || $A['emailfromuser'] == 0) {
$user_templates->set_var('email_option', '');
} else {
$user_templates->set_var('lang_sendemail', $LANG04[81]);
$user_templates->parse('email_option', 'email', true);
}
$user_templates->set_var('lang_homepage', $LANG04[6]);
$user_templates->set_var('user_homepage', COM_killJS($A['homepage']));
$user_templates->set_var('lang_location', $LANG04[106]);
$user_templates->set_var('user_location', strip_tags($A['location']));
$user_templates->set_var('lang_online', $LANG04[160]);
$user_templates->set_var('lang_bio', $LANG04[7]);
$user_templates->set_var('user_bio', nl2br($A['about']));
$user_templates->set_var('follow_me', SOC_getFollowMeIcons($user, 'follow_user_profile.thtml'));
$user_templates->set_var('lang_pgpkey', $LANG04[8]);
$user_templates->set_var('user_pgp', nl2br($A['pgpkey']));
$user_templates->set_var('start_block_last10stories', COM_startBlock($LANG04[82] . ' ' . $display_name));
if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
$user_templates->set_var('start_block_last10comments', COM_startBlock($LANG04[10] . ' ' . $display_name));
}
$user_templates->set_var('start_block_postingstats', COM_startBlock($LANG04[83] . ' ' . $display_name));
$user_templates->set_var('lang_title', $LANG09[16]);
$user_templates->set_var('lang_date', $LANG09[17]);
// for alternative layouts: use these as headlines instead of block titles
$user_templates->set_var('headline_last10stories', $LANG04[82] . ' ' . $display_name);
if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
$user_templates->set_var('headline_last10comments', $LANG04[10] . ' ' . $display_name);
}
$user_templates->set_var('headline_postingstats', $LANG04[83] . ' ' . $display_name);
$result = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL());
$nrows = DB_numRows($result);
$tids = array();
for ($i = 0; $i < $nrows; $i++) {
$T = DB_fetchArray($result);
$tids[] = $T['tid'];
}
$topics = "'" . implode("','", $tids) . "'";
// list of last 10 stories by this user
if (sizeof($tids) > 0) {
$sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = '" . (int) $user . "') AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
示例10: MG_saveAlbum
/**
* saves the specified album information
*
* @param int album_id album_id to edit
* @return string HTML
*
*/
function MG_saveAlbum($album_id, $actionURL = '')
{
global $_DB_dbms, $MG_albums, $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $_POST;
$update = 0;
if (isset($_POST['album_id'])) {
$aid = COM_applyFilter($_POST['album_id'], true);
} else {
$aid = 0;
}
if (isset($_POST['force_child_update'])) {
$forceChildPermUpdate = COM_applyFilter($_POST['force_child_update'], true);
} else {
$forceChildPermUpdate = 0;
}
$thumb = $_FILES['thumbnail'];
$thumbnail = $thumb['tmp_name'];
if (isset($_POST['attach_tn'])) {
$att = COM_applyFilter($_POST['attach_tn']);
} else {
$att = 0;
}
if ($aid > 0) {
// should be 0 or negative 1 for create
$album = $MG_albums[$aid];
$oldparent = $album->parent;
$old_tn_attached = $album->tn_attached;
$old_featured = $album->featured;
$update = 1;
} else {
$album = new mgAlbum();
$album->id = $aid;
$update = 0;
$old_tn_attached = 0;
}
if ($_MG_CONF['htmlallowed'] == 1) {
$album->title = COM_checkHTML(COM_killJS($_POST['album_name']));
$album->description = COM_checkHTML(COM_killJS($_POST['album_desc']));
} else {
$album->title = htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($_POST['album_name']))));
$album->description = htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($_POST['album_desc']))));
}
if ($album->title == "") {
return MG_errorHandler("You must enter an Album Name");
}
$album->parent = COM_applyFilter($_POST['parentaid'], true);
// we should not need this
if (isset($_POST['hidden'])) {
$album->hidden = COM_applyFilter($_POST['hidden'], true);
} else {
$album->hidden = 0;
}
$album->cover = COM_applyFilter($_POST['cover']);
$album->cover_filename = COM_applyFilter($_POST['album_cover_filename']);
if (isset($_POST['enable_album_views'])) {
$album->enable_album_views = COM_applyFilter($_POST['enable_album_views'], true);
} else {
$album->enable_album_views = 0;
}
$album->image_skin = COM_applyFilter($_POST['skin']);
$album->album_skin = COM_applyFilter($_POST['askin']);
$album->display_skin = COM_applyFilter($_POST['dskin']);
if (isset($_POST['display_album_desc'])) {
$album->display_album_desc = COM_applyFilter($_POST['display_album_desc'], true);
} else {
$album->display_album_desc = 0;
}
if (isset($_POST['enable_comments'])) {
$album->enable_comments = COM_applyFilter($_POST['enable_comments'], true);
} else {
$album->enable_comments = 0;
}
$album->exif_display = COM_applyFilter($_POST['enable_exif'], true);
if (isset($_POST['enable_rating'])) {
$album->enable_rating = COM_applyFilter($_POST['enable_rating'], true);
} else {
$album->enable_rating = 0;
}
$album->playback_type = COM_applyFilter($_POST['playback_type'], true);
$album->tn_attached = isset($_POST['attach_tn']) ? COM_applyFilter($_POST['attach_tn'], true) : 0;
$album->enable_slideshow = COM_applyFilter($_POST['enable_slideshow'], true);
if (isset($_POST['enable_random'])) {
$album->enable_random = COM_applyFilter($_POST['enable_random'], true);
} else {
$album->enable_random = 0;
}
if (isset($_POST['enable_shutterfly'])) {
$album->enable_shutterfly = COM_applyFilter($_POST['enable_shutterfly'], true);
} else {
$album->enable_shutterfly = 0;
}
if (isset($_POST['enable_views'])) {
$album->enable_views = COM_applyFilter($_POST['enable_views'], true);
} else {
//.........这里部分代码省略.........
示例11: ppFilterText
function ppFilterText($parameter)
{
// Need to call addslashes again as COM_checkHTML stips it out
$var = COM_checkHTML($parameter);
$var = COM_checkWords($var);
$var = COM_killJS($var);
$var = addslashes($var);
return $var;
}
示例12: USER_showProfile
//.........这里部分代码省略.........
$user_templates->set_var('edit_link', '');
$user_templates->set_var('user_edit', '');
} elseif (!COM_isAnonUser() && $_USER['uid'] == $uid) {
$edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG01[48] . '" title="' . $LANG01[48] . '"' . XHTML . '>';
$edit_link_url = COM_createLink($edit_icon, $_CONF['site_url'] . '/usersettings.php');
$user_templates->set_var('edit_icon', $edit_icon);
$user_templates->set_var('edit_link', $edit_link_url);
$user_templates->set_var('user_edit', $edit_link_url);
} elseif (SEC_hasRights('user.edit')) {
$edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG_ADMIN['edit'] . '" title="' . $LANG_ADMIN['edit'] . '"' . XHTML . '>';
$edit_link_url = COM_createLink($edit_icon, "{$_CONF['site_admin_url']}/user.php?mode=edit&uid={$A['uid']}");
$user_templates->set_var('edit_icon', $edit_icon);
$user_templates->set_var('edit_link', $edit_link_url);
$user_templates->set_var('user_edit', $edit_link_url);
}
if (isset($A['photo']) && empty($A['photo'])) {
$A['photo'] = '(none)';
// user does not have a photo
}
$photo = USER_getPhoto($uid, $A['photo'], $A['email'], -1);
$user_templates->set_var('user_photo', $photo);
$user_templates->set_var('lang_membersince', $LANG04[67]);
$user_templates->set_var('user_regdate', $A['regdate']);
$user_templates->set_var('lang_email', $LANG04[5]);
$user_templates->set_var('user_id', $uid);
$user_templates->set_var('uid', $uid);
if ($A['email'] != '') {
$user_templates->set_var('lang_sendemail', $LANG04[81]);
$user_templates->parse('email_option', 'email', true);
} else {
$user_templates->set_var('email_option', '');
}
$user_templates->set_var('lang_homepage', $LANG04[6]);
$user_templates->set_var('user_homepage', COM_killJS($A['homepage']));
$user_templates->set_var('lang_location', $LANG04[106]);
$user_templates->set_var('user_location', strip_tags($A['location']));
$user_templates->set_var('lang_bio', $LANG04[7]);
$user_templates->set_var('user_bio', COM_nl2br(stripslashes($A['about'])));
$user_templates->set_var('lang_pgpkey', $LANG04[8]);
$user_templates->set_var('user_pgp', COM_nl2br($A['pgpkey']));
$user_templates->set_var('start_block_last10stories', COM_startBlock($LANG04[82] . ' ' . $display_name));
$user_templates->set_var('start_block_last10comments', COM_startBlock($LANG04[10] . ' ' . $display_name));
$user_templates->set_var('start_block_postingstats', COM_startBlock($LANG04[83] . ' ' . $display_name));
$user_templates->set_var('lang_title', $LANG09[16]);
$user_templates->set_var('lang_date', $LANG09[17]);
// for alternative layouts: use these as headlines instead of block titles
$user_templates->set_var('headline_last10stories', $LANG04[82]);
$user_templates->set_var('headline_last10comments', $LANG04[10]);
$user_templates->set_var('headline_postingstats', $LANG04[83]);
$tids = TOPIC_getList(0, true, false);
$topics = "'" . implode("','", $tids) . "'";
// list of last 10 stories by this user
if (count($tids) > 0) {
$sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate\n FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta\n WHERE (uid = {$uid}) AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND') . "\n AND ta.type = 'article' AND ta.id = sid AND ta.tdefault = 1\n ORDER BY unixdate DESC LIMIT 10";
$result = DB_query($sql);
$numRows = DB_numRows($result);
} else {
$numRows = 0;
}
if ($numRows > 0) {
for ($i = 0; $i < $numRows; $i++) {
$C = DB_fetchArray($result);
$user_templates->set_var('cssid', $i % 2 + 1);
$user_templates->set_var('row_number', $i + 1 . '.');
$articleUrl = COM_buildURL($_CONF['site_url'] . '/article.php?story=' . $C['sid']);
$user_templates->set_var('article_url', $articleUrl);
示例13: _MG_getFile
//.........这里部分代码省略.........
if ($_MG_CONF['discard_original'] == 1) {
$quota += @filesize($_MG_CONF['path_mediaobjects'] . 'orig/' . $media_filename[0] . '/' . $media_filename . '.' . $mimeExt);
$quota += @filesize($_MG_CONF['path_mediaobjects'] . 'disp/' . $media_filename[0] . '/' . $media_filename . '.jpg');
} else {
$quota += @filesize($_MG_CONF['path_mediaobjects'] . 'orig/' . $media_filename[0] . '/' . $media_filename . '.' . $mimeExt);
}
DB_query("UPDATE {$_TABLES['mg_albums']} SET album_disk_usage=" . $quota . " WHERE album_id=" . $albums);
if ($errors) {
@unlink($tmpPath);
return array(false, $errMsg);
}
if (($mimeType != 'application/zip' || $_MG_CONF['zip_enabled'] == 0) && $errors == 0) {
// Now we need to process an uploaded thumbnail
if ($gotTN == 1) {
$mp3TNFilename = $_MG_CONF['tmp_path'] . '/mp3tn' . time() . '.jpg';
$fn = fopen($mp3TNFilename, "w");
fwrite($fn, $mp3AttachdedThumbnail);
fclose($fn);
$saveThumbnailName = $_MG_CONF['path_mediaobjects'] . 'tn/' . $media_filename[0] . '/tn_' . $media_filename;
MG_attachThumbnail($albums, $mp3TNFilename, $saveThumbnailName);
@unlink($mp3TNFilename);
$atttn = 1;
} else {
if ($atttn == 1) {
$saveThumbnailName = $_MG_CONF['path_mediaobjects'] . 'tn/' . $media_filename[0] . '/tn_' . $media_filename;
MG_attachThumbnail($albums, $thumbnail, $saveThumbnailName);
}
}
if ($video_attached_thumbnail) {
$atttn = 1;
}
if ($MG_albums[$albums]->enable_html != 1) {
// if ($_MG_CONF['htmlallowed'] != 1 ) {
$media_desc = DB_escapeString(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($description)))));
$media_caption = DB_escapeString(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($caption)))));
$media_keywords = DB_escapeString(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($keywords)))));
} else {
$media_desc = DB_escapeString(COM_checkHTML(COM_killJS($description)));
$media_caption = DB_escapeString(COM_checkHTML(COM_killJS($caption)));
$media_keywords = DB_escapeString(COM_checkHTML(COM_killJS($keywords)));
}
// Check and see if moderation is on. If yes, place in mediasubmission
if ($MG_albums[$albums]->moderate == 1 && !$MG_albums[0]->owner_id) {
$tableMedia = $_TABLES['mg_mediaqueue'];
$tableMediaAlbum = $_TABLES['mg_media_album_queue'];
$queue = 1;
} else {
$tableMedia = $_TABLES['mg_media'];
$tableMediaAlbum = $_TABLES['mg_media_albums'];
$queue = 0;
}
$original_filename = DB_escapeString($file);
if ($MG_albums[$albums]->filename_title) {
if ($media_caption == '') {
$pos = strrpos($original_filename, '.');
if ($pos === false) {
$media_caption = $original_filename;
} else {
$media_caption = substr($original_filename, 0, $pos);
}
}
}
$resolution_x = 0;
$resolution_y = 0;
// try to find a resolution if video...
if ($mediaType == 1) {
示例14: MG_saveCategory
function MG_saveCategory($cat_id)
{
global $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG02;
$update = 0;
$A['cat_id'] = COM_applyFilter($_POST['cat_id'], true);
if ($_MG_CONF['htmlallowed'] == 1) {
$A['cat_name'] = addslashes(COM_checkHTML(COM_killJS($_POST['cat_name'])));
$A['cat_description'] = addslashes(COM_checkHTML(COM_killJS($_POST['cat_desc'])));
} else {
$A['cat_name'] = addslashes(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($_POST['cat_name'])))));
$A['cat_description'] = addslashes(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($_POST['cat_desc'])))));
}
if (empty($A['cat_name'])) {
return COM_showMessageText($LANG_MG01['category_error'] . ' [ <a href=\'javascript:history.go(-1)\'>' . $LANG_MG02['go_back'] . '</a> ]');
}
$sql = "SELECT MAX(cat_order) + 1 AS nextcat_order FROM " . $_TABLES['mg_category'];
$result = DB_query($sql);
$row = DB_fetchArray($result);
if ($row == NULL || $result == NULL) {
$A['cat_order'] = 10;
} else {
$A['cat_order'] = $row['nextcat_order'];
if ($A['cat_order'] < 0) {
$A['cat_order'] = 10;
}
}
if ($A['cat_order'] == NULL) {
$A['cat_order'] = 10;
}
//
// -- Let's make sure we don't have any SQL overflows...
//
$A['cat_name'] = substr($A['cat_name'], 0, 254);
if ($A['cat_id'] == 0) {
COM_errorLog("Media Gallery Internal Error - cat_id = 0 - Contact mark@gllabs.org ");
return COM_showMessageText($LANG_MG00['access_denied_msg']);
}
DB_save($_TABLES['mg_category'], "cat_id,cat_name,cat_description,cat_order", "'{$A['cat_id']}','{$A['cat_name']}','{$A['cat_description']}',{$A['cat_order']}");
echo COM_refresh($_MG_CONF['admin_url'] . 'category.php');
exit;
}
示例15: MG_watermarkUploadSave
//.........这里部分代码省略.........
COM_errorLog('Media Gallery Error - ' . $tmpmsg);
break;
case 2:
$tmpmsg = sprintf($LANG_MG02['upload_too_big_html'], $filename);
$statusMsg .= $tmpmsg . '<br' . XHTML . '>';
COM_errorLog('Media Gallery Error - ' . $tmpmsg);
break;
case 3:
$tmpmsg = sprintf($LANG_MG02['partial_upload'], $filename);
$statusMsg .= $tmpmsg . '<br' . XHTML . '>';
COM_errorLog('Media Gallery Error - ' . $tmpmsg);
break;
case 4:
$tmpmsg = $LANG_MG02['no_file_uploaded'];
$statusMsg .= $tmpmsg . '<br' . XHTML . '>';
COM_errorLog('Media Gallery Error - ' . $tmpmsg);
break;
case 6:
$statusMsg .= $LANG_MG02['missing_tmp'] . '<br' . XHTML . '>';
break;
case 7:
$statusMsg .= $LANG_MG02['disk_fail'] . '<br' . XHTML . '>';
break;
default:
$statusMsg .= $LANG_MG02['unknown_err'] . '<br' . XHTML . '>';
break;
}
continue;
}
$uid = $_USER['uid'];
if ($public == 1) {
$uid = 0;
}
//This will set the Content-Type to the appropriate setting for the file
$file_extension = strtolower(substr(strrchr($filename, "."), 1));
switch ($file_extension) {
case "png":
$filetype = "image/png";
break;
case "jpg":
$filetype = "image/jpeg";
break;
case "gif":
$filetype = "image/gif";
break;
default:
$statusMsg .= $filename . $LANG_MG02['unsupported_wm_type'];
continue;
break;
}
$sql = "SELECT MAX(wm_id) + 1 AS nextwm_id FROM " . $_TABLES['mg_watermarks'];
$result = DB_query($sql);
$row = DB_fetchArray($result);
$wm_id = $row['nextwm_id'];
if ($wm_id < 1) {
$wm_id = 1;
}
if ($wm_id == 0) {
COM_errorLog("Media Gallery Error - Returned 0 as wm_id");
$wm_id = 1;
}
$wm_filename = $_MG_CONF['path_html'] . 'watermarks/' . $uid . '_' . $filename;
if (file_exists($wm_filename)) {
$statusMsg .= sprintf($LANG_MG02['wm_already_exists'], $filename);
} else {
$rc = move_uploaded_file($filetmp, $wm_filename);
if ($rc != 1) {
COM_errorLog("Media Upload - Error moving uploaded file....rc = " . $rc);
$statusMsg .= sprintf($LANG_MG02['move_error'], $filename);
} else {
chmod($wm_filename, 0644);
$media_title_safe = substr($description, 0, 254);
if ($_MG_CONF['htmlallowed'] != 1) {
$media_title = addslashes(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($media_title_safe)))));
} else {
$media_title = addslashes(htmlspecialchars(COM_checkHTML(COM_checkWords(COM_killJS($media_title_safe)))));
}
$saveFileName = addslashes($uid . '_' . $filename);
$sql = "INSERT INTO {$_TABLES['mg_watermarks']} (wm_id,owner_id,filename,description)\n VALUES ({$wm_id},'{$uid}','{$saveFileName}','{$media_title}')";
DB_query($sql);
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: Updating Album information");
}
if (DB_error()) {
COM_errorLog("MediaGallery: Error inserting watermark data into database");
@unlink($wm_filename);
$statusMsg .= $filename . " - " . DB_error();
} else {
$statusMsg .= $filename . $LANG_MG02['wm_success'];
}
}
}
}
$T->set_var('status_message', $statusMsg);
$tmp = $_MG_CONF['site_url'] . '/admin.php?album_id=0&mode=wmmanage';
$redirect = sprintf($LANG_MG01['watermark_redirect'], $tmp);
$T->set_var('redirect', $redirect);
$retval .= $T->finish($T->parse('output', 'mupload'));
return $retval;
}