Commit cba169c5 authored by lrargerich's avatar lrargerich

Rolling rolling rolling rolling ...

parent d3d507bb
......@@ -41,6 +41,7 @@ tiki/Smarty/plugins/function.gallery.php -text
tiki/Smarty/plugins/function.html_options.php -text
tiki/Smarty/plugins/function.html_select_date.php -text
tiki/Smarty/plugins/function.html_select_time.php -text
tiki/Smarty/plugins/function.mailto.php -text
tiki/Smarty/plugins/function.math.php -text
tiki/Smarty/plugins/function.menu.php -text
tiki/Smarty/plugins/function.poll.php -text
......@@ -83,6 +84,7 @@ tiki/Smarty/plugins/modifier.times.php -text
tiki/Smarty/plugins/modifier.truncate.php -text
tiki/Smarty/plugins/modifier.upper.php -text
tiki/Smarty/plugins/modifier.wordwrap.php -text
tiki/Smarty/plugins/outputfilter.trimwhitespace.php -text
tiki/Smarty/plugins/shared.make_timestamp.php -text
tiki/article_image.php -text
tiki/backups/license.txt -text
......@@ -1059,6 +1061,9 @@ tiki/modules/cache/.cvsignore -text
tiki/modules/cache/license.txt -text
tiki/modules/mod-breadcrumb.php -text
tiki/modules/mod-comm_received_objects.php -text
tiki/modules/mod-directory_last_sites.php -text
tiki/modules/mod-directory_stats.php -text
tiki/modules/mod-directory_top_sites.php -text
tiki/modules/mod-featured_links.php -text
tiki/modules/mod-forums_best_voted_topics.php -text
tiki/modules/mod-forums_last_topics.php -text
......@@ -1186,6 +1191,9 @@ tiki/templates/modules/mod-breadcrumb.tpl.nocache -text
tiki/templates/modules/mod-calendar.tpl -text
tiki/templates/modules/mod-calendar.tpl.nocache -text
tiki/templates/modules/mod-comm_received_objects.tpl -text
tiki/templates/modules/mod-directory_last_sites.tpl -text
tiki/templates/modules/mod-directory_stats.tpl -text
tiki/templates/modules/mod-directory_top_sites.tpl -text
tiki/templates/modules/mod-featured_links.tpl -text
tiki/templates/modules/mod-forums_best_voted_topics.tpl -text
tiki/templates/modules/mod-forums_last_topics.tpl -text
......@@ -1325,6 +1333,7 @@ tiki/templates/tiki-change_password.tpl -text
tiki/templates/tiki-chat.tpl -text
tiki/templates/tiki-chat_box.tpl -text
tiki/templates/tiki-chatroom.tpl -text
tiki/templates/tiki-contact.tpl -text
tiki/templates/tiki-custom_home.tpl -text
tiki/templates/tiki-custom_home_2.tpl -text
tiki/templates/tiki-directory_add_site.tpl -text
......@@ -1501,6 +1510,7 @@ tiki/tiki-chat_loader.php -text
tiki/tiki-chat_users.php -text
tiki/tiki-chatroom.php -text
tiki/tiki-cms_rankings.php -text
tiki/tiki-contact.php -text
tiki/tiki-custom_home.php -text
tiki/tiki-directory_add_site.php -text
tiki/tiki-directory_admin.php -text
......
<?php
/*
* Smarty plugin
* -------------------------------------------------------------
* Type: function
* Name: mailto
* Version: 1.2
* Date: May 21, 2002
* Author: Monte Ohrt <[email protected]>
* Credits: Jason Sweat (added cc, bcc and subject functionality)
* Purpose: automate mailto address link creation, and optionally
* encode them.
* Input: address = e-mail address
* text = (optional) text to display, default is address
* encode = (optional) can be one of:
* none : no encoding (default)
* javascript : encode with javascript
* hex : encode with hexidecimal (no javascript)
* cc = (optional) address(es) to carbon copy
* bcc = (optional) address(es) to blind carbon copy
* subject = (optional) e-mail subject
* newsgroups = (optional) newsgroup(s) to post to
* followupto = (optional) address(es) to follow up to
* extra = (optional) extra tags for the href link
*
* Examples: {mailto address="[email protected]"}
* {mailto address="[email protected]" encode="javascript"}
* {mailto address="[email protected]" encode="hex"}
* {mailto address="[email protected]" subject="Hello to you!"}
* {mailto address="[email protected]" cc="[email protected],[email protected]"}
* {mailto address="[email protected]" extra='class="mailto"'}
* -------------------------------------------------------------
*/
function smarty_function_mailto($params, &$smarty)
{
extract($params);
if (empty($address)) {
$smarty->trigger_error("mailto: missing 'address' parameter");
return;
}
if (empty($text)) {
$text = $address;
}
// netscape and mozilla do not decode %40 (@) in BCC field (bug?)
// so, don't encode it.
$mail_parms = array();
if (!empty($cc)) {
$mail_parms[] = 'cc='.str_replace('%40','@',rawurlencode($cc));
}
if (!empty($bcc)) {
$mail_parms[] = 'bcc='.str_replace('%40','@',rawurlencode($bcc));
}
if (!empty($subject)) {
$mail_parms[] = 'subject='.rawurlencode($subject);
}
if (!empty($newsgroups)) {
$mail_parms[] = 'newsgroups='.rawurlencode($newsgroups);
}
if (!empty($followupto)) {
$mail_parms[] = 'followupto='.str_replace('%40','@',rawurlencode($followupto));
}
for ($i=0; $i<count($mail_parms); $i++) {
$mail_parm_vals .= (0==$i) ? '?' : '&';
$mail_parm_vals .= $mail_parms[$i];
}
$address .= $mail_parm_vals;
if (empty($encode)) {
$encode = 'none';
} elseif (!in_array($encode,array('javascript','hex','none')) ) {
$smarty->trigger_error("mailto: 'encode' parameter must be none, javascript or hex");
return;
}
if ($encode == 'javascript' ) {
$string = 'document.write(\'<a href="mailto:'.$address.'" '.$extra.'>'.$text.'</a>\');';
for ($x=0; $x < strlen($string); $x++) {
$js_encode .= '%' . bin2hex($string[$x]);
}
return '<SCRIPT language="javascript">eval(unescape(\''.$js_encode.'\'))</SCRIPT>';
} elseif ($encode == 'hex') {
preg_match('!^(.*)(\?.*)$!',$address,$match);
if(!empty($match[2])) {
$smarty->trigger_error("mailto: hex encoding does not work with extra attributes. Try javascript.");
return;
}
for ($x=0; $x < strlen($address); $x++) {
if(preg_match('!\w!',$address[$x])) {
$address_encode .= '%' . bin2hex($address[$x]);
} else {
$address_encode .= $address[$x];
}
}
for ($x=0; $x < strlen($text); $x++) {
$text_encode .= '&#x' . bin2hex($text[$x]).';';
}
return '<a href="mailto:'.$address_encode.'" '.$extra.'>'.$text_encode.'</a>';
} else {
// no encoding
return '<a href="mailto:'.$address.'" '.$extra.'>'.$text.'</a>';
}
}
/* vim: set expandtab: */
?>
<?php
/*
* Smarty plugin
* -------------------------------------------------------------
* File: outputfilter.trimwhitespace.php
* Type: outputfilter
* Name: trimwhitespace
* Version: 1.3
* Date: Jan 25, 2003
* Purpose: trim leading white space and blank lines from
* template source after it gets interpreted, cleaning
* up code and saving bandwidth. Does not affect
* <PRE></PRE> and <SCRIPT></SCRIPT> blocks.
* Install: Drop into the plugin directory, call
* $smarty->load_filter('output','trimwhitespace');
* from application.
* Author: Monte Ohrt <[email protected]>
* Contribs: Lars Noschinski <[email protected]>
* -------------------------------------------------------------
*/
function smarty_outputfilter_trimwhitespace($source, &$smarty)
{
// Pull out the script blocks
preg_match_all("!<script[^>]+>.*?</script>!is", $source, $match);
$_script_blocks = $match[0];
$source = preg_replace("!<script[^>]+>.*?</script>!is",
'@@@SMARTY:TRIM:[email protected]@@', $source);
// Pull out the pre blocks
preg_match_all("!<pre>.*?</pre>!is", $source, $match);
$_pre_blocks = $match[0];
$source = preg_replace("!<pre>.*?</pre>!is",
'@@@SMARTY:TRIM:[email protected]@@', $source);
// Pull out the textarea blocks
preg_match_all("!<textarea[^>]+>.*?</textarea>!is", $source, $match);
$_textarea_blocks = $match[0];
$source = preg_replace("!<textarea[^>]+>.*?</textarea>!is",
'@@@SMARTY:TRIM:[email protected]@@', $source);
// remove all leading spaces, tabs and carriage returns NOT
// preceeded by a php close tag.
$source = trim(preg_replace('/((?<!\?>)\n)[\s]+/m', '\1', $source));
// replace script blocks
foreach($_script_blocks as $curr_block) {
$source = preg_replace("[email protected]@@SMARTY:TRIM:[email protected]@@!",$curr_block,$source,1);
}
// replace pre blocks
foreach($_pre_blocks as $curr_block) {
$source = preg_replace("[email protected]@@SMARTY:TRIM:[email protected]@@!",$curr_block,$source,1);
}
// replace textarea blocks
foreach($_textarea_blocks as $curr_block) {
$source = preg_replace("[email protected]@@SMARTY:TRIM:[email protected]@@!",$curr_block,$source,1);
}
return $source;
}
?>
Version 1.6 -TBD-
* [NEW] Permissions interface improved supporting multiple permission settings in one operation (the famous
checkboxes are here)
* [NEW] Permission levels added to the permissions, allowing the admin to classify permissions by level and
then assign/remove all the permissions in some level to a group
* [NEW] Who is online module added displaying a list of registered users currently online
* [NEW] Tooltips added when text is truncated
* [NEW] Optional remember-me feature added to the login box. The lifetime of the cookie can be configured.
* [NEW] Contact-us feature added showing the user an option to send a message to the admin unser (configurable)
and an option to send an email to admin.
* [NEW] Inter-user messaging added, users can read,write messages to other Tiki users.
* [NEW] User information page added to see information about a user. The user can make his information
public/private from his user preferences
* [NEW] Tiki tags are now allowed in FAQ answers
* [NEW] Smarty version distributed with Tiki upgraded to 2.4.3
* [NEW] Caching mechanism for wiki pages. Wiki pages can be cached for a specified time before they have to be
parsed again by the wiki engine. This does not affect undos,rollbacks and edits that are inmediately reflected.
This option can be turned on/off. For sites using large or complex wiki pages it can show a good performance
improvement.
* [NEW] Directory feature added to Tiki. Links can be organized in categories, users can add links to be validated
by admin, many options for display and functionality.
* [NEW] "su" option added to let admin login as any user once logged as admin, in this way he can configure or
......
# $Id: fulltext.sql,v 1.1 2002-12-26 03:25:51 rossta Exp $
# $Id: fulltext.sql,v 1.2 2003-02-22 22:34:27 lrargerich Exp $
ALTER TABLE tiki_pages MODIFY data text;
CREATE FULLTEXT INDEX ft ON tiki_pages (pageName,data);
......@@ -12,3 +12,4 @@ CREATE FULLTEXT INDEX ft ON tiki_blogs (title,description);
ALTER TABLE tiki_articles MODIFY body text;
CREATE FULLTEXT INDEX ft ON tiki_articles (title,heading,body);
CREATE FULLTEXT INDEX ft ON tiki_blog_posts (data);
CREATE FULLTEXT INDEX ft ON tiki_directory_sites (name,description);
\ No newline at end of file
## THIS FILE IS JUST A HELP FOR DEVELOPERS IT SHOULDNT BE USED IN A 1.5 DISTRIBUTION
CREATE FULLTEXT INDEX ft ON tiki_directory_sites (name,description);
### Inter-user messages
INSERT INTO users_permissions(permName,type,permDesc) VALUES ('tiki_p_messages','messu','Can use the messaging system');
......
......@@ -25,8 +25,8 @@ class Messu extends Tikilib {
$from = addslashes($from);
$to = addslashes($to);
$cc = addslashes($cc);
$subject = addslashes($subject);
$body = strip_tags(addslashes($body));
$subject = strip_tags(addslashes($subject));
$body = strip_tags(addslashes($body),'<a><b><img><i>');
// Prevent duplicates
$hash = md5($subject.$body);
if($this->getOne("select count(*) from messu_messages where user='$user' and user_from='$from' and hash='$hash'")) {
......@@ -90,6 +90,7 @@ class Messu extends Tikilib {
$ret = Array();
while($res = $result->fetchRow(DB_FETCHMODE_ASSOC)) {
$res["len"]=strlen($res["body"]);
if(empty($res['subject'])) $res['subject']=tra('NONE');
$ret[] = $res;
}
$retval = Array();
......@@ -159,6 +160,8 @@ class Messu extends Tikilib {
$query = "select * from messu_messages where user='$user' and msgId='$msgId'";
$result = $this->query($query);
$res = $result->fetchRow(DB_FETCHMODE_ASSOC);
$res['parsed']=$this->parse_data($res['body']);
if(empty($res['subject'])) $res['subject']=tra('NONE');
return $res;
}
......
......@@ -126,6 +126,22 @@ class SearchLib Extends TikiLib {
);
return $this->_find($search_faqs, $words, $offset, $maxRecords, $fulltext);
}
function find_directory($words='',$offset=0,$maxRecords=-1, $fulltext = false)
{
static $search_directory = array(
'from' => 'tiki_directory_sites',
'name' => 'name',
'data' => 'description',
'hits' => 'hits',
'lastModif' => 'lastModif',
'href' => 'tiki-directory_redirect.php?siteId=%d',
'id' => array('siteId'),
'pageName' => 'name',
'search' => array(),
);
return $this->_find($search_directory, $words, $offset, $maxRecords, $fulltext);
}
function find_images($words='',$offset=0,$maxRecords=-1, $fulltext = false)
{
......
......@@ -827,6 +827,7 @@ class TikiLib {
function list_html_page_content($pageName,$offset,$maxRecords,$sort_mode,$find)
{
$pageName = addslashes($pageName);
$sort_mode = str_replace("_"," ",$sort_mode);
if($find) {
$mid=" where pageName='$pageName' and (name like '%".$find."%' or content like '%".$find."%')";
......@@ -923,6 +924,7 @@ class TikiLib {
function remove_html_page_content($pageName,$zone)
{
$pageName = addslashes($pageName);
$query = "delete from tiki_html_pages_dynamic_zones where pageName='$pageName' and zone='$zone'";
$result = $this->query($query);
return true;
......@@ -930,6 +932,7 @@ class TikiLib {
function get_html_page($pageName)
{
$pageName = addslashes($pageName);
$query = "select * from tiki_html_pages where pageName='$pageName'";
$result = $this->query($query);
if(!$result->numRows()) return false;
......@@ -939,6 +942,7 @@ class TikiLib {
function get_html_page_content($pageName,$zone)
{
$pageName = addslashes($pageName);
$query = "select * from tiki_html_pages_dynamic_zones where pageName='$pageName' and zone='$zone'";
$result = $this->query($query);
if(!$result->numRows()) return false;
......@@ -1833,6 +1837,7 @@ class TikiLib {
$cant = $this->getOne($query_cant);
$ret = Array();
while($res = $result->fetchRow(DB_FETCHMODE_ASSOC)) {
$res['parsed'] = $this->parse_data($res['answer']);
$ret[] = $res;
}
$retval = Array();
......@@ -2988,6 +2993,7 @@ class TikiLib {
function receive_page($pageName,$data,$comment,$site,$user,$description)
{
$data = addslashes($data);
$pageNAme = addslashes($pageName);
$comment = addslashes($comment);
$description = addslashes($description);
$now = date("U");
......@@ -3305,7 +3311,7 @@ class TikiLib {
function replace_rss_module($rssId, $name, $description, $url, $refresh)
{
if($this->rss_module_name_exists($name)) return false;
//if($this->rss_module_name_exists($name)) return false;
$description = addslashes($description);
$name = addslashes($name);
// Check the name
......@@ -6085,12 +6091,14 @@ ImageSetPixel ($dst_img, $i + $dst_x - $src_x, $j + $dst_y - $src_y, ImageColorC
function vote_page($page, $points)
{
$page = addslashes($page);
$query = "update pages set points=points+$points, votes=votes+1 where pageName='$page'";
$result = $this->query($query);
}
function get_votes($page)
{
{
$page = addslashes($page);
$query = "select points,votes from pages where pageName='$page'";
$result = $this->query($query);
$res = $result->fetchRow(DB_FETCHMODE_ASSOC);
......@@ -6599,6 +6607,7 @@ ImageSetPixel ($dst_img, $i + $dst_x - $src_x, $j + $dst_y - $src_y, ImageColorC
// Removes a specific version of a page
function remove_version($page,$version,$comment='')
{
$page = addslashes($page);
$query="delete from tiki_history where pageName='$page' and version='$version'";
$result=$this->query($query);
$action="Removed version $version";
......@@ -6611,6 +6620,7 @@ ImageSetPixel ($dst_img, $i + $dst_x - $src_x, $j + $dst_y - $src_y, ImageColorC
// Removes all the versions of a page and the page itself
function remove_all_versions($page,$comment='')
{
$page = addslashes($page);
$this->invalidate_cache($page);
$query = "delete from tiki_pages where pageName = '$page'";
$result = $this->query($query);
......@@ -6628,6 +6638,7 @@ ImageSetPixel ($dst_img, $i + $dst_x - $src_x, $j + $dst_y - $src_y, ImageColorC
function use_version($page,$version,$comment='')
{
$page = addslashes($page);
$this->invalidate_cache($page);
$query = "select * from tiki_history where pageName='$page' and version='$version'";
$result=$this->query($query);
......@@ -6656,6 +6667,7 @@ ImageSetPixel ($dst_img, $i + $dst_x - $src_x, $j + $dst_y - $src_y, ImageColorC
// version in the tiki_history then the last version becomes the actual version
function remove_last_version($page,$comment='')
{
$page = addslashes($page);
$this->invalidate_cache($page);
$query = "select * from tiki_history where pageName='$page' order by lastModif desc";
$result = $this->query($query);
......@@ -7130,6 +7142,7 @@ ImageSetPixel ($dst_img, $i + $dst_x - $src_x, $j + $dst_y - $src_y, ImageColorC
// Returns information about a specific version of a page
function get_version($page, $version)
{
$page = addslashes($page);
$query = "select * from tiki_history where pageName='$page' and version=$version";
$result = $this->query($query);
$res = $result->fetchRow(DB_FETCHMODE_ASSOC);
......@@ -7140,6 +7153,7 @@ ImageSetPixel ($dst_img, $i + $dst_x - $src_x, $j + $dst_y - $src_y, ImageColorC
// without the data itself
function get_page_history($page)
{
$page = addslashes($page);
$query = "select pageName, description, version, lastModif, user, ip, data, comment from tiki_history where pageName='$page' order by version desc";
$result = $this->query($query);
$ret = Array();
......@@ -7161,6 +7175,7 @@ ImageSetPixel ($dst_img, $i + $dst_x - $src_x, $j + $dst_y - $src_y, ImageColorC
function is_locked($page)
{
$page = addslashes($page);
$query = "select flag from tiki_pages where pageName='$page'";
$result = $this->query($query);
$res = $result->fetchRow(DB_FETCHMODE_ASSOC);
......@@ -7170,6 +7185,7 @@ ImageSetPixel ($dst_img, $i + $dst_x - $src_x, $j + $dst_y - $src_y, ImageColorC
function lock_page($page)
{
$page = addslashes($page);
$query = "update tiki_pages set flag='L' where pageName='$page'";
$result = $this->query($query);
return true;
......@@ -7177,6 +7193,7 @@ ImageSetPixel ($dst_img, $i + $dst_x - $src_x, $j + $dst_y - $src_y, ImageColorC
function unlock_page($page)
{
$page = addslashes($page);
$query = "update tiki_pages set flag='' where pageName='$page'";
$result = $this->query($query);
return true;
......@@ -7199,6 +7216,7 @@ ImageSetPixel ($dst_img, $i + $dst_x - $src_x, $j + $dst_y - $src_y, ImageColorC
// This implements all the functions needed to use Tiki
function page_exists($pageName)
{
$pageName = addslashes($pageName);
$query = "select pageName from tiki_pages where pageName = '$pageName'";
$result = $this->query($query);
return $result->numRows();
......@@ -7206,6 +7224,7 @@ ImageSetPixel ($dst_img, $i + $dst_x - $src_x, $j + $dst_y - $src_y, ImageColorC
function page_exists_desc($pageName)
{
$pageName = addslashes($pageName);
$query = "select description from tiki_pages where pageName = '$pageName'";
$result = $this->query($query);
if(!$result->numRows()) return false;
......@@ -7216,12 +7235,14 @@ ImageSetPixel ($dst_img, $i + $dst_x - $src_x, $j + $dst_y - $src_y, ImageColorC
function version_exists($pageName, $version)
{
$pageName = addslashes($pageName);
$query = "select pageName from tiki_history where pageName = '$pageName' and version='$version'";
$result = $this->query($query);
return $result->numRows();
}
function add_hit($pageName) {
$pageName = addslashes($pageName);
$query = "update tiki_pages set hits=hits+1 where pageName = '$pageName'";
$result = $this->query($query);
return true;
......@@ -7276,6 +7297,7 @@ ImageSetPixel ($dst_img, $i + $dst_x - $src_x, $j + $dst_y - $src_y, ImageColorC
function get_page_info($pageName)
{
$pageName = addslashes($pageName);
$query = "select * from tiki_pages where pageName='$pageName'";
$result = $this->query($query);
if(!$result->numRows()) return false;
......@@ -8424,6 +8446,7 @@ function parse_data($data)
}
function invalidate_cache($page) {
$pageName = addslashes($pageName);
$query = "update tiki_pages set cache_timestamp=0 where pageName='$page'";
$this->query($query);
}
......@@ -8509,6 +8532,7 @@ function parse_data($data)
function update_page_version($pageName,$version,$edit_data,$edit_comment, $edit_user, $edit_ip,$lastModif,$description='')
{
global $smarty;
$pageName = addslashes($pageName);
if($pageName=='SandBox') return;
// Collect pages before modifying edit_data
$pages = $this->get_pages($edit_data);
......
......@@ -325,6 +325,49 @@ class UsersLib extends TikiLib {
return $res;
}
function change_permission_level($perm,$level)
{
$level=addslashes($level);
$query = "update users_permissions set level='$level' where permName='$perm'";
$this->query($query);
}
function assign_level_permissions($group,$level)
{
$query = "select permName from users_permissions where level='$level'";
$result = $this->query($query);
$ret=Array();
while($res = $result->fetchRow(DB_FETCHMODE_ASSOC)) {
$this->assign_permission_to_group($res['permName'],$group);
}
}
function remove_level_permissions($group,$level)
{
$query = "select permName from users_permissions where level='$level'";
$result = $this->query($query);
$ret=Array();
while($res = $result->fetchRow(DB_FETCHMODE_ASSOC)) {
$this->remove_permission_from_group($res['permName'],$group);
}
}
function create_dummy_level($level) {
$query = "replace into users_permissions(permName,permDesc,type,level) values('','','','$level')";
$this->query($query);
}
function get_permission_levels()
{
$query = "select distinct(level) from users_permissions";
$result = $this->query($query);
$ret=Array();
while($res = $result->fetchRow(DB_FETCHMODE_ASSOC)) {
$ret[]=$res['level'];
}
return $ret;
}
function get_userid_info($user)
{
$query = "select * from users_users where userId='$user'";
......@@ -355,7 +398,7 @@ class UsersLib extends TikiLib {
}
}
$query = "select permName,type, permDesc from users_permissions $mid order by $sort_mode limit $offset,$maxRecords";
$query = "select permName,type,level,permDesc from users_permissions $mid order by $sort_mode limit $offset,$maxRecords";
$query_cant = "select count(*) from users_permissions $mid";
$result = $this->query($query);
$cant = $this->getOne($query_cant);
......@@ -365,6 +408,7 @@ class UsersLib extends TikiLib {
$aux["permName"] = $res["permName"];
$aux["permDesc"] = $res["permDesc"];
$aux["type"] = $res["type"];
$aux['level'] = $res["level"];
if($group) {
if($this->group_has_permission($group,$aux["permName"])) {
$aux["hasPerm"]='y';
......
<?php
require_once('tiki-setup.php');
include_once('lib/messu/messulib.php');
<?php
require_once('tiki-setup.php');
include_once('lib/messu/messulib.php');
if(!$user) {
$smarty->assign('msg',tra("You are not logged in"));
$smarty->display("styles/$style_base/error.tpl");
die;
}
if($feature_messages != 'y') {
$smarty->assign('msg',tra("This feature is disabled"));
$smarty->display("styles/$style_base/error.tpl");
die;
}
if($tiki_p_broadcast != 'y' ) {
$smarty->assign('msg',tra("Permission denied"));
$smarty->display("styles/$style_base/error.tpl");
die;
}
if(!isset($_REQUEST['to'])) $_REQUEST['to']='';
if(!isset($_REQUEST['cc'])) $_REQUEST['cc']='';
if(!isset($_REQUEST['bcc'])) $_REQUEST['bcc']='';
if(!isset($_REQUEST['subject'])) $_REQUEST['subject']='';
if(!isset($_REQUEST['body'])) $_REQUEST['body']='';
if(!isset($_REQUEST['priority'])) $_REQUEST['priority']=3;
$smarty->assign('to',$_REQUEST['to']);
$smarty->assign('cc',$_REQUEST['cc']);
$smarty->assign('bcc',$_REQUEST['bcc']);
$smarty->assign('subject',$_REQUEST['subject']);
$smarty->assign('body',$_REQUEST['body']);
$smarty->assign('priority',$_REQUEST['priority']);
$smarty->assign('mid','messu-broadcast.tpl');
$smarty->assign('sent',0);
if(isset($_REQUEST['reply'])||isset($_REQUEST['replyall'])) {
$messulib->flag_message($_SESSION['user'], $_REQUEST['msgId'], 'isReplied', 'y');
}
$all_users = $userlib->get_users(0,-1,'login_desc','');
if(isset($_REQUEST['send'])) {
$smarty->assign('sent',1);
$message = '';
// Validation:
// must have a subject or body non-empty (or both)
if(empty($_REQUEST['subject'])&&empty($_REQUEST['body'])) {
$smarty->assign('message','ERROR: Either the subject or body must be non-empty');
$smarty->display('tiki.tpl');
die;
}
// Remove invalid users from the to, cc and bcc fields
$users = Array();
foreach($all_users['data'] as $a_user) {
$a_user = $a_user['user'];
if(!empty($a_user)) {
if($messulib->user_exists($a_user)) {
if($messulib->get_user_preference($a_user,'allowMsgs','y')) {
$users[] = $a_user;
} else {
$message.="User $a_user cant receive messages<br/>";
}
} else {
$message.="Invalid user: $a_user<br/>";
}
}
}
$users = array_unique($users);
// Validation: either to, cc or bcc must have a valid user
if(count($users)>0) {
$message.="Message will be sent to: ".implode(',',$users)."<br/>";
} else {
$message = 'ERROR: No valid users to send the message';
$smarty->assign('message',$message);
$smarty->display('tiki.tpl');
die;
}
// Insert the message in the inboxes of each user
foreach($users as $a_user) {
$messulib->post_message($a_user,$_SESSION['user'],$a_user,'',$_REQUEST['subject'],$_REQUEST['body'],$_REQUEST['priority']);
}
$smarty->assign('message',$message);
}
$smarty->display('tiki.tpl');
if(!isset($_REQUEST['to'])) $_REQUEST['to']='';
if(!isset($_REQUEST['cc'])) $_REQUEST['cc']='';
if(!isset($_REQUEST['bcc'])) $_REQUEST['bcc']='';