3 // Function to sanitise RTF edit text
4 /* function RTESafe($strText) {
5 //returns safe code for preloading in the RTE
6 $tmpString = trim($strText);
8 //convert all types of single quotes
9 $tmpString = str_replace(chr(145), chr(39), $tmpString);
10 $tmpString = str_replace(chr(146), chr(39), $tmpString);
11 $tmpString = str_replace("'", "'", $tmpString);
13 //convert all types of double quotes
14 $tmpString = str_replace(chr(147), chr(34), $tmpString);
15 $tmpString = str_replace(chr(148), chr(34), $tmpString);
17 //replace carriage returns & line feeds
18 $tmpString = str_replace(chr(10), " ", $tmpString);
19 $tmpString = str_replace(chr(13), " ", $tmpString);
24 function display_input_field ($parameter) {
25 // Displays different HTML depending on input field type
31 0 => input name to display (for forms etc)
33 2 => type of input field
34 3 => reference name (for tag fields and so on)
35 4 => ID number (if any)
44 if (isset($parameter) && sizeof($parameter) > 2) {
46 if (!isset($parameter[4])) {
50 if (!isset($parameter[5])) {
51 $parameter[5] = $_SESSION['userid'];
54 $cleanid = $parameter[0];
55 if (!ereg("^[A-Za-z][A-Za-z0-9_:\\.-]*$", $cleanid)) {
56 if (!ereg("^[A-Za-z]", $cleanid)) {
57 $cleanid = "id_" . $cleanid;
59 $cleanid = ereg_replace("[^A-Za-z0-9_:\\.-]", "__", $cleanid);
62 switch($parameter[2]) {
65 $run_result .= "<input type=\"text\" name=\"".$parameter[0]."\" value=\"".htmlspecialchars(stripslashes($parameter[1]), ENT_COMPAT
, 'utf-8')."\" style=\"width: 95%\" id=\"".$cleanid."\" />";
68 $run_result .= "<input type=\"password\" name=\"".$parameter[0]."\" value=\"".htmlspecialchars(stripslashes($parameter[1]), ENT_COMPAT
, 'utf-8')."\" style=\"width: 95%\" id=\"".$cleanid."\" />";
71 $run_result .= "<textarea name=\"".$parameter[0]."\" id=\"".$cleanid."\" style=\"width: 95%; height: 100px\">".htmlspecialchars(stripslashes($parameter[1]), ENT_COMPAT
, 'utf-8')."</textarea>";
75 $keywords = stripslashes($parameter[1]);
76 preg_match_all("/\[\[([A-Za-z0-9 ]+)\]\]/i",$keywords,$keyword_list);
77 $keyword_list = $keyword_list[1];
79 if (is_array($keyword_list) && sizeof($keyword_list) > 0) {
81 foreach($keyword_list as $key => $list_item) {
82 $keywords .= $list_item;
83 if ($key < sizeof($keyword_list) - 1) {
88 $parameter[1] = $keywords;
90 if (!isset($data['profile:preload'][$parameter[3]])) {
92 if ($tags = get_records_select('tags',"tagtype = ? and ref = ? and owner = ?",array($parameter[3],$parameter[4],$parameter[5]),'tag ASC')) {
94 foreach($tags as $key => $tag) {
98 $keywords .= stripslashes($tag->tag
);
102 $parameter[1] = $keywords;
104 // $parameter[1] = $data['profile:preload'][$parameter[3]];
106 // $parameter[1] = var_export($parameter,true);
107 $run_result .= "<textarea name=\"".$parameter[0]."\" id=\"".$cleanid."\" style=\"width: 95%; height: 100px\">".htmlspecialchars(stripslashes($parameter[1]), ENT_COMPAT
, 'utf-8')."</textarea>";
110 $run_result .= "<textarea name=\"".$parameter[0]."\" id=\"".$cleanid."\" style=\"width: 95%; height: 200px\">".htmlspecialchars(stripslashes($parameter[1]), ENT_COMPAT
, 'utf-8')."</textarea>";
114 $run_result .= <<< END
115 <script language
="JavaScript" type
="text/javascript">
117 function submitForm() {
118 //make sure hidden and iframe values are in sync before submitting form
119 //to sync only 1 rte, use updateRTE(rte)
120 //to sync all rtes, use updateRTEs
121 updateRTE('<?php echo $parameter[0]; ?>');
123 //alert("rte1 = " + document.elggform.<?php echo $parameter[0]; ?>.value);
125 //change the following line to true to submit form
129 $content = RTESafe(stripslashes($parameter[1]));
130 $run_result .= <<< END
131 //Usage: initRTE(imagesPath, includesPath, cssFile)
132 initRTE("/units/display/rtfedit/images/", "/units/display/rtfedit/", "/units/display/rtfedit/rte.css");
134 <noscript
><p
><b
>Javascript must be enabled to
use this form
.</b
></p
></noscript
>
135 <script language
="JavaScript" type
="text/javascript">
137 writeRichText('<?php echo $parameter[0];?>', '<?php echo $content; ?>', 220, 200, true, false);
143 $run_result .= "<input type=\"hidden\" name=\"".$parameter[0]."\" value=\"blank\" id=\"".$cleanid."\" />";
151 $run_result .= "<input type=\"text\" name=\"".$parameter[0]."\" value=\"".htmlspecialchars(stripslashes($parameter[1]), ENT_COMPAT
, 'utf-8')."\" style=\"width: 95%\" id=\"".$cleanid."\" />";
154 $run_result .= "<textarea name=\"".$parameter[0]."\" id=\"".$parameter[0]."\" style=\"width: 95%; height: 200px\">".htmlspecialchars(stripslashes($parameter[1]), ENT_COMPAT
, 'utf-8')."</textarea>";
163 function log_on_pane () {
166 // Elgg default globals
177 // If this is someone else's portfolio, display the user's icon
178 if ($page_owner != -1) {
179 $run_result .= run("profile:user:info");
182 if ((!defined("logged_on") || logged_on
== 0) && $page_owner == -1) {
184 $body = '<form action="'.url
.'/login/index.php" method="post">';
186 if (public_reg
== true) {
187 $reg_link = '<a href="' . $url . '_invite/register.php">'. gettext("Register") .'</a> |';
192 $body .= templates_draw(array(
194 'context' => 'contentholder',
195 'title' => gettext("Log On"),
200 <td align="right"><p>
201 <label>' . gettext("Username") . ' <input type="text" name="username" id="username" style="size: 200px" /></label><br />
202 <label>' . gettext("Password") . ' <input type="password" name="password" id="password" style="size: 200px" />
207 <td align="right"><p>
208 <input type="hidden" name="action" value="log_on" />
209 <label>' . gettext("Log on") . ':<input type="submit" name="submit" value="'.gettext("Go").'" /></label><br /><br />
210 <label><input type="checkbox" name="remember" checked="checked" />
211 ' . gettext("Remember Login") . '</label><br />
214 <a href="' . $url . '_invite/forgotten_password.php">'. gettext("Forgotten password") .'</a>
226 $run_result .= $body;
233 function display_output_field ($parameter) {
234 // Displays different HTML depending on input field type
240 0 => input name to display (for forms etc)
242 2 => type of input field
243 3 => reference name (for tag fields and so on)
244 4 => ID number (if any)
245 5 => Owner (if not specified, current $page_owner is assumed)
255 if (isset($parameter) && sizeof($parameter) > 1) {
257 if (!isset($parameter[4])) {
260 if (!isset($parameter[5])) {
261 if (isset($page_owner)) {
262 $parameter[5] = $page_owner;
268 switch($parameter[1]) {
271 $run_result = "<img src=\"http://web.icq.com/whitepages/online?icq=".htmlspecialchars(stripslashes($parameter[0]), ENT_COMPAT
, 'utf-8')."&img=5\" height=\"18\" width=\"18\" /> <b>".htmlspecialchars(stripslashes($parameter[0]), ENT_COMPAT
, 'utf-8')."</b> (<a href=\"http://wwp.icq.com/scripts/search.dll?to=".htmlspecialchars(stripslashes($parameter[0]), ENT_COMPAT
, 'utf-8')."\">" . gettext("Add User") . "</a>, <a href=\"http://wwp.icq.com/scripts/contact.dll?msgto=".htmlspecialchars(stripslashes($parameter[0]), ENT_COMPAT
, 'utf-8')."\">". gettext("Send Message") ."</a>)";
274 $run_result = "<a href=\"callto://".htmlspecialchars(stripslashes($parameter[0]), ENT_COMPAT
, 'utf-8')."\">".htmlspecialchars(stripslashes($parameter[0]), ENT_COMPAT
, 'utf-8')."</a> <img src=\"http://goodies.skype.com/graphics/skypeme_btn_small_white.gif\" alt=\"Skype Me!\" border=\"0\" />";
277 $run_result = "MSN <b>".htmlspecialchars(stripslashes($parameter[0]), ENT_COMPAT
, 'utf-8')."</b>";
280 $run_result = "<img src=\"http://big.oscar.aol.com/".htmlspecialchars(stripslashes($parameter[0]), ENT_COMPAT
, 'utf-8')."?on_url=http://www.aol.com/aim/gr/online.gif&off_url=http://www.aol.com/aim/gr/offline.gif\" width=\"14\" height=\"17\" /> <b>".htmlspecialchars(stripslashes($parameter[0]), ENT_COMPAT
, 'utf-8')."</b> (<a href=\"aim:addbuddy?screenname=".htmlspecialchars(stripslashes($parameter[0]), ENT_COMPAT
, 'utf-8')."\">". gettext("Add Buddy") ."</a>, <a href=\"aim:goim?screenname=".htmlspecialchars(stripslashes($parameter[0]), ENT_COMPAT
, 'utf-8')."&message=Hello\">". gettext("Send Message") ."</a>)";
285 $run_result = nl2br(stripslashes($parameter[0]));
289 $keywords = stripslashes($parameter[0]);
290 preg_match_all("/\[\[([A-Za-z0-9 ]+)\]\]/i",$keywords,$keyword_list);
291 $keyword_list = $keyword_list[1];
293 if (is_array($keyword_list) && sizeof($keyword_list) > 0) {
295 $where = run("users:access_level_sql_where",$_SESSION['userid']);
296 foreach($keyword_list as $key => $list_item) {
297 $number = count_records_select('profile_data',"($where) and name = '".$parameter[2]."' and value like \"%[[".$list_item."]]%\"");
299 $keywords .= "<a href=\"/profile/search.php?".$parameter[2]."=".$list_item."\" title=\"$number users\">";
301 $keywords .= $list_item;
305 if ($key < sizeof($keyword_list) - 1) {
310 $run_result = $keywords;
312 $where = run("users:access_level_sql_where",$_SESSION['userid']);
314 if ($tags = get_records_select('tags',"($where) and tagtype = '".addslashes($parameter[2])."' and ref = ".$parameter[4],null,'tag ASC')) {
316 foreach($tags as $tag) {
320 $numberoftags = count_records('tags','tag',$tag->tag
);
321 if ($numberoftags > 1) {
322 $keywords .= "<a href=\"".url
."search/index.php?".$parameter[2]."=".urlencode(stripslashes($tag->tag
))."&ref=".$parameter[4]."&owner=".$parameter[5]."\" >";
324 $keywords .= stripslashes($tag->tag
);
325 if ($numberoftags > 1) {
331 $run_result = $keywords;
334 $run_result = preg_replace("/[\\d\\w\\.\\-_]+@([\\d\\w\\-_\\.]+\\.)+([\\w]{2,6})/i","<a href=\"mailto:$0\">$0</a>",$parameter[0]);
337 $run_result = $parameter[0];
338 if (substr_count($run_result,"http://") == 0) {
339 $run_result = "http://" . $run_result;
341 $run_result = "<a href=\"" . $run_result . "\" target=\"_blank\">" . $run_result . "</a>";
349 function displaymenu_top () {
353 if (logged_on
== 1) {
355 return templates_draw(array(
356 'context' => 'topmenu',
357 'menuitems' => menu_join('', $PAGE->menu_top
)
367 function displaymenu () {
371 return templates_draw(array(
373 'menuitems' => menu_join('', $PAGE->menu
)
380 function displaymenu_sub () {
384 if (logged_on
== 1) {
386 return templates_draw(array(
387 'context' => 'submenu',
388 'menuitems' => menu_join('', $PAGE->menu_sub
)
397 function displaymenu_user () {
399 if (logged_on
== 1) {
401 return templates_draw(array(
403 'menuitems' => menu_join('', $PAGE->menu_user
)
415 // Elgg default globals
425 $function['display:log_on_pane'][] = path
. "units/display/function_log_on_pane.php";
426 $function['display:sidebar'][] = path
. "units/display/function_log_on_pane.php";
429 $function['display:input_field'][] = path
. "units/display/function_input_field_display.php";
430 $function['display:output_field'][] = path
. "units/display/function_output_field_display.php";