engelsystem/includes/pages/user_news.php

<?php

/**
 * @return string
 */
function user_news_comments_title()
{
    return _("News comments");
}

/**
 * @return string
 */
function news_title()
{
    return _("News");
}

/**
 * @return string
 */
function meetings_title()
{
    return _("Meetings");
}

/**
 * @return string
 */
function user_meetings()
{
    global $display_news;

    $html = '<div class="col-md-12"><h1>' . meetings_title() . '</h1>' . msg();

    if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) {
        $page = $_REQUEST['page'];
    } else {
        $page = 0;
    }

    $news = sql_select("
        SELECT *
        FROM `News`
        WHERE `Treffen`=1
        ORDER BY `Datum`DESC
        LIMIT " . sql_escape($page * $display_news) . ", " . sql_escape($display_news)
    );
    foreach ($news as $entry) {
        $html .= display_news($entry);
    }

    $dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $display_news);
    $html .= '<div class="text-center">' . '<ul class="pagination">';
    for ($i = 0; $i < $dis_rows; $i++) {
        if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {
            $html .= '<li class="active">';
        } elseif (!isset($_REQUEST['page']) && $i == 0) {
            $html .= '<li class="active">';
        } else {
            $html .= '<li>';
        }
        $html .= '<a href="' . page_link_to("user_meetings") . '&page=' . $i . '">' . ($i + 1) . '</a></li>';
    }
    $html .= '</ul></div></div>';

    return $html;
}

/**
 * @param array $news
 * @return string
 */
function display_news($news)
{
    global $privileges, $page;

    $html = '';
    $html .= '<div class="panel' . ($news['Treffen'] == 1 ? ' panel-info' : ' panel-default') . '">';
    $html .= '<div class="panel-heading">';
    $html .= '<h3 class="panel-title">' . ($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '</h3>';
    $html .= '</div>';
    $html .= '<div class="panel-body">' . ReplaceSmilies(nl2br($news['Text'])) . '</div>';

    $html .= '<div class="panel-footer text-muted">';
    if (in_array("admin_news", $privileges)) {
        $html .= '<div class="pull-right">'
            . button_glyph(page_link_to("admin_news") . '&action=edit&id=' . $news['ID'], 'edit', 'btn-xs')
            . '</div>';
    }
    $html .= '<span class="glyphicon glyphicon-time"></span> ' . date("Y-m-d H:i", $news['Datum']) . '&emsp;';

    $user_source = User($news['UID']);

    $html .= User_Nick_render($user_source);
    if ($page != "news_comments") {
        $html .= '&emsp;<a href="' . page_link_to("news_comments") . '&nid=' . $news['ID'] . '">'
            . '<span class="glyphicon glyphicon-comment"></span> '
            . _("Comments") . ' &raquo;</a> '
            . '<span class="badge">'
            . sql_num_query("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($news['ID']) . "'")
            . '</span>';
    }
    $html .= '</div>';
    $html .= '</div>';
    return $html;
}

/**
 * @return string
 */
function user_news_comments()
{
    global $user;

    $html = '<div class="col-md-12"><h1>' . user_news_comments_title() . '</h1>';
    if (
        isset($_REQUEST["nid"])
        && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid'])
        && sql_num_query("SELECT * FROM `News` WHERE `ID`='" . sql_escape($_REQUEST['nid']) . "' LIMIT 1") > 0
    ) {
        $nid = $_REQUEST["nid"];
        list($news) = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($nid) . "' LIMIT 1");
        if (isset($_REQUEST["text"])) {
            $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
            sql_query("
                INSERT INTO `NewsComments` (`Refid`, `Datum`, `Text`, `UID`)
                VALUES (
                    '" . sql_escape($nid) . "',
                    '" . date("Y-m-d H:i:s") . "',
                    '" . sql_escape($text) . "',
                    '" . sql_escape($user["UID"]) . "'
                )
            ");
            engelsystem_log("Created news_comment: " . $text);
            $html .= success(_("Entry saved."), true);
        }

        $html .= display_news($news);

        $comments = sql_select("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($nid) . "' ORDER BY 'ID'");
        foreach ($comments as $comment) {
            $user_source = User($comment['UID']);

            $html .= '<div class="panel panel-default">';
            $html .= '<div class="panel-body">' . nl2br($comment['Text']) . '</div>';
            $html .= '<div class="panel-footer text-muted">';
            $html .= '<span class="glyphicon glyphicon-time"></span> ' . $comment['Datum'] . '&emsp;';
            $html .= User_Nick_render($user_source);
            $html .= '</div>';
            $html .= '</div>';
        }

        $html .= '<hr /><h2>' . _("New Comment:") . '</h2>';
        $html .= form([
            form_textarea('text', _("Message"), ''),
            form_submit('submit', _("Save"))
        ], page_link_to('news_comments') . '&nid=' . $news['ID']);
    } else {
        $html .= _("Invalid request.");
    }

    return $html . '</div>';
}

/**
 * @return string
 */
function user_news()
{
    global $display_news, $privileges, $user;

    $html = '<div class="col-md-12"><h1>' . news_title() . '</h1>' . msg();

    if (isset($_POST["text"]) && isset($_POST["betreff"]) && in_array("admin_news", $privileges)) {
        if (!isset($_POST["treffen"]) || !in_array("admin_news", $privileges)) {
            $_POST["treffen"] = 0;
        }
        sql_query("
            INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`)
            VALUES (
                '" . sql_escape(time()) . "',
                '" . sql_escape($_POST["betreff"]) . "',
                '" . sql_escape($_POST["text"]) . "',
                '" . sql_escape($user['UID']) . "',
                '" . sql_escape($_POST["treffen"]) . "'
            )
        ");
        engelsystem_log("Created news: " . $_POST["betreff"] . ", treffen: " . $_POST["treffen"]);
        success(_("Entry saved."));
        redirect(page_link_to('news'));
    }

    if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) {
        $page = $_REQUEST['page'];
    } else {
        $page = 0;
    }

    $news = sql_select("
        SELECT *
        FROM `News`
        ORDER BY `Datum`
        DESC LIMIT " . sql_escape($page * $display_news) . ", " . sql_escape($display_news)
    );
    foreach ($news as $entry) {
        $html .= display_news($entry);
    }

    $dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $display_news);
    $html .= '<div class="text-center">' . '<ul class="pagination">';
    for ($i = 0; $i < $dis_rows; $i++) {
        if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {
            $html .= '<li class="active">';
        } elseif (!isset($_REQUEST['page']) && $i == 0) {
            $html .= '<li class="active">';
        } else {
            $html .= '<li>';
        }
        $html .= '<a href="' . page_link_to("news") . '&page=' . $i . '">' . ($i + 1) . '</a></li>';
    }
    $html .= '</ul></div>';

    if (in_array("admin_news", $privileges)) {
        $html .= '<hr />';
        $html .= '<h2>' . _("Create news:") . '</h2>';

        $html .= form([
            form_text('betreff', _("Subject"), ''),
            form_textarea('text', _("Message"), ''),
            form_checkbox('treffen', _("Meeting"), false, 1),
            form_submit('submit', _("Save"))
        ]);
    }
    return $html . '</div>';
}
news 2011-06-02 01:45:46 +02:00			`<?php`
prohibit inline control structures on pages 2016-09-29 10:53:17 +02:00
PPHDoc, formatting, fixes, cleanup 2017-01-03 03:22:48 +01:00			`/**`
			`* @return string`
			`*/`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`function user_news_comments_title()`
			`{`
			`return _("News comments");`
angel views in english complete 2013-11-25 21:56:56 +01:00			`}`

PPHDoc, formatting, fixes, cleanup 2017-01-03 03:22:48 +01:00			`/**`
			`* @return string`
			`*/`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`function news_title()`
			`{`
			`return _("News");`
basic gettext integration 2013-11-25 21:04:58 +01:00			`}`

PPHDoc, formatting, fixes, cleanup 2017-01-03 03:22:48 +01:00			`/**`
			`* @return string`
			`*/`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`function meetings_title()`
			`{`
			`return _("Meetings");`
basic gettext integration 2013-11-25 21:04:58 +01:00			`}`

PPHDoc, formatting, fixes, cleanup 2017-01-03 03:22:48 +01:00			`/**`
			`* @return string`
			`*/`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`function user_meetings()`
			`{`
PPHDoc, formatting, fixes, cleanup 2017-01-03 03:22:48 +01:00			`global $display_news;`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$html = '<div class="col-md-12"><h1>' . meetings_title() . '</h1>' . msg();`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) {`
			`$page = $_REQUEST['page'];`
prohibit inline control structures on pages 2016-09-29 10:53:17 +02:00			`} else {`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$page = 0;`
			`}`
Formatting 2017-01-02 15:43:36 +01:00
PPHDoc, formatting, fixes, cleanup 2017-01-03 03:22:48 +01:00			`$news = sql_select("`
			`SELECT *`
			FROM `News`
			WHERE `Treffen`=1
			ORDER BY `Datum`DESC
			`LIMIT " . sql_escape($page * $display_news) . ", " . sql_escape($display_news)`
			`);`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`foreach ($news as $entry) {`
			`$html .= display_news($entry);`
			`}`
Formatting 2017-01-02 15:43:36 +01:00
PPHDoc, formatting, fixes, cleanup 2017-01-03 03:22:48 +01:00			$dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $display_news);
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$html .= '<div class="text-center">' . '<ul class="pagination">';`
Formatting 2017-01-02 15:43:36 +01:00			`for ($i = 0; $i < $dis_rows; $i++) {`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {`
			`$html .= '<li class="active">';`
Formatting 2017-01-02 15:43:36 +01:00			`} elseif (!isset($_REQUEST['page']) && $i == 0) {`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$html .= '<li class="active">';`
			`} else {`
			`$html .= '<li>';`
			`}`
			`$html .= '<a href="' . page_link_to("user_meetings") . '&page=' . $i . '">' . ($i + 1) . '</a></li>';`
prohibit inline control structures on pages 2016-09-29 10:53:17 +02:00			`}`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$html .= '</ul></div></div>';`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`return $html;`
user meetings 2011-06-03 06:47:35 +02:00			`}`

PPHDoc, formatting, fixes, cleanup 2017-01-03 03:22:48 +01:00			`/**`
			`* @param array $news`
			`* @return string`
			`*/`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`function display_news($news)`
			`{`
			`global $privileges, $page;`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$html = '';`
			`$html .= '<div class="panel' . ($news['Treffen'] == 1 ? ' panel-info' : ' panel-default') . '">';`
			`$html .= '<div class="panel-heading">';`
			`$html .= '<h3 class="panel-title">' . ($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '</h3>';`
			`$html .= '</div>';`
			`$html .= '<div class="panel-body">' . ReplaceSmilies(nl2br($news['Text'])) . '</div>';`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$html .= '<div class="panel-footer text-muted">';`
			`if (in_array("admin_news", $privileges)) {`
Formatting 2017-01-02 15:43:36 +01:00			`$html .= '<div class="pull-right">'`
			`. button_glyph(page_link_to("admin_news") . '&action=edit&id=' . $news['ID'], 'edit', 'btn-xs')`
			`. '</div>';`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`}`
			`$html .= '<span class="glyphicon glyphicon-time"></span> ' . date("Y-m-d H:i", $news['Datum']) . '&emsp;';`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$user_source = User($news['UID']);`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$html .= User_Nick_render($user_source);`
			`if ($page != "news_comments") {`
PPHDoc, formatting, fixes, cleanup 2017-01-03 03:22:48 +01:00			`$html .= '&emsp;<a href="' . page_link_to("news_comments") . '&nid=' . $news['ID'] . '">'`
			`. '<span class="glyphicon glyphicon-comment"></span> '`
			`. _("Comments") . ' »</a> '`
			`. '<span class="badge">'`
			. sql_num_query("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($news['ID']) . "'")
			`. '</span>';`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`}`
			`$html .= '</div>';`
			`$html .= '</div>';`
			`return $html;`
news 2011-06-02 01:45:46 +02:00			`}`

PPHDoc, formatting, fixes, cleanup 2017-01-03 03:22:48 +01:00			`/**`
			`* @return string`
			`*/`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`function user_news_comments()`
			`{`
			`global $user;`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$html = '<div class="col-md-12"><h1>' . user_news_comments_title() . '</h1>';`
Formatting 2017-01-02 15:43:36 +01:00			`if (`
			`isset($_REQUEST["nid"])`
			`&& preg_match("/^[0-9]{1,}$/", $_REQUEST['nid'])`
			&& sql_num_query("SELECT * FROM `News` WHERE `ID`='" . sql_escape($_REQUEST['nid']) . "' LIMIT 1") > 0
			`) {`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$nid = $_REQUEST["nid"];`
			list($news) = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($nid) . "' LIMIT 1");
			`if (isset($_REQUEST["text"])) {`
			`$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));`
PPHDoc, formatting, fixes, cleanup 2017-01-03 03:22:48 +01:00			`sql_query("`
			INSERT INTO `NewsComments` (`Refid`, `Datum`, `Text`, `UID`)
			`VALUES (`
			`'" . sql_escape($nid) . "',`
			`'" . date("Y-m-d H:i:s") . "',`
			`'" . sql_escape($text) . "',`
			`'" . sql_escape($user["UID"]) . "'`
			`)`
			`");`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`engelsystem_log("Created news_comment: " . $text);`
			`$html .= success(_("Entry saved."), true);`
			`}`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$html .= display_news($news);`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			$comments = sql_select("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($nid) . "' ORDER BY 'ID'");
			`foreach ($comments as $comment) {`
			`$user_source = User($comment['UID']);`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$html .= '<div class="panel panel-default">';`
			`$html .= '<div class="panel-body">' . nl2br($comment['Text']) . '</div>';`
			`$html .= '<div class="panel-footer text-muted">';`
			`$html .= '<span class="glyphicon glyphicon-time"></span> ' . $comment['Datum'] . '&emsp;';`
			`$html .= User_Nick_render($user_source);`
			`$html .= '</div>';`
			`$html .= '</div>';`
			`}`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$html .= '<hr /><h2>' . _("New Comment:") . '</h2>';`
			`$html .= form([`
Formatting 2017-01-02 15:43:36 +01:00			`form_textarea('text', _("Message"), ''),`
			`form_submit('submit', _("Save"))`
			`], page_link_to('news_comments') . '&nid=' . $news['ID']);`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`} else {`
			`$html .= _("Invalid request.");`
			`}`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`return $html . '</div>';`
news refined 2011-06-03 05:12:50 +02:00			`}`
news 2011-06-02 01:45:46 +02:00
PPHDoc, formatting, fixes, cleanup 2017-01-03 03:22:48 +01:00			`/**`
			`* @return string`
			`*/`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`function user_news()`
			`{`
PPHDoc, formatting, fixes, cleanup 2017-01-03 03:22:48 +01:00			`global $display_news, $privileges, $user;`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$html = '<div class="col-md-12"><h1>' . news_title() . '</h1>' . msg();`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`if (isset($_POST["text"]) && isset($_POST["betreff"]) && in_array("admin_news", $privileges)) {`
Formatting 2017-01-02 15:43:36 +01:00			`if (!isset($_POST["treffen"]) \|\| !in_array("admin_news", $privileges)) {`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$_POST["treffen"] = 0;`
			`}`
PPHDoc, formatting, fixes, cleanup 2017-01-03 03:22:48 +01:00			`sql_query("`
			INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`)
			`VALUES (`
			`'" . sql_escape(time()) . "',`
			`'" . sql_escape($_POST["betreff"]) . "',`
			`'" . sql_escape($_POST["text"]) . "',`
			`'" . sql_escape($user['UID']) . "',`
			`'" . sql_escape($_POST["treffen"]) . "'`
			`)`
			`");`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`engelsystem_log("Created news: " . $_POST["betreff"] . ", treffen: " . $_POST["treffen"]);`
			`success(_("Entry saved."));`
			`redirect(page_link_to('news'));`
			`}`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) {`
			`$page = $_REQUEST['page'];`
			`} else {`
			`$page = 0;`
			`}`
Formatting 2017-01-02 15:43:36 +01:00
PPHDoc, formatting, fixes, cleanup 2017-01-03 03:22:48 +01:00			`$news = sql_select("`
			`SELECT *`
			FROM `News`
			ORDER BY `Datum`
			`DESC LIMIT " . sql_escape($page * $display_news) . ", " . sql_escape($display_news)`
			`);`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`foreach ($news as $entry) {`
			`$html .= display_news($entry);`
prohibit inline control structures on pages 2016-09-29 10:53:17 +02:00			`}`
Formatting 2017-01-02 15:43:36 +01:00
PPHDoc, formatting, fixes, cleanup 2017-01-03 03:22:48 +01:00			$dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $display_news);
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$html .= '<div class="text-center">' . '<ul class="pagination">';`
Formatting 2017-01-02 15:43:36 +01:00			`for ($i = 0; $i < $dis_rows; $i++) {`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {`
			`$html .= '<li class="active">';`
Formatting 2017-01-02 15:43:36 +01:00			`} elseif (!isset($_REQUEST['page']) && $i == 0) {`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$html .= '<li class="active">';`
			`} else {`
			`$html .= '<li>';`
			`}`
			`$html .= '<a href="' . page_link_to("news") . '&page=' . $i . '">' . ($i + 1) . '</a></li>';`
prohibit inline control structures on pages 2016-09-29 10:53:17 +02:00			`}`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$html .= '</ul></div>';`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`if (in_array("admin_news", $privileges)) {`
			`$html .= '<hr />';`
			`$html .= '<h2>' . _("Create news:") . '</h2>';`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$html .= form([`
Formatting 2017-01-02 15:43:36 +01:00			`form_text('betreff', _("Subject"), ''),`
			`form_textarea('text', _("Message"), ''),`
			`form_checkbox('treffen', _("Meeting"), false, 1),`
			`form_submit('submit', _("Save"))`
			`]);`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`}`
			`return $html . '</div>';`
news 2011-06-02 01:45:46 +02:00			`}`