<?php

/**

* This is the handler for ANONYMOUS (non logged in) asynchronous 'AJAX' calls.

*

* This file is part of the evoCore framework - {@link http://evocore.net/}

* See also {@link https://github.com/b2evolution/b2evolution}.

*

* @license GNU GPL v2 - {@link http://b2evolution.net/about/gnu-gpl-license}

*

* @copyright (c)2003-2020 by Francois Planque - {@link http://fplanque.com/}

*

* @package evocore

*/

/**

* Do the MAIN initializations:

*/

require_once dirname(__FILE__).'/../conf/_config.php';

/**

* @global boolean Is this AJAX request? Use {@link is_ajax_request()} to query it, because it may change.

*/

$is_ajax_request = true;

// Disable log in with HTTP basic authentication because we need some action even for anonymous users,

// but it is impossible if wrong login was entered on "HTTP Basic Authentication" form.

// (Used to correct work of action "get_user_salt")

$disable_http_auth = true;

require_once $inc_path.'_main.inc.php';

load_funcs( '../inc/skins/_skin.funcs.php' );

global $skins_path, $ads_current_skin_path, $disp, $ctrl;

param( 'action', 'string', '' );

$item_ID = param( 'p', 'integer' );

$blog_ID = param( 'blog', 'integer' );

// Initialize this array in order to don't load JS files twice in they have been already loaded on parent page:

$required_js = param( 'required_js', 'array:string', array(), false, true );

// Send the predefined cookies:

evo_sendcookies();

// Make sure the async responses are never cached:

header_nocache();

header_content_type( 'text/html', $io_charset );

// Save current debug values

$current_debug = $debug;

$current_debug_jslog = $debug_jslog;

// Do not append Debuglog to response!

$debug = false;

// Do not append Debug JSlog to response!

$debug_jslog = false;

// Don't check new updates from b2evolution.net (@see b2evonet_get_updates()),

// in order to don't break the response data:

$allow_evo_stats = false;

// Init AJAX log

$ajax_Log = new Log();

ajax_log_add( sprintf( 'action: %s', $action ), 'note' );

$params = param( 'params', 'array', array() );

switch( $action )

{

case 'get_item_form':

// Display item form:

// Use the glyph or font-awesome icons if requested by skin

param( 'b2evo_icons_type', 'string', '' );

$cat_ID = param( 'cat', 'integer' );

$BlogCache = & get_BlogCache();

$Collection = $Blog = & $BlogCache->get_by_ID( $blog_ID );

locale_activate( $Blog->get( 'locale' ) );

$blog_skin_ID = $Blog->get_skin_ID();

if( ! empty( $blog_skin_ID ) )

{ // Initialize collection skin folder to check if it has a specific new item form:

$SkinCache = & get_SkinCache();

$Skin = & $SkinCache->get_by_ID( $blog_skin_ID );

$ads_current_skin_path = $skins_path.$Skin->folder.'/';

}

require skin_template_path( '_item_new_form.inc.php' );

break;

case 'get_comment_form':

// Display comment form:

// Use the glyph or font-awesome icons if requested by skin

param( 'b2evo_icons_type', 'string', '' );

$ItemCache = & get_ItemCache();

$Item = $ItemCache->get_by_ID( $item_ID );

$BlogCache = & get_BlogCache();

$Collection = $Blog = $BlogCache->get_by_ID( $blog_ID );

locale_activate( $Blog->get('locale') );

$disp = param( 'disp', '/^[a-z0-9\-_]+$/', '' );

$blog_skin_ID = $Blog->get_skin_ID();

if( ! empty( $blog_skin_ID ) )

{ // check if Blog skin has specific comment form

$SkinCache = & get_SkinCache();

$Skin = & $SkinCache->get_by_ID( $blog_skin_ID );

$ads_current_skin_path = $skins_path.$Skin->folder.'/';

}

require skin_template_path( '_item_comment_form.inc.php' );

break;

case 'get_msg_form':

// display send message form

$recipient_id = param( 'recipient_id', 'integer', 0 );

$recipient_name = param( 'recipient_name', 'string', '' );

$subject = param( 'subject', 'string', '' );

$subject_other = param( 'subject_other', 'string', '' );

$contact_method = param( 'contact_method', 'string', '' );

$email_author = param( 'email_author', 'string', '' );

$email_author_address = param( 'email_author_address', 'string', '' );

$redirect_to = param( 'redirect_to', 'url', '' );

$post_id = NULL;

$comment_id = param( 'comment_id', 'integer', 0 );

$BlogCache = & get_BlogCache();

$Collection = $Blog = $BlogCache->get_by_ID( $blog_ID );

locale_activate( $Blog->get('locale') );

$blog_skin_ID = $Blog->get_skin_ID();

if( ! empty( $blog_skin_ID ) )

{ // check if Blog skin has specific concact message form

$SkinCache = & get_SkinCache();

$Skin = & $SkinCache->get_by_ID( $blog_skin_ID );

$ads_current_skin_path = $skins_path.$Skin->folder.'/';

}

require skin_template_path( '_contact_msg.form.php' );

break;

case 'get_widget_form':

// Display widget form:

// Use the glyph or font-awesome icons if requested by skin

param( 'b2evo_icons_type', 'string', '' );

if( param( 'wi_ID', 'integer', 0 ) )

{ // Try to get a Widget by ID if it called from DB:

$WidgetCache = & get_WidgetCache();

$Widget = & $WidgetCache->get_by_ID( $wi_ID );

if( ! $Widget || ( $Widget->get( 'coll_ID' ) !== NULL && $Widget->get( 'coll_ID' ) != $blog_ID ) )

{

debug_die( 'Wrong widget request!' );

}

}

else

{ // Try to get a Widget by code if it called from content with inline short tag like [emailcapture]:

param( 'wi_code', 'string', true );

if( ! file_exists( $inc_path.'widgets/widgets/_'.$wi_code.'.widget.php' ) )

{ // For some reason, that widget doesn't seem to exist... (any more?)

debug_die( 'Wrong widget request!' );

}

require_once $inc_path.'widgets/widgets/_'.$wi_code.'.widget.php';

// Create new widget by provided code:

$widget_classname = $wi_code.'_Widget';

$Widget = new $widget_classname();

}

param( 'params', 'array', array() );

$BlogCache = & get_BlogCache();

$Collection = $Blog = $BlogCache->get_by_ID( $blog_ID );

locale_activate( $Blog->get('locale') );

$blog_skin_ID = $Blog->get_skin_ID();

if( ! empty( $blog_skin_ID ) )

{ // check if Blog skin has specific comment form

$SkinCache = & get_SkinCache();

$Skin = & $SkinCache->get_by_ID( $blog_skin_ID );

$ads_current_skin_path = $skins_path.$Skin->folder.'/';

}

// Display widget form:

$Widget->display_form( $params );

break;

case 'get_user_bubbletip':

// Get contents of a user bubbletip

// Displays avatar & name

$user_ID = param( 'userid', 'integer', 0 );

$comment_ID = param( 'commentid', 'integer', 0 );

if( strpos( $_SERVER["HTTP_REFERER"], $admin_url ) !== false )

{ // If ajax is requested from admin page we should to set a variable $is_admin_page = true if user has permissions

// Check global permission:

if( ! check_user_perm( 'admin', 'restricted' ) )

{ // No permission to access admin...

require $adminskins_path.'_access_denied.main.php';

}

else

{ // Set this page as admin page

$is_admin_page = true;

}

}

if( $blog_ID > 0 )

{ // Get Blog if ID is set

$BlogCache = & get_BlogCache();

$Collection = $Blog = $BlogCache->get_by_ID( $blog_ID );

}

if( $user_ID > 0 )

{ // Print info of the registered users

$UserCache = & get_UserCache();

$User = & $UserCache->get_by_ID( $user_ID );

ajax_log_add( 'User: #'.$user_ID.' '.$User->login );

if( check_user_perm( 'admin', 'restricted' ) &&

( $current_User->ID == $User->ID || $current_User->can_moderate_user( $User->ID ) ) &&

check_user_status( 'can_access_admin' ) )

{ // Display the moderation buttons only if current user has a permission:

$moderation_buttons = '<p class="bubbletip_user__buttons">';

if( ! is_admin_page() )

{

$moderation_buttons .= '<a href="'.url_add_param( $admin_url, 'ctrl=user&amp;user_ID='.$User->ID ).'" class="btn btn-sm btn-block btn-primary">'

.T_('Edit in Back-Office').'</a>';

}

if( $current_User->ID != $User->ID && check_user_perm( 'users', 'edit' ) )

{ // Display a button to delete a spammer only for other users and if current user can edit them:

$moderation_buttons .= '<a href="'.url_add_param( $admin_url, 'ctrl=users&amp;action=delete&amp;deltype=spammer&amp;user_ID='.$User->ID )

.'" class="btn btn-sm btn-block btn-danger">'

.T_('Delete Spammer')

.'</a>';

}

$moderation_buttons .= '</p>';

}

else

{ // No permission to moderate users:

$moderation_buttons = '';

}

echo '<div class="bubbletip_user">';

if( $User->check_status( 'is_closed' ) )

{ // display only info about closed accounts

echo T_( 'This account has been closed.' );

echo $moderation_buttons;

echo '</div>'; /* end of: <div class="bubbletip_user"> */

break;

}

$avatar_overlay_text = '';

$link_class = '';

if( is_admin_page() )

{ // Set avatar size for Back-office

$avatar_size = $Settings->get('bubbletip_size_admin');

}

else if( is_logged_in() )

{ // Set avatar size for logged in users in the Front-office

$avatar_size = $Settings->get('bubbletip_size_front');

}

else

{ // Set avatar size for Anonymous users

$avatar_size = $Settings->get('bubbletip_size_anonymous');

$avatar_overlay_text = $Settings->get('bubbletip_overlay');

$link_class = 'overlay_link';

}

$width = $thumbnail_sizes[$avatar_size][1];

$height = $thumbnail_sizes[$avatar_size][2];

// Display user avatar with login

// Attributes 'w' & 'h' we use for following js-scale div If image is downloading first time (Fix bubbletip)

echo '<div class="center" w="'.$width.'" h="'.$height.'">';

echo get_avatar_imgtag( $User->login, 'login', true, $avatar_size, 'avatar_above_login', '', $avatar_overlay_text, $link_class, true, '' );

echo '</div>';

if( ! ( $Settings->get( 'allow_anonymous_user_profiles' ) || ( check_user_perm( 'user', 'view', false, $User ) ) ) )

{ // User is not logged in and anonymous users may NOT view user profiles, or if current User has no permission to view additional information about the User

echo $moderation_buttons;

echo '</div>'; /* end of: <div class="bubbletip_user"> */

break;

}

// Additional user info

$user_info = array();

// Preferred Name

if( $User->get_preferred_name() != $User->login )

{

$user_info[] = $User->get_preferred_name();

}

// Location

$location = array();

if( !empty( $User->city_ID ) )

{ // City

$location[] = $User->get_city_name( false );

}

if( !empty( $User->subrg_ID ) )

{ // Subregion

if( !is_logged_in() )

{ // Display subregion for not logged in users

$location[] = $User->get_subregion_name();

}

else if( $current_User->subrg_ID != $User->subrg_ID )

{ // If subregions are different

$location[] = $User->get_subregion_name();

}

}

if( !empty( $User->rgn_ID ) )

{ // Region

if( !is_logged_in() )

{ // Display region for not logged in users

$location[] = $User->get_region_name();

}

else if( $current_User->rgn_ID != $User->rgn_ID )

{ // If regions are different

$location[] = $User->get_region_name();

}

}

if( !empty( $User->ctry_ID ) )

{ // Country

if( !is_logged_in() )

{ // Display country for not logged in users

$location[] = $User->get_country_name();

}

else if( $current_User->ctry_ID != $User->ctry_ID )

{ // If countries are different

$location[] = $User->get_country_name();

}

}

if( !empty( $location ) )

{ // Set location info

$user_info[] = implode( '<br />', $location );

}

// Age group

if( !empty( $User->age_min ) && !empty( $User->age_max ) && $User->age_min != $User->age_max )

{

$user_info[] = sprintf( T_('%d to %d years old '), $User->age_min, $User->age_max );

}

else if( !empty( $User->age_min ) || !empty( $User->age_max ) )

{ // Min age equals max age

$age = !empty( $User->age_min ) ? $User->age_min : $User->age_max;

$user_info[] = sprintf( T_('%d years old '), $age );

}

if( !empty( $user_info ) )

{ // Display additional user info

echo '<ul>';

foreach( $user_info as $info )

{

echo '<li>'.$info.'</li>';

}

echo '</ul>';

}

echo $moderation_buttons;

echo '</div>'; /* end of: <div class="bubbletip_user"> */

}

else if( $comment_ID > 0 )

{ // Print info for an anonymous user who posted a comment

$CommentCache = & get_CommentCache();

$Comment = $CommentCache->get_by_ID( $comment_ID );

ajax_log_add( 'Comment: #'.$comment_ID.' '.$Comment->get_author_name() );

echo '<div class="bubbletip_anon">';

echo $Comment->get_avatar( 'fit-160x160', 'bCommentAvatarCenter' );

echo '<div>'.$Comment->get_author_name_anonymous( 'htmlbody', array( 'rel' => '' ) ).'</div>';

echo '<div>'.T_('This user is not registered on this site.').'</div>';

echo $Comment->get_author_url_link( '', '<div>', '</div>');

if( isset( $Blog ) )

{ // Link to send message

echo '<div>';

$Comment->msgform_link( $Blog->get('msgformurl'), '', '', get_icon( 'email', 'imgtag' ).' '.T_('Send a message') );

echo '</div>';

}

echo '</div>';

}

else

{ // user_ID and comment_ID are both null, this can happen when the user was deleted

echo '<div class="bubbletip_user">';

echo T_( 'This account has been deleted.' );

echo '</div>';

break;

}

break;

case 'set_comment_vote':

// Used for quick SPAM vote of comments

// Check that this action request is not a CSRF hacked request:

$Session->assert_received_crumb( 'comment' );

if( !is_logged_in( false ) )

{ // Only active logged in users can vote

break;

}

// Use the glyph or font-awesome icons if requested by skin

param( 'b2evo_icons_type', 'string', '' );

if( param( 'is_backoffice', 'integer', 0 ) )

{ // Set admin skin, used for buttons, @see button_class()

global $current_User, $UserSettings, $is_admin_page, $adminskins_path;

$admin_skin = $UserSettings->get( 'admin_skin', $current_User->ID );

$is_admin_page = true;

require_once $adminskins_path.$admin_skin.'/_adminUI.class.php';

$AdminUI = new AdminUI();

}

else

{

$BlogCache = &get_BlogCache();

$Collection = $Blog = & $BlogCache->get_by_ID( $blog_ID, true );

$skin_ID = $Blog->get_skin_ID();

$SkinCache = & get_SkinCache();

$Skin = & $SkinCache->get_by_ID( $skin_ID );

}

// Check permission for spam voting

check_user_perm( 'blog_vote_spam_comments', 'edit', true, $blog_ID );

$type = param( 'type', 'string' );

$commentid = param( 'commentid', 'integer' );

if( $type != 'spam' || empty( $commentid ) )

{ // Incorrect params

break;

}

$edited_Comment = & Comment_get_by_ID( $commentid, false );

if( $edited_Comment !== false )

{ // The comment still exists

if( $current_User->ID == $edited_Comment->author_user_ID )

{ // Do not allow users to vote on their own comments

break;

}

// Update a vote of the comment for current User:

$edited_Comment->set_vote( 'spam', param( 'vote', 'string' ) );

$edited_Comment->dbupdate();

// Display a panel for next spam voting:

$edited_Comment->vote_spam( '', '', '&amp;', true, true, array(

'display' => true,

'button_group_class' => button_class( 'group' ).( is_admin_page() ? ' btn-group-sm' : '' ),

) );

}

break;

case 'voting':

// Actions for voting by AJAX

if( !is_logged_in( false ) )

{ // Only active logged in users can vote

break;

}

param( 'vote_action', 'string', '' );

if( !empty( $vote_action ) )

{ // Use crumb checking only for actions

// Check that this action request is not a CSRF hacked request:

$Session->assert_received_crumb( 'voting' );

}

param( 'vote_type', 'string', '' );

param( 'vote_ID', 'string', 0 );

param( 'checked', 'integer', 0 );

param( 'redirect_to', 'url', '' );

// Use the glyph or font-awesome icons if requested by skin

param( 'b2evo_icons_type', 'string', '' );

ajax_log_add( sprintf( 'vote action: %s', $vote_action ), 'note' );

ajax_log_add( sprintf( 'vote type: %s', $vote_type ), 'note' );

ajax_log_add( sprintf( 'vote ID: %s', $vote_ID ), 'note' );

$voting_form_params = array(

'vote_type' => $vote_type,

);

switch( $vote_type )

{

case 'link':

// Vote on pictures

$link_ID = preg_replace( '/link_(\d+)/i', '$1', $vote_ID );

if( empty( $link_ID ) || ( ! is_decimal( $link_ID ) ) )

{ // There is no correct link ID

break 2;

}

$LinkCache = & get_LinkCache();

$Link = & $LinkCache->get_by_ID( $link_ID, false );

if( !$Link )

{ // Incorrect link ID

break 2;

}

$File = & $Link->get_File();

if( !$File )

{ // The Link File is not available

break 2;

}

if( empty( $File->hash ) )

{ // File hash still is not defined, we should create and save it

$File->set_param( 'hash', 'string', md5_file( $File->get_full_path(), true ) );

$File->dbsave();

}

if( !empty( $vote_action ) )

{ // Vote for this file link

link_vote( $link_ID, $current_User->ID, $vote_action, $checked );

}

$voting_form_params['vote_ID'] = $link_ID;

if( empty( $vote_action ) || in_array( $vote_action, array( 'like', 'noopinion', 'dontlike' ) ) )

{ // Display a voting form if no action

// or Refresh a voting form only for these actions (in order to disable icons)

if( ! empty( $blog_ID ) )

{ // If blog is defined we should check if we can display info about number of votes

$BlogCache = & get_BlogCache();

if( ( $Collection = $Blog = & $BlogCache->get_by_ID( $blog_ID, false, false ) ) &&

$blog_skin_ID = $Blog->get_skin_ID() )

{

$LinkOwner = & $Link->get_LinkOwner();

$SkinCache = & get_SkinCache();

if( $Skin = & $SkinCache->get_by_ID( $blog_skin_ID, false, false ) &&

$Skin->get_setting( 'colorbox_vote_'.$LinkOwner->get( 'name' ).'_numbers' ) )

{ // Display number of votes for current link type if it is enabled by blog skin

$voting_form_params['display_numbers'] = true;

}

}

}

display_voting_form( $voting_form_params );

}

break;

case 'comment':

// Vote on comments

$comment_ID = (int)$vote_ID;

if( empty( $comment_ID ) )

{ // No comment ID

break 2;

}

$CommentCache = & get_CommentCache();

$Comment = $CommentCache->get_by_ID( $comment_ID, false );

if( !$Comment )

{ // Incorrect comment ID

break 2;

}

if( $current_User->ID == $Comment->author_user_ID )

{ // Do not allow users to vote on their own comments

break 2;

}

$comment_Item = & $Comment->get_Item();

$comment_Item->load_Blog();

if( ! $comment_Item->Blog->get_setting('allow_rating_comment_helpfulness') )

{ // If Users cannot vote

break 2;

}

if( !empty( $vote_action ) )

{ // Vote for this comment

switch( $vote_action )

{ // Set field value

case 'like':

$field_value = 'yes';

break;

case 'noopinion':

$field_value = 'noopinion';

break;

case 'dontlike':

$field_value = 'no';

break;

}

if( isset( $field_value ) )

{ // Update a vote of current user

$Comment->set_vote( 'helpful', $field_value );

$Comment->dbupdate();

}

}

if( !empty( $redirect_to ) )

{ // Redirect to back page, It is used by browsers without JavaScript

header_redirect( $redirect_to, 303 ); // Will EXIT

// We have EXITed already at this point!!

}

if( param( 'skin_ID', 'integer', 0 ) > 0 )

{ // If request is from skin:

$SkinCache = & get_SkinCache();

// Initialize global Collection in order to get Skin settings values from the Collection and not from defaults of the Skin:

$Blog = $comment_Item->get_Blog();

$request_Skin = & $SkinCache->get_by_ID( get_param( 'skin_ID' ), false, false );

if( $request_Skin && method_exists( $request_Skin, 'display_comment_voting_panel' ) )

{ // Request skin to display a voting panel for item:

$request_Skin->display_comment_voting_panel( $Comment, $request_Skin->get_setting( 'voting_place' ), array( 'display_wrapper' => false ) );

break 2;

}

}

$Comment->vote_helpful( '', '', '&amp;', true, true, array( 'display_wrapper' => false ) );

break;

case 'item':

// Vote on items:

$item_ID = intval( $vote_ID );

if( empty( $item_ID ) )

{ // No item ID

break 2;

}

$ItemCache = & get_ItemCache();

$Item = $ItemCache->get_by_ID( $item_ID, false );

if( ! $Item )

{ // Incorrect item ID:

break 2;

}

if( $current_User->ID == $Item->creator_user_ID )

{ // Do not allow users to vote on their own comments:

break 2;

}

$item_Blog = & $Item->get_Blog();

if( empty( $item_Blog ) || ! $item_Blog->get_setting( 'voting_positive' ) )

{ // If Users cannot vote:

break 2;

}

if( ! empty( $vote_action ) )

{ // Vote for the item:

switch( $vote_action )

{ // Set field value

case 'like':

$field_value = 'positive';

break;

case 'noopinion':

$field_value = 'neutral';

break;

case 'dontlike':

$field_value = 'negative';

break;

}

if( isset( $field_value ) )

{ // Update a vote of current user

$Item->set_vote( $field_value );

$Item->dbupdate();

// Invalidate key for the voted Item:

BlockCache::invalidate_key( 'item_ID', $Item->ID );

}

}

if( ! empty( $redirect_to ) )

{ // Redirect to back page, It is used by browsers without JavaScript:

header_redirect( $redirect_to, 303 ); // Will EXIT

// We have EXITed already at this point!!

}

if( param( 'widget_ID', 'integer', 0 ) > 0 )

{ // If request is from widget:

$WidgetCache = & get_WidgetCache();

$item_Widget = & $WidgetCache->get_by_ID( get_param( 'widget_ID' ), false, false );

if( $item_Widget && $item_Widget->code == 'item_vote' )

{ // Request widget to display a voting panel for item:

$item_Widget->display_voting_panel( $Item, array( 'display_wrapper' => false ) );

break 2;

}

}

elseif( param( 'skin_ID', 'integer', 0 ) > 0 )

{ // If request is from skin:

$SkinCache = & get_SkinCache();

// Initialize global Collection in order to get Skin settings values from the Collection and not from defaults of the Skin:

$Blog = $item_Blog;

$request_Skin = & $SkinCache->get_by_ID( get_param( 'skin_ID' ), false, false );

if( $request_Skin && method_exists( $request_Skin, 'display_item_voting_panel' ) )

{ // Request skin to display a voting panel for item:

$request_Skin->display_item_voting_panel( $Item, $request_Skin->get_setting( 'voting_place' ), array( 'display_wrapper' => false ) );

break 2;

}

}

// Display a voting panel for item:

$Item->display_voting_panel( array( 'display_wrapper' => false ) );

break;

}

break;

case 'get_user_new_field':

// Used in the identity user form to add a new field

$field_ID = param( 'field_id', 'integer', 0 );

$user_ID = param( 'user_id', 'integer', 0 );

if( $field_ID == 0 )

{ // Bad request

break;

}

$userfields = $DB->get_results( '

SELECT T_users__fielddefs.*, "0" AS uf_ID, "" AS uf_varchar, ufgp_ID, ufgp_name

FROM T_users__fielddefs

LEFT JOIN T_users__fieldgroups ON ufgp_ID = ufdf_ufgp_ID

WHERE ufdf_ID = "'.$field_ID.'"' );

if( $userfields[0]->ufdf_duplicated == 'forbidden' )

{ // This field can be only one instance for one user

echo '[0]'; // not duplicated field

$user_field_exist = $DB->get_var( '

SELECT uf_ID

FROM T_users__fields

WHERE uf_user_ID = "'.$user_ID.'" AND uf_ufdf_ID = "'.$field_ID.'"' );

if( $user_field_exist > 0 )

{ // User already has a current field type

break;

}

}

else

{ // It Means: this field can be duplicated

echo '[1]';

}

// Use the glyph or font-awesome icons if requested by skin

param( 'b2evo_icons_type', 'string', '' );

$Form = new Form();

$Form->fieldstart = '#fieldstart#';

$Form->fieldend = '#fieldend#';

$Form->labelclass = '#labelclass#';

$Form->labelstart = '#labelstart#';

$Form->labelend = '#labelend#';

$Form->inputstart = '#inputstart#';

$Form->inputend = '#inputend#';

userfields_display( $userfields, $Form, 'add', false, $user_ID );

break;

case 'get_user_field_autocomplete':

// Used for autocompletion of the user field

/**

* Possible values of var $attr_id

* 1) 111 - this goes from filter search, it is ufdf_ID

* 2) uf_new_222_ - field from identity form ( doesn't still exist in DB (recommened & required fields) )

* 3) uf_add_222_ - field from identity form ( user want add this field )

* where 222 == ufdf_ID

* 4) uf_333 - field exists in DB (where 333 == uf_ID from table T_users__fields)

*/

$attr_id = param( 'attr_id', 'string' );

$term = param( 'term', 'string' );

$field_type_id = 0;

if( (int)$attr_id > 0 )

{ // From filter 'Specific criteria'

$field_type_id = (int)$attr_id;

}

else if( preg_match( '/^uf_(new|add)_(\d+)_/i', $attr_id, $match ) )

{ // From new fields we can get the value for uf_ufdf_ID

$field_type_id = (int)$match[2];

}

else if( preg_match( '/^uf_(\d+)$/i', $attr_id, $match ) )

{ // From fields in DB we can get only uf_ID, then we should get a value uf_ufdf_ID from DB

$field_id = (int)$match[1];

$field_type_id = $DB->get_var( '

SELECT uf_ufdf_ID

FROM T_users__fields

WHERE uf_ID = "'.$field_id.'"' );

}

if( $field_type_id == 0 )

{ // Bad request

break;

}

echo evo_json_encode( $DB->get_col( '

SELECT DISTINCT ( uf_varchar )

FROM T_users__fields

WHERE uf_varchar LIKE '.$DB->quote('%'.$term.'%').'

AND uf_ufdf_ID = "'.$field_type_id.'"

ORDER BY uf_varchar' ) );

exit(0); // Exit here in order to don't display the AJAX debug info after JSON formatted data

break;

case 'get_regions_option_list':

// Get option list with regions by selected country

$country_ID = param( 'ctry_id', 'integer', 0 );

$region_ID = param( 'rgn_id', 'integer', 0 );

$page = param( 'page', 'string', '' );

$mode = param( 'mode', 'string', '' );

$params = array();

if( $page == 'edit' )

{

$params['none_option_text'] = T_( 'Unknown' );

}

load_funcs( 'regional/model/_regional.funcs.php' );

echo get_regions_option_list( $country_ID, 0, $params );

if( $mode == 'load_subregions' || $mode == 'load_all' )

{ // Load also the subregions

echo '-##-'.get_subregions_option_list( $region_ID, 0, $params );

}

if( $mode == 'load_all' )

{ // Load also the cities

echo '-##-'.get_cities_option_list( $country_ID, $region_ID, 0, 0, $params );

}

break;

case 'get_subregions_option_list':

// Get option list with sub-regions by selected region

$country_ID = param( 'ctry_id', 'integer', 0 );

$region_ID = param( 'rgn_id', 'integer', 0 );

$page = param( 'page', 'string', '' );

$mode = param( 'mode', 'string', '' );

$params = array();

if( $page == 'edit' )

{

$params['none_option_text'] = T_( 'Unknown' );

}

load_funcs( 'regional/model/_regional.funcs.php' );

echo get_subregions_option_list( $region_ID, 0, $params );

if( $mode == 'load_all' )

{ // Load also the cities

echo '-##-'.get_cities_option_list( $country_ID, $region_ID, 0, 0, $params );

}

break;

case 'get_cities_option_list':

// Get option list with cities by selected country, region or sub-region

$country_ID = param( 'ctry_id', 'integer', 0 );

$region_ID = param( 'rgn_id', 'integer', 0 );

$subregion_ID = param( 'subrg_id', 'integer', 0 );

$page = param( 'page', 'string', '' );

$params = array();

if( $page == 'edit' )

{

$params['none_option_text'] = T_( 'Unknown' );

}

load_funcs( 'regional/model/_regional.funcs.php' );

echo get_cities_option_list( $country_ID, $region_ID, $subregion_ID, 0, $params );

break;

case 'get_field_bubbletip':

// Get info for user field

$field_ID = param( 'field_ID', 'integer', 0 );

if( $field_ID > 0 )

{ // Get field info from DB

$field = $DB->get_row( '

SELECT ufdf_bubbletip, ufdf_duplicated

FROM T_users__fielddefs

WHERE ufdf_ID = '.$DB->quote( $field_ID ) );

if( is_null( $field ) )

{ // No field in DB

break;

}

if( !empty( $field->ufdf_bubbletip ) )

{ // Field has a defined bubbletip text

$field_info = nl2br( $field->ufdf_bubbletip );

}

else if( in_array( $field->ufdf_duplicated, array( 'allowed', 'list' ) ) )

{ // Default info for fields with multiple values

$field_info = T_('To enter multiple values,<br />please click on (+)');

}

}

if( !empty( $field_info ) )

{ // Replace mask text (+) with img tag

// Use the glyph or font-awesome icons if requested by skin

param( 'b2evo_icons_type', 'string', '' );

echo str_replace( '(+)', get_icon( 'add' ), $field_info );

}

break;

case 'validate_login':

// Validate if username is available

param( 'login', 'string', '' );

if( param_check_valid_login( 'login' ) )

{ // Login format is correct

if( !empty( $login ) )

{

$SQL = new SQL( 'Validate if username is available' );

$SQL->SELECT( 'user_ID' );

$SQL->FROM( 'T_users' );

$SQL->WHERE( 'user_login = "'.$DB->escape( $login ).'"' );

if( $DB->get_var( $SQL ) )

{ // Login already exists

echo 'exists';

}

else

{ // Login is available

echo 'available';

}

}

}

else

{ // Incorrect format of login

echo param_get_error_msg( 'login' );

}

break;

case 'results':

// Refresh a results table (To change page, page size, an order)

/**

* Variable to define a current request as ajax content

* It is used to don't display a wrapper data such as header, footer and etc.

* @see is_ajax_content()

*

* @var boolean

*/

$ajax_content_mode = true;

// get callback function param, this function will display the results content

$callback_function = param( 'callback_function', 'string', '' );

if( param( 'is_backoffice', 'integer', 0 ) )

{

global $current_User, $UserSettings, $is_admin_page;

$admin_skin = $UserSettings->get( 'admin_skin', $current_User->ID );

$params = array( 'skin_type' => 'admin', 'skin_name' => $admin_skin );

$is_admin_page = true;

/**

* Load the AdminUI class for the skin.

*/

require_once $adminskins_path.$admin_skin.'/_adminUI.class.php';

$AdminUI = new AdminUI();

// Get the requested params and memorize it to make correct links for paging, ordering and etc.

param( 'ctrl', '/^[a-z0-9_]+$/', $default_ctrl, true );

param( 'blog', 'integer', NULL, true );

$ReqPath = $admin_url;

}

else

{

$BlogCache = &get_BlogCache();

$Collection = $Blog = & $BlogCache->get_by_ID( $blog_ID, true );

$skin_ID = $Blog->get_skin_ID();

$SkinCache = & get_SkinCache();

$Skin = & $SkinCache->get_by_ID( $skin_ID );

$params = array( 'skin_type' => 'front', 'skin_name' => $Skin->folder );

}

// load required resource for each callback function

switch( $callback_function )

{

case 'hits_results_block':

load_funcs('sessions/model/_hitlog.funcs.php');

break;

case 'items_created_results_block':

case 'items_edited_results_block':