2 /****************************************************************/
4 /****************************************************************/
5 /* Copyright (c) 2002-2009 */
6 /* Inclusive Design Institute */
9 /* This program is free software. You can redistribute it and/or*/
10 /* modify it under the terms of the GNU General Public License */
11 /* as published by the Free Software Foundation. */
12 /****************************************************************/
14 $_user_location = 'public';
16 define('AT_INCLUDE_PATH', '../../../include/');
17 require(AT_INCLUDE_PATH.'vitals.inc.php');
18 require(AT_SOCIAL_INCLUDE.'constants.inc.php');
19 require(AT_SOCIAL_INCLUDE.'friends.inc.php');
20 require(AT_SOCIAL_INCLUDE.'classes/PrivacyControl/PrivacyObject.class.php');
21 require(AT_SOCIAL_INCLUDE.'classes/PrivacyControl/PrivacyController.class.php');
22 $_custom_css = $_base_path . AT_SOCIAL_BASENAME . 'module.css'; // use a custom stylesheet
25 * customized print_name for connection and its search
26 * will add login name if $_config[display_name_format]=1
27 * will print only "first_name last_name" for the onlcick javascript
29 function printSocialNameForConnection($id, $trigger){
30 global $_config, $display_name_formats, $db;
31 $display_name_format = $_config['display_name_format'];
33 //if trigger = true, it's for the drop down ajax
35 if($display_name_format>1){
36 $display_name_format = 1;
39 if($display_name_format==1){
40 $display_name_format = 2;
44 $sql = 'SELECT login, first_name, second_name, last_name FROM '.TABLE_PREFIX.'members WHERE member_id='.$id;
45 $result = mysql_query($sql, $db);
46 $row = mysql_fetch_assoc($result);
47 return htmlentities_utf8(_AT($display_name_formats[$display_name_format], $row['login'], $row['first_name'], $row['second_name'], $row['last_name']));
50 if (!$_SESSION['valid_user']) {
51 require(AT_INCLUDE_PATH.'header.inc.php');
52 $info = array('INVALID_USER', $_SESSION['course_id']);
53 $msg->printInfos($info);
54 require(AT_INCLUDE_PATH.'footer.inc.php');
58 // default display my friends
59 $friends = getFriends($_SESSION['member_id']);
60 $rand_key = $addslashes($_POST['rand_key']); //should we excape?
63 $page = intval($_GET['p']);
67 $count = (($page-1) * SOCIAL_FRIEND_SEARCH_MAX) + 1;
68 $offset = ($page-1) * SOCIAL_FRIEND_SEARCH_MAX;
71 //if $_GET['q'] is set, handle Ajax.
72 if (isset($_GET['q'])){
73 $query = $_GET['q']; //don't need to addslashes here cause searchFriends will do it.
75 if (isset($_POST['myFriendsOnly'])){
76 //retrieve a list of my friends
77 $search_result = searchFriends($query, true);
79 //retrieve a list of friends by the search
80 $search_result = searchFriends($query);
83 if (!empty($search_result)){
84 echo '<div class="suggestions">'._AT('suggestions').':<br/>';
86 foreach($search_result as $member_id=>$member_array){
87 //display 10 suggestions
91 //double encode the value because the .submit() function will decode the first level.
92 echo '<a href="javascript:void(0);" onclick="document.getElementById(\'search_friends\').value=\''.htmlentities_utf8(printSocialNameForConnection($member_id, true)).'\'; document.getElementById(\'search_friends_form\').submit();">'.printSocialNameForConnection($member_id, false).'</a><br/>';
101 if (isset($_GET['id'])){
102 $id = intval($_GET['id']);
104 addFriendRequest($id);
105 $msg->addFeedback('REQUEST_FRIEND_ADDED');
106 $sql_notify = "SELECT first_name, last_name, email FROM ".TABLE_PREFIX."members WHERE member_id=$id";
107 $result_notify = mysql_query($sql_notify, $db);
108 $row_notify = mysql_fetch_assoc($result_notify);
110 if ($row_notify['email'] != '') {
111 require(AT_INCLUDE_PATH . 'classes/phpmailer/atutormailer.class.php');
112 $body = _AT('notification_new_contact', get_display_name($_SESSION['member_id']), $_base_href.AT_SOCIAL_BASENAME.'index.php');
113 $sender = get_display_name($_SESSION['member_id']);
114 $mail = new ATutorMailer;
115 $mail->AddAddress($row_notify['email'], $sender);
116 $mail->FromName = $_config['site_name'];
117 $mail->From = $_config['contact_email'];
118 $mail->Subject = _AT('contact_request');
122 $msg->addError('SENDING_ERROR');
127 header('Location: '.url_rewrite(AT_SOCIAL_BASENAME.'connections.php', AT_PRETTY_URL_IS_HEADER));
132 //handle search friends request
133 if(($rand_key!='' && isset($_POST['search_friends_'.$rand_key])) || isset($_GET['search_friends'])){
134 if (empty($_POST['search_friends_'.$rand_key]) && !isset($_GET['search_friends'])){
135 $msg->addError('CANNOT_BE_EMPTY');
136 header('Location: '.url_rewrite(AT_SOCIAL_BASENAME.'connections.php', AT_PRETTY_URL_IS_HEADER));
140 //to adapt paginator GET queries
141 //don't need to apply addslashes here cause searchFriends will do it.
142 if($_GET['search_friends']){
143 $search_field = $_GET['search_friends'];
145 $search_field = $_POST['search_friends_'.$rand_key];
147 //take outs all htmlencode including slashes
148 $search_field = html_entity_decode($search_field, ENT_QUOTES, 'UTF-8');
150 if (isset($_POST['myFriendsOnly'])){
151 //retrieve a list of my friends
152 $friends = searchFriends($search_field, true);
154 //retrieve a list of friends by the search
155 $friends = searchFriends($search_field); //to calculate the total number. TODO: need a better way, wasting runtime.
156 $num_pages = max(ceil(sizeof($friends) / SOCIAL_FRIEND_SEARCH_MAX), 1);
157 $friends = searchFriends($search_field, false, $offset);
161 //mark those that are already added
162 $friends = markFriends($_SESSION['member_id'], $friends);
163 include(AT_INCLUDE_PATH.'header.inc.php');
164 $savant->display('social/pubmenu.tmpl.php');
165 $savant->assign('page', $page);
166 $savant->assign('num_pages', $num_pages);
167 $savant->assign('search_field', htmlentities_utf8($search_field));
168 $savant->assign('friends', $friends);
169 $savant->assign('rand_key', $rand_key);
170 $savant->display('social/connections.tmpl.php');
171 include(AT_INCLUDE_PATH.'footer.inc.php');