The program don't send invite when I use in group,I select friend but don't go further.

Hi Riccardo,

I wanna try this, but when I login to your community page I get this error :

FastCGI Error

The FastCGI Handler was unable to process the request.
Error Details:

Error Number: 13 (0x8007000d).
Error Description: Dati non validi.
HTTP Error 500 - Server Error.
Internet Information Services (IIS)

Now is ok, you must use mail and password to login

Hi Ricacardo,

My IP blocked by your site:

H A C K E R
223.164.81.72
ip address REGISTRATED AND SEND TO POLICE
bastard 223.

Yes, no one can log in. Why You need to enter? I want know wich are the program that I need to change because this is a bug and I need to change same program. I use 3.2.01.
I cannot upload all file from 3.2.1 becouse I have change a lot of them

Hi Riccardo,

I want to know what jomsocial version.
Because you using 3.2.0.1 please check at this file:
components/com_community/controllers/system.php at line 158 - 164:
if the code like this

if (!empty($values['friends'])) {
    $users = implode(',', $values['friends']);
    foreach ($values['friends'] as $id) {
         $recipients[] = $id;
     }
 }

if (!empty($values['friends'][0])) {
    $users = explode(',', $values['friends'][0]); 
    foreach($users as $id) {
         $recipients[] = $id;
     }
 }

hI
i HAVE CHANGE THE CODE, but It does't work. Please try it and you see that when you select a riend the program tell always to insert mail o selct. Please register your name and ask to me to be friend. My name riccardo antinori.
thanks
this is the file.

<?php
/**
* @copyright (C) 2013 iJoomla, Inc. - All rights reserved.
* @license GNU General Public License, version 2 ( www.gnu.org/licenses/gpl-2.0.html )
* @author iJoomla.com <This email address is being protected from spambots. You need JavaScript enabled to view it.>
* @url www.jomsocial.com/license-agreement
* The PHP code portions are distributed under the GPL license. If not otherwise stated, all images, manuals, cascading style sheets, and included JavaScript *are NOT GPL, and are released under the IJOOMLA Proprietary Use License v1.0
* More info at www.jomsocial.com/license-agreement
*/
// no direct access
defined('_JEXEC') or die('Restricted access');

class CommunitySystemController extends CommunityBaseController {

public function ajaxShowInvitationForm($friends, $callback, $cid, $displayFriends, $displayEmail) {
// pending filter
$objResponse = new JAXResponse();
$displayFriends = (bool) $displayFriends;

$config = CFactory::getConfig();
$limit = $config->get('friendloadlimit', 8);

$tmpl = new CTemplate();

$tmpl->set('displayFriends', $displayFriends);
$tmpl->set('displayEmail', $displayEmail);
$tmpl->set('cid', $cid);
$tmpl->set('callback', $callback);
$tmpl->set('limit', $limit);

$html = $tmpl->fetch('ajax.showinvitation');
$actions = '<input type="button" class="btn btn-primary" onclick="joms.invitation.send(\'' . $callback . '\',\'' . $cid . '\');" value="' . JText::_('COM_COMMUNITY_SEND_INVITATIONS') . '"/>';

$objResponse->addAssign('cwin_logo', 'innerHTML', JText::_('COM_COMMUNITY_INVITE_FRIENDS'));

$objResponse->addScriptCall('cWindowAddContent', $html, $actions);

// Call addScriptCall using the correct implementation
$objResponse->addScriptCall('joms.friends.loadFriend', "", $callback, $cid, '0', $limit);

return $objResponse->sendResponse();
}

public function ajaxShowFriendsForm($friends, $callback, $cid, $displayFriends, $onClickAction) {
// pending filter

$objResponse = new JAXResponse();
$displayFriends = (bool) $displayFriends;

$config = CFactory::getConfig();
$limit = $config->get('friendloadlimit', 8);

$tmpl = new CTemplate();
$tmpl->set('displayFriends', $displayFriends);
$tmpl->set('cid', $cid);
$tmpl->set('callback', $callback);
$tmpl->set('limit', $limit);
$html = $tmpl->fetch('ajax.showfriends');

$actions = '<input type="button" class="btn" onclick="' . $onClickAction . '" value="' . JText::_('COM_COMMUNITY_SELECT_FRIENDS') . '"/>';

$objResponse->addAssign('cwin_logo', 'innerHTML', JText::_('COM_COMMUNITY_SELECT_FRIENDS_CAPTION'));

$objResponse->addScriptCall('cWindowAddContent', $html, $actions);

// Call addScriptCall using the correct implementation
$objResponse->addScriptCall('joms.friends.loadFriend', "", $callback, $cid, '0', $limit);

return $objResponse->sendResponse();
}

public function ajaxLoadFriendsList($namePrefix, $callback, $cid, $limitstart = 0, $limit = 8) {
// pending filter
$objResponse = new JAXResponse();
$filter = JFilterInput::getInstance();
$callback = $filter->clean($callback, 'string');
$cid = $filter->clean($cid, 'int');
$namePrefix = $filter->clean($namePrefix, 'string');
$my = CFactory::getUser();
//get the handler
$handlerName = '';

$callbackOptions = explode(',', $callback);

if (isset($callbackOptions[0])) {
$handlerName = $callbackOptions[0];
}

$handler = CFactory::getModel($handlerName);

$handlerFunc = 'getInviteListByName';
$friends = '';
$args = array();
$friends = $handler->$handlerFunc($namePrefix, $my->id, $cid, $limitstart, $limit);

$invitation = JTable::getInstance('Invitation', 'CTable');
$invitation->load($callback, $cid);

$tmpl = new CTemplate();
$tmpl->set('friends', $friends);
$tmpl->set('selected', $invitation->getInvitedUsers());
$tmplName = 'ajax.friend.list.' . $handlerName;
$html = $tmpl->fetch($tmplName);
//calculate pending friend list
$loadedFriend = $limitstart + count($friends);
if ($handler->total > $loadedFriend) {
//update limitstart
$limitstart = $limitstart + count($friends);
$moreCount = $handler->total - $loadedFriend;
//load more option
$loadMore = '<a onClick="joms.friends.loadMoreFriend(\'' . $callback . '\',\'' . $cid . '\',\'' . $limitstart . '\',\'' . $limit . '\');" href="javascript:void(0)">' . JText::_('COM_COMMUNITY_INVITE_LOAD_MORE') . '(' . $moreCount . ') </a>';
} else {
//nothing to load
$loadMore = '';
}

$objResponse->addAssign('community-invitation-loadmore', 'innerHTML', $loadMore);
// $objResponse->addScriptCall('joms.friends.updateFriendList',$html,JText::_('COM_COMMUNITY_INVITE_NO_FRIENDS'));
$objResponse->addScriptCall('joms.friends.updateFriendList', $html, JText::_('COM_COMMUNITY_INVITE_NO_FRIENDS_FOUND'));


return $objResponse->sendResponse();
}

public function ajaxSubmitInvitation($callback, $cid, $values) {
//CFactory::load( 'helpers' , 'validate' );
$filter = JFilterInput::getInstance();
$callback = $filter->clean($callback, 'string');
$cid = $filter->clean($cid, 'int');
$values = $filter->clean($values, 'array');
$objResponse = new JAXResponse();
$my = CFactory::getUser();
$methods = explode(',', $callback);
$emails = array();
$recipients = array();
$users = '';
$message = $values;
$values = isset($values) ? $values : array();

if (!is_array($values)) {
$values = array($values);
}

// This is where we process external email addresses
if (!empty($values)) {
$emails = explode(',', $values);
foreach ($emails as $email) {
if (!CValidateHelper::email($email)) {
$objResponse->addAssign('invitation-error', 'innerHTML', JText::sprintf('COM_COMMUNITY_INVITE_EMAIL_INVALID', $email));
return $objResponse->sendResponse();
}
$recipients[] = $email;
}
}

// This is where we process site members that are being invited
if (!empty($values[0])) {
$users = explode(',', $values[0]);
foreach($users as $id) {
$recipients[] = $id;
}
}

if (!empty($recipients)) {
$arguments = array($cid, $values, $emails, $message);

if (is_array($methods) && $methods[0] != 'plugins') {
$controller = JString::strtolower(basename($methods[0]));
$function = $methods[1];
require_once( JPATH_ROOT . '/components/com_community/controllers/controller.php' );
$file = JPATH_ROOT . '/components/com_community/controllers' . '/' . $controller . '.php';


if (JFile::exists($file)) {
require_once( $file );

$controller = JString::ucfirst($controller);
$controller = 'Community' . $controller . 'Controller';
$controller = new $controller();

if (method_exists($controller, $function)) {
$inviteMail = call_user_func_array(array($controller, $function), $arguments);
} else {
$objResponse->addAssign('invitation-error', 'innerHTML', JText::_('COM_COMMUNITY_INVITE_EXTERNAL_METHOD_ERROR'));
return $objResponse->sendResponse();
}
} else {
$objResponse->addAssign('invitation-error', 'innerHTML', JText::_('COM_COMMUNITY_INVITE_EXTERNAL_METHOD_ERROR'));
return $objResponse->sendResponse();
}
} else if (is_array($methods) && $methods[0] == 'plugins') {
// Load 3rd party applications
$element = JString::strtolower(basename($methods[1]));
$function = $methods[2];
$file = CPluginHelper::getPluginPath('community', $element) . '/' . $element . '.php';

if (JFile::exists($file)) {
require_once( $file );
$className = 'plgCommunity' . JString::ucfirst($element);


if (method_exists($controller, $function)) {
$inviteMail = call_user_func_array(array($className, $function), $arguments);
} else {
$objResponse->addAssign('invitation-error', 'innerHTML', JText::_('COM_COMMUNITY_INVITE_EXTERNAL_METHOD_ERROR'));
return $objResponse->sendResponse();
}
} else {
$objResponse->addAssign('invitation-error', 'innerHTML', JText::_('COM_COMMUNITY_INVITE_EXTERNAL_METHOD_ERROR'));
return $objResponse->sendResponse();
}
}

//CFactory::load( 'libraries' , 'invitation' );
// If the responsible method returns a false value, we should know that they want to stop the invitation process.

if ($inviteMail instanceof CInvitationMail) {
if ($inviteMail->hasError()) {
$objResponse->addAssign('invitation-error', 'innerHTML', $inviteMail->getError());

return $objResponse->sendResponse();
} else {
// Once stored, we need to store selected user so they wont be invited again
$invitation = JTable::getInstance('Invitation', 'CTable');
$invitation->load($callback, $cid);

if (!empty($values)) {
if (!$invitation->id) {
// If the record doesn't exists, we need add them into the
$invitation->cid = $cid;
$invitation->callback = $callback;
}
$invitation->users = empty($invitation->users) ? implode(',', $values) : $invitation->users . ',' . implode(',', $values);
$invitation->store();
}

// Add notification
//CFactory::load( 'libraries' , 'notification' );
CNotificationLibrary::add($inviteMail->getCommand(), $my->id, $recipients, $inviteMail->getTitle(), $inviteMail->getContent(), '', $inviteMail->getParams());
}
} else {
$objResponse->addScriptCall(JText::_('COM_COMMUNITY_INVITE_INVALID_RETURN_TYPE'));
return $objResponse->sendResponse();
}
} else {
$objResponse->addAssign('invitation-error', 'innerHTML', JText::_('COM_COMMUNITY_INVITE_NO_SELECTION'));
return $objResponse->sendResponse();
}

$actions = '<input type="button" class="btn" onclick="cWindowHide();" value="' . JText::_('COM_COMMUNITY_BUTTON_CLOSE_BUTTON') . '"/>';
$html = JText::_('COM_COMMUNITY_INVITE_SENT');

$objResponse->addAssign('cwin_logo', 'innerHTML', JText::_('COM_COMMUNITY_INVITE_FRIENDS'));
$objResponse->addScriptCall('cWindowAddContent', $html, $actions);

return $objResponse->sendResponse();
}

public function ajaxReport($reportFunc, $pageLink) {
$filter = JFilterInput::getInstance();
$pageLink = $filter->clean($pageLink, 'string');
$reportFunc = $filter->clean($reportFunc, 'string');

$objResponse = new JAXResponse();
$config = CFactory::getConfig();
$reports = JString::trim($config->get('predefinedreports'));
$reports = empty($reports) ? false : explode("\n", $reports);

$html = '';

$argsCount = func_num_args();

$argsData = '';

if ($argsCount > 1) {

for ($i = 2; $i < $argsCount; $i++) {
$argsData .= "\'" . func_get_arg($i) . "\'";
$argsData .= ( $i != ( $argsCount - 1) ) ? ',' : '';
}
}

$tmpl = new CTemplate();
$tmpl->set('reports', $reports);
$tmpl->set('reportFunc', $reportFunc);

$html = $tmpl->fetch('ajax.reporting');
ob_start();
?>
<button class="btn" onclick="javascript:cWindowHide();" name="cancel">
<?php echo JText::_('COM_COMMUNITY_CANCEL_BUTTON'); ?>
</button>
<button class="btn btn-primary pull-right" onclick="joms.report.submit('<?php echo $reportFunc; ?>', '<?php echo $pageLink; ?>', '<?php echo $argsData; ?>');" name="submit">
<?php echo JText::_('COM_COMMUNITY_SEND_BUTTON'); ?>
</button>
<?php
$actions = ob_get_contents();
ob_end_clean();

// Change cWindow title
$objResponse->addAssign('cwin_logo', 'innerHTML', JText::_('COM_COMMUNITY_REPORT_THIS'));
$objResponse->addScriptCall('cWindowAddContent', $html, $actions);

return $objResponse->sendResponse();
}

public function ajaxSendReport() {
$reportFunc = func_get_arg(0);
$pageLink = func_get_arg(1);
$message = func_get_arg(2);

$argsCount = func_num_args();
$method = explode(',', $reportFunc);

$args = array();
$args[] = $pageLink;
$args[] = $message;

for ($i = 3; $i < $argsCount; $i++) {
$args[] = func_get_arg($i);
}

// Reporting should be session sensitive
// Construct $output
if ($reportFunc == 'activities,reportActivities' && strpos($pageLink, 'actid') === false) {
$pageLink = $pageLink . '&actid=' . func_get_arg(3);
}

$uniqueString = md5($reportFunc . $pageLink);
$session = JFactory::getSession();


if ($session->has('action-report-' . $uniqueString)) {
$output = JText::_('COM_COMMUNITY_REPORT_ALREADY_SENT');
} else {
if (is_array($method) && $method[0] != 'plugins') {
$controller = JString::strtolower(basename($method[0]));

require_once( JPATH_ROOT . '/components/com_community/controllers/controller.php' );
require_once( JPATH_ROOT . '/components/com_community/controllers' . '/' . $controller . '.php' );

$controller = JString::ucfirst($controller);
$controller = 'Community' . $controller . 'Controller';
$controller = new $controller();


$output = call_user_func_array(array(&$controller, $method[1]), $args);
} else if (is_array($method) && $method[0] == 'plugins') {
// Application method calls
$element = JString::strtolower($method[1]);
require_once( CPluginHelper::getPluginPath('community', $element) . '/' . $element . '.php' );
$className = 'plgCommunity' . JString::ucfirst($element);
$output = call_user_func_array(array($className, $method[2]), $args);
}
}
$session->set('action-report-' . $uniqueString, true);

// Construct the action buttons $action
ob_start();
?>
<button class="btn" onclick="javascript:cWindowHide();" name="cancel">
<?php echo JText::_('COM_COMMUNITY_BUTTON_CLOSE_BUTTON'); ?>
</button>
<?php
$action = ob_get_contents();
ob_end_clean();

// Construct the ajax response
$objResponse = new JAXResponse();

$objResponse->addAssign('cwin_logo', 'innerHTML', JText::_('COM_COMMUNITY_REPORT_SENT'));
$objResponse->addScriptCall('cWindowAddContent', $output, $action);

return $objResponse->sendResponse();
}

public function ajaxEditWall($wallId, $editableFunc) {
$filter = JFilterInput::getInstance();
$wallId = $filter->clean($wallId, 'int');
$editableFunc = $filter->clean($editableFunc, 'string');

$objResponse = new JAXResponse();
$wall = JTable::getInstance('Wall', 'CTable');
$wall->load($wallId);

//CFactory::load( 'libraries' , 'wall' );
$isEditable = CWall::isEditable($editableFunc, $wall->id);

if (!$isEditable) {
$objResponse->addAlert(JText::_('COM_COMMUNITY_NOT_ALLOWED_TO_EDIT'));
return $objResponse->sendResponse();
}

//CFactory::load( 'libraries' , 'comment' );
$tmpl = new CTemplate();
$message = CComment::stripCommentData($wall->comment);
$tmpl->set('message', $message);
$tmpl->set('editableFunc', $editableFunc);
$tmpl->set('id', $wall->id);

$content = $tmpl->fetch('wall.edit');

$objResponse->addScriptCall('joms.jQuery("#wall_' . $wallId . ' div.loading").hide();');
$objResponse->addAssign('wall-edit-container-' . $wallId, 'innerHTML', $content);

return $objResponse->sendResponse();
}

public function ajaxUpdateWall($wallId, $message, $editableFunc) {
$filter = JFilterInput::getInstance();
$wallId = $filter->clean($wallId, 'int');
$editableFunc = $filter->clean($editableFunc, 'string');

$wall = JTable::getInstance('Wall', 'CTable');
$wall->load($wallId);
$objResponse = new JAXresponse();

if (empty($message)) {
$objResponse->addScriptCall('alert', JText::_('COM_COMMUNITY_EMPTY_MESSAGE'));
return $objResponse->sendResponse();
}

$isEditable = CWall::isEditable($editableFunc, $wall->id);

if (!$isEditable) {
$response->addScriptCall('cWindowAddContent', JText::_('COM_COMMUNITY_NOT_ALLOWED_TO_EDIT'));
return $objResponse->sendResponse();
}

// We don't want to touch the comments data.
$comments = CComment::getRawCommentsData($wall->comment);
$wall->comment = $message;
$wall->comment .= $comments;
$my = CFactory::getUser();
$data = CWallLibrary::saveWall($wall->contentid, $wall->comment, $wall->type, $my, false, $editableFunc, 'wall.content', $wall->id);

$objResponse = new JAXResponse();

$objResponse->addScriptCall('joms.walls.update', $wall->id, $data->content);

return $objResponse->sendResponse();
}

public function ajaxGetOlderWalls($groupId, $discussionId, $limitStart) {
$filter = JFilterInput::getInstance();
$groupId = $filter->clean($groupId, 'int');
$discussionId = $filter->clean($discussionId, 'int');
$limitStart = $filter->clean($limitStart, 'int');

$limitStart = max(0, $limitStart);
$response = new JAXResponse();

$app = JFactory::getApplication();
$my = CFactory::getUser();
//$jconfig = JFactory::getConfig();

$groupModel = CFactory::getModel('groups');
$isGroupAdmin = $groupModel->isAdmin($my->id, $groupId);

$html = CWall::getWallContents('discussions', $discussionId, $isGroupAdmin, $app->getCfg('list_limit'), $limitStart, 'wall.content', 'groups,discussion', $groupId);

// parse the user avatar
$html = CStringHelper::replaceThumbnails($html);
$html = CString::str_ireplace(array('{error}', '{warning}', '{info}'), '', $html);


$config = CFactory::getConfig();
$order = $config->get('group_discuss_order');

if ($order == 'ASC') {
// Append new data at Top.
$response->addScriptCall('joms.walls.prepend', $html);
} else {
// Append new data at bottom.
$response->addScriptCall('joms.walls.append', $html);
}

return $response->sendResponse();
}

/**
* Like an item. Update ajax count
* @param string $element Can either be core object (photos/videos) or a plugins (plugins,plugin_name)
* @param mixed $itemId Unique id to identify object item
*
*/
public function ajaxLike($element, $itemId) {
$filter = JFilterInput::getInstance();
$element = $filter->clean($element, 'string');
$itemId = $filter->clean($itemId, 'int');

$table = array('photo' => 'photo',
'videos' => 'video');

if (!COwnerHelper::isRegisteredUser()) {
return $this->ajaxBlockUnregister();
}

$like = new CLike();

if (!$like->enabled($element)) {
// @todo: return proper ajax error
return;
}

$my = CFactory::getUser();
$objResponse = new JAXResponse();


$like->addLike($element, $itemId);
$html = $like->getHTML($element, $itemId, $my->id);

$act = new stdClass();
$act->cmd = $element . '.like';
$act->actor = $my->id;
$act->target = 0;
$act->title = '';
$act->content = '';
$act->app = $element . '.like';
$act->cid = $itemId;

if (isset($table[$element])) {
$table = JTable::getInstance($table[$element], 'CTable');
$table->load($itemId);

if (isset($table->permissions)) {
$act->access = $table->permissions;
}
}

$params = new CParameter('');

switch ($element) {

case 'groups':
$act->groupid = $itemId;
break;
case 'events':
$act->eventid = $itemId;
break;
}

$params->set('action', $element . '.like');

// Add logging
CActivityStream::addActor($act, $params->toString());

$objResponse->addScriptCall('__callback', $html);

return $objResponse->sendResponse();
}

/**
* Dislike an item
* @param string $element Can either be core object (photos/videos) or a plugins (plugins,plugin_name)
* @param mixed $itemId Unique id to identify object item
*
*/
public function ajaxDislike($element, $itemId) {
$filter = JFilterInput::getInstance();
$itemId = $filter->clean($itemId, 'int');
$element = $filter->clean($element, 'string');

if (!COwnerHelper::isRegisteredUser()) {
return $this->ajaxBlockUnregister();
}

$dislike = new CLike();

if (!$dislike->enabled($element)) {
// @todo: return proper ajax error
return;
}

$my = CFactory::getUser();
$objResponse = new JAXResponse();


$dislike->addDislike($element, $itemId);
$html = $dislike->getHTML($element, $itemId, $my->id);

$objResponse->addScriptCall('__callback', $html);

return $objResponse->sendResponse();
}

/**
* Unlike an item
* @param string $element Can either be core object (photos/videos) or a plugins (plugins,plugin_name)
* @param mixed $itemId Unique id to identify object item
*
*/
public function ajaxUnlike($element, $itemId) {
$filter = JFilterInput::getInstance();
$itemId = $filter->clean($itemId, 'int');
$element = $filter->clean($element, 'string');

if (!COwnerHelper::isRegisteredUser()) {
return $this->ajaxBlockUnregister();
}

$my = CFactory::getUser();
$objResponse = new JAXResponse();

// Load libraries
$unlike = new CLike();

if (!$unlike->enabled($element)) {

} else {
$unlike->unlike($element, $itemId);
$html = $unlike->getHTML($element, $itemId, $my->id);

$objResponse->addScriptCall('__callback', $html);
}

$act = new stdClass();
$act->cmd = $element . '.like';
$act->actor = $my->id;
$act->target = 0;
$act->title = '';
$act->content = '';
$act->app = $element . '.like';
$act->cid = $itemId;

$params = new CParameter('');

switch ($element) {

case 'groups':
$act->groupid = $itemId;
break;
case 'events':
$act->eventid = $itemId;
break;
}

$params->set('action', $element . '.like');

// Remove logging
CActivityStream::removeActor($act, $params->toString());

return $objResponse->sendResponse();
}

/**
* Called by status box to add new stream data
*
* @param type $message
* @param type $attachment
* @return type
*/
public function ajaxStreamAdd($message, $attachment) {

$streamHTML = '';
// $attachment pending filter

$cache = CFactory::getFastCache();
$cache->clean(array('activities'));

$my = CFactory::getUser();
$userparams = $my->getParams();

if (!COwnerHelper::isRegisteredUser()) {
return $this->ajaxBlockUnregister();
}

//@rule: In case someone bypasses the status in the html, we enforce the character limit.
$config = CFactory::getConfig();
if (JString::strlen($message) > $config->get('statusmaxchar')) {
$message = JHTML::_('string.truncate', $message, $config->get('statusmaxchar'));
}

$message = JString::trim($message);
$objResponse = new JAXResponse();
$rawMessage = $message;

// @rule: Autolink hyperlinks
// @rule: Autolink to users profile when message contains @username
// $message = CLinkGeneratorHelper::replaceAliasURL($message); // the processing is done on display side
$emailMessage = CLinkGeneratorHelper::replaceAliasURL($rawMessage, true);

// @rule: Spam checks
if ($config->get('antispam_akismet_status')) {
$filter = CSpamFilter::getFilter();
$filter->setAuthor($my->getDisplayName());
$filter->setMessage($message);
$filter->setEmail($my->email);
$filter->setURL(CRoute::_('index.php?option=com_community&view=profile&userid=' . $my->id));
$filter->setType('message');
$filter->setIP($_SERVER);

if ($filter->isSpam()) {
$objResponse->addAlert(JText::_('COM_COMMUNITY_STATUS_MARKED_SPAM'));
return $objResponse->sendResponse();
}
}

$attachment = json_decode($attachment, true);

switch ($attachment) {
case 'message':
//if (!empty($message)) {
switch ($attachment) {

case 'profile':
//only update user status if share messgage is on his profile
if (COwnerHelper::isMine($my->id, $attachment)) {

//save the message
$status = $this->getModel('status');
/* If no privacy in attachment than we apply default: Public */
if (!isset($attachment))
$attachment = COMMUNITY_STATUS_PRIVACY_PUBLIC;
$status->update($my->id, $rawMessage, $attachment);

//set user status for current session.
$today = JFactory::getDate();
$message2 = (empty($message)) ? ' ' : $message;
$my->set('_status', $rawMessage);
$my->set('_posted_on', $today->toSql());

// Order of replacement
$order = array("\r\n", "\n", "\r");
$replace = '<br />';

// Processes \r\n's first so they aren't converted twice.
$messageDisplay = str_replace($order, $replace, $message);
$messageDisplay = CKses::kses($messageDisplay, CKses::allowed());

//update user status
$objResponse->addScriptCall("joms.jQuery('#profile-status span#profile-status-message').html('" . addslashes($messageDisplay) . "');");
}

//if actor posted something to target, the privacy should be under target's profile privacy settings
if (!COwnerHelper::isMine($my->id, $attachment) && $attachment != '') {
$attachment = CFactory::getUser($attachment)->getParams()->get('privacyProfileView');
}

//push to activity stream
$act = new stdClass();
$act->cmd = 'profile.status.update';
$act->actor = $my->id;
$act->target = $attachment;
$act->title = $message;
$act->content = '';
$act->app = $attachment;
$act->cid = $my->id;
$act->access = $attachment;
$act->comment_id = CActivities::COMMENT_SELF;
$act->comment_type = 'profile.status';
$act->like_id = CActivities::LIKE_SELF;
$act->like_type = 'profile.status';

$activityParams = new CParameter('');

/* Save cords if exists */
if (isset($attachment)) {
/* Save geo name */
$act->location = $attachment[0];
$act->latitude = $attachment[1];
$act->longitude = $attachment[2];
};

$headMeta = new CParameter('');

if (isset($attachment)) {
$headMeta->set('title', $attachment[2]);
$headMeta->set('description', $attachment[3]);
$headMeta->set('image', $attachment[1]);
$headMeta->set('link', $attachment[0]);

//do checking if this is a video link
$video = JTable::getInstance('Video', 'CTable');
$isValidVideo = @$video->init($attachment[0]);
if ($isValidVideo) {
$headMeta->set('type', 'video');
$headMeta->set('video_provider', $video->type);
$headMeta->set('video_id', $video->getVideoId());
$headMeta->set('height', $video->getHeight());
$headMeta->set('width', $video->getWidth());
}

$activityParams->set('headMetas', $headMeta->toString());
}
//Store mood in paramm
if (isset($attachment) && $attachment != 'Mood') {
$activityParams->set('mood', $attachment);
}
$act->params = $activityParams->toString();

//CActivityStream::add($act);
/* Let use our new CApiStream */
$activityData = CApiActivities::add($act);

CTags::add($activityData);
CUserPoints::assignPoint('profile.status.update');

$recipient = CFactory::getUser($attachment);
$params = new CParameter('');
$params->set('actorName', $my->getDisplayName());
$params->set('recipientName', $recipient->getDisplayName());
$params->set('url', CUrlHelper::userLink($act->target, false));
$params->set('message', $message);

CNotificationLibrary::add('profile_status_update', $my->id, $attachment, JText::sprintf('COM_COMMUNITY_FRIEND_WALL_POST', $my->getDisplayName()), '', 'wall.post', $params);

//email and add notification if user are tagged
CUserHelper::parseTaggedUserNotification($message, $my, $activityData);

break;
// Message posted from Group page
case 'groups':
//
$groupLib = new CGroups();
$group = JTable::getInstance('Group', 'CTable');
$group->load($attachment);

// Permission check, only site admin and those who has
// mark their attendance can post message
if (!COwnerHelper::isCommunityAdmin() && !$group->isMember($my->id) && $config->get('lockgroupwalls')) {
$objResponse->addScriptCall("alert('permission denied');");
return $objResponse->sendResponse();
}

$act = new stdClass();
$act->cmd = 'groups.wall';
$act->actor = $my->id;
$act->target = 0;

$act->title = $message;
$act->content = '';
$act->app = 'groups.wall';
$act->cid = $attachment;
$act->groupid = $group->id;
$act->group_access = $group->approvals;
$act->eventid = 0;
$act->access = 0;
$act->comment_id = CActivities::COMMENT_SELF;
$act->comment_type = 'groups.wall';
$act->like_id = CActivities::LIKE_SELF;
$act->like_type = 'groups.wall';

$activityParams = new CParameter('');

/* Save cords if exists */
if (isset($attachment)) {
/* Save geo name */
$act->location = $attachment[0];
$act->latitude = $attachment[1];
$act->longitude = $attachment[2];
};

//Store mood in paramm
if (isset($attachment) && $attachment != 'Mood') {
$activityParams->set('mood', $attachment);
}

$act->params = $activityParams->toString();

$activityData = CApiActivities::add($act);

CTags::add($activityData);
CUserPoints::assignPoint('group.wall.create');

$recipient = CFactory::getUser($attachment);
$params = new CParameter('');
$params->set('message', $emailMessage);
$params->set('group', $group->name);
$params->set('group_url', 'index.php?option=com_community&view=groups&task=viewgroup&groupid=' . $group->id);
$params->set('url', CRoute::getExternalURL('index.php?option=com_community&view=groups&task=viewgroup&groupid=' . $group->id, false));

//Get group member emails
$model = CFactory::getModel('Groups');
$members = $model->getMembers($attachment, null, true, false, true);

$membersArray = array();
if (!is_null($members)) {
foreach ($members as $row) {
if ($my->id != $row->id) {
$membersArray[] = $row->id;
}
}
}

CNotificationLibrary::add('groups_wall_create', $my->id, $membersArray, JText::sprintf('COM_COMMUNITY_NEW_WALL_POST_NOTIFICATION_EMAIL_SUBJECT', $my->getDisplayName(), $group->name), '', 'groups.post', $params);

// Add custom stream
// Reload the stream with new stream data
$streamHTML = $groupLib->getStreamHTML($group);

break;

// Message posted from Event page
case 'events' :

$eventLib = new CEvents();
$event = JTable::getInstance('Event', 'CTable');
$event->load($attachment);

// Permission check, only site admin and those who has
// mark their attendance can post message
if ((!COwnerHelper::isCommunityAdmin() && !$event->isMember($my->id) && $config->get('lockeventwalls'))) {
$objResponse->addScriptCall("alert('permission denied');");
return $objResponse->sendResponse();
}

// If this is a group event, set the group object
$groupid = ($event->type == 'group') ? $event->contentid : 0;
//
$groupLib = new CGroups();
$group = JTable::getInstance('Group', 'CTable');
$group->load($groupid);

$act = new stdClass();
$act->cmd = 'events.wall';
$act->actor = $my->id;
$act->target = 0;
$act->title = $message;
$act->content = '';
$act->app = 'events.wall';
$act->cid = $attachment;
$act->groupid = ($event->type == 'group') ? $event->contentid : 0;
$act->group_access = $group->approvals;
$act->eventid = $event->id;
$act->event_access = $event->permission;
$act->access = 0;
$act->comment_id = CActivities::COMMENT_SELF;
$act->comment_type = 'events.wall';
$act->like_id = CActivities::LIKE_SELF;
$act->like_type = 'events.wall';

$activityParams = new CParameter('');

/* Save cords if exists */
if (isset($attachment)) {
/* Save geo name */
$act->location = $attachment[0];
$act->latitude = $attachment[1];
$act->longitude = $attachment[2];
};

//Store mood in paramm
if (isset($attachment) && $attachment != 'Mood') {
$activityParams->set('mood', $attachment);
}

$act->params = $activityParams->toString();

$activityData = CApiActivities::add($act);
CTags::add($activityData);

// add points
CUserPoints::assignPoint('event.wall.create');

// Reload the stream with new stream data
$streamHTML = $eventLib->getStreamHTML($event);
break;
}

$objResponse->addScriptCall('__callback', '');
// /}

break;

case 'photo':
switch ($attachment) {

case 'profile':
$photoIds = $attachment;
//use User Preference for Privacy
//$privacy = $userparams->get('privacyPhotoView'); //$privacy = $attachment;

$photo = JTable::getInstance('Photo', 'CTable');


if (!isset($photoIds[0]) || $photoIds[0] <= 0) {
//$objResponse->addScriptCall('__callback', JText::sprintf('COM_COMMUNITY_PHOTO_UPLOADED_SUCCESSFULLY', $photo->caption));
exit;
}

//always get album id from the photo itself, do not let it assign by params from user post data
$photoModel = CFactory::getModel('photos');
$photo = $photoModel->getPhoto($photoIds[0]);
/* OK ! If album_id is not provided than we use album id from photo ( it should be default album id ) */
$albumid = (isset($attachment)) ? $attachment : $photo->albumid;

$album = JTable::getInstance('Album', 'CTable');
$album->load($albumid);

$privacy = $album->permissions;

//limit checking
// $photoModel = CFactory::getModel( 'photos' );
// $config = CFactory::getConfig();
// $total = $photoModel->getTotalToday( $my->id );
// $max = $config->getInt( 'limit_photo_perday' );
// $remainingUploadCount = $max - $total;

foreach ($photoIds as $key => $photoId) {
if (CLimitsLibrary::exceedDaily('photos')) {
unset($photoIds[$key]);
continue;
}
$photo->load($photoId);
$photo->permissions = $privacy;
$photo->published = 1;
$photo->status = 'ready';
$photo->albumid = $albumid; /* We must update this photo into correct album id */
$photo->store();
}
if($config->get('autoalbumcover') && !$album->photoid){
$album->photoid = $photoIds[0];
$album->store();
}
// Trigger onPhotoCreate
//
$apps = CAppPlugins::getInstance();
$apps->loadApplications();
$params = array();
$params[] = $photo;
$apps->triggerEvent('onPhotoCreate', $params);

$act = new stdClass();
$act->cmd = 'photo.upload';
$act->actor = $my->id;
$act->access = $privacy; //$attachment;
$act->target = ($attachment == $my->id) ? 0 : $attachment;
$act->title = $message;
$act->content = ''; // Generated automatically by stream. No need to add anything
$act->app = 'photos';
$act->cid = $albumid;
$act->location = $album->location;

/* Comment and like for individual photo upload is linked
* to the photos itsel
*/
$act->comment_id = $photo->id;
$act->comment_type = 'photos';
$act->like_id = $photo->id;
$act->like_type = 'photo';

$albumUrl = 'index.php?option=com_community&view=photos&task=album&albumid=' . $album->id . '&userid=' . $my->id;
$albumUrl = CRoute::_($albumUrl);

$photoUrl = 'index.php?option=com_community&view=photos&task=photo&albumid=' . $album->id . '&userid=' . $photo->creator . '&photoid=' . $photo->id;
$photoUrl = CRoute::_($photoUrl);

$params = new CParameter('');
$params->set('multiUrl', $albumUrl);
$params->set('photoid', $photo->id);
$params->set('action', 'upload');
$params->set('stream', '1');
$params->set('photo_url', $photoUrl);
$params->set('style', COMMUNITY_STREAM_STYLE);
$params->set('photosId', implode(',', $photoIds));

if (count($photoIds > 1)) {
$params->set('count', count($photoIds));
$params->set('batchcount', count($photoIds));
}

// Add activity logging
// CActivityStream::remove($act->app, $act->cid);
CActivityStream::add($act, $params->toString());

// Add user points
CUserPoints::assignPoint('photo.upload');

$objResponse->addScriptCall('__callback', JText::sprintf('COM_COMMUNITY_PHOTO_UPLOADED_SUCCESSFULLY', $photo->caption));
break;

case 'groups':
//
$groupLib = new CGroups();
$group = JTable::getInstance('Group', 'CTable');
$group->load($attachment);

$photoIds = $attachment;
$privacy = $group->approvals ? PRIVACY_GROUP_PRIVATE_ITEM : 0;

$photo = JTable::getInstance('Photo', 'CTable');
foreach ($photoIds as $photoId) {
$photo->load($photoId);

$photo->caption = $message;
$photo->permissions = $privacy;
$photo->published = 1;
$photo->status = 'ready';
$photo->store();
}
// Trigger onPhotoCreate
//
$apps = CAppPlugins::getInstance();
$apps->loadApplications();
$params = array();
$params[] = $photo;
$apps->triggerEvent('onPhotoCreate', $params);

$album = JTable::getInstance('Album', 'CTable');
$album->load($photo->albumid);

$act = new stdClass();
$act->cmd = 'photo.upload';
$act->actor = $my->id;
$act->access = $privacy;
$act->target = ($attachment == $my->id) ? 0 : $attachment;
$act->title = $message; //JText::sprintf('COM_COMMUNITY_ACTIVITIES_UPLOAD_PHOTO' , '{photo_url}', $album->name );
$act->content = ''; // Generated automatically by stream. No need to add anything
$act->app = 'photos';
$act->cid = $album->id;
$act->location = $album->location;

$act->groupid = $group->id;
$act->group_access = $group->approvals;
$act->eventid = 0;
//$act->access = $attachment;

/* Comment and like for individual photo upload is linked
* to the photos itsel
*/
$act->comment_id = $photo->id;
$act->comment_type = 'photos';
$act->like_id = $photo->id;
$act->like_type = 'photo';

$albumUrl = 'index.php?option=com_community&view=photos&task=album&albumid=' . $album->id . '&userid=' . $my->id;
$albumUrl = CRoute::_($albumUrl);

$photoUrl = 'index.php?option=com_community&view=photos&task=photo&albumid=' . $album->id . '&userid=' . $photo->creator . '&photoid=' . $photo->id;
$photoUrl = CRoute::_($photoUrl);

$params = new CParameter('');
$params->set('multiUrl', $albumUrl);
$params->set('photoid', $photo->id);
$params->set('action', 'upload');
$params->set('stream', '1'); // this photo uploaded from status stream
$params->set('photo_url', $photoUrl);
$params->set('style', COMMUNITY_STREAM_STYLE); // set stream style
$params->set('photosId', implode(',', $photoIds));
// Add activity logging
if (count($photoIds > 1)) {
$params->set('count', count($photoIds));
$params->set('batchcount', count($photoIds));
}
// CActivityStream::remove($act->app, $act->cid);
CActivityStream::add($act, $params->toString());

// Add user points
CUserPoints::assignPoint('photo.upload');

// Reload the stream with new stream data
$streamHTML = $groupLib->getStreamHTML($group);

$objResponse->addScriptCall('__callback', JText::sprintf('COM_COMMUNITY_PHOTO_UPLOADED_SUCCESSFULLY', $photo->caption));

break;
dafault:
return;
}

break;

case 'video':
switch ($attachment) {
case 'profile':
// attachment id
$fetch = $attachment;
$cid = $fetch[0];
$privacy = $attachment;

$video = JTable::getInstance('Video', 'CTable');
$video->load($cid);
$video->set('creator_type', VIDEO_USER_TYPE);
$video->set('status', 'ready');
$video->set('permissions', $privacy);
$video->set('title', $fetch[3]);
$video->set('description', $fetch[4]);
$video->set('category_id', $fetch[5]);
$video->store();

// Add activity logging
$url = $video->getViewUri(false);

$act = new stdClass();
$act->cmd = 'videos.upload';
$act->actor = $my->id;
$act->target = ($attachment == $my->id) ? 0 : $attachment;
$act->access = $privacy;

//filter empty message
$act->title = $message;
$act->app = 'videos';
$act->content = '';
$act->cid = $video->id;
$act->location = $video->location;

/* Save cords if exists */
if (isset($attachment)) {
/* Save geo name */
$act->location = $attachment[0];
$act->latitude = $attachment[1];
$act->longitude = $attachment[2];
};

$act->comment_id = $video->id;
$act->comment_type = 'videos';

$act->like_id = $video->id;
$act->like_type = 'videos';

$params = new CParameter('');
$params->set('video_url', $url);
$params->set('style', COMMUNITY_STREAM_STYLE); // set stream style
//
CActivityStream::add($act, $params->toString());

// @rule: Add point when user adds a new video link
//
CUserPoints::assignPoint('video.add', $video->creator);

// Trigger for onVideoCreate
//
$apps = CAppPlugins::getInstance();
$apps->loadApplications();
$params = array();
$params[] = $video;
$apps->triggerEvent('onVideoCreate', $params);

$this->cacheClean(array(COMMUNITY_CACHE_TAG_VIDEOS, COMMUNITY_CACHE_TAG_FRONTPAGE, COMMUNITY_CACHE_TAG_FEATURED, COMMUNITY_CACHE_TAG_VIDEOS_CAT, COMMUNITY_CACHE_TAG_ACTIVITIES));

$objResponse->addScriptCall('__callback', JText::sprintf('COM_COMMUNITY_VIDEOS_UPLOAD_SUCCESS', $video->title));

break;

case 'groups':
// attachment id
$fetch = $attachment;
$cid = $fetch[0];
$privacy = 0; //$attachment;

$video = JTable::getInstance('Video', 'CTable');
$video->load($cid);
$video->set('status', 'ready');
$video->set('groupid', $attachment);
$video->set('permissions', $privacy);
$video->set('creator_type', VIDEO_GROUP_TYPE);
$video->set('title', $fetch[3]);
$video->set('description', $fetch[4]);
$video->set('category_id', $fetch[5]);
$video->store();

//
$groupLib = new CGroups();
$group = JTable::getInstance('Group', 'CTable');
$group->load($attachment);

// Add activity logging
$url = $video->getViewUri(false);

$act = new stdClass();
$act->cmd = 'videos.upload';
$act->actor = $my->id;
$act->target = ($attachment == $my->id) ? 0 : $attachment;
$act->access = $privacy;

//filter empty message
$act->title = $message;
$act->app = 'videos';
$act->content = '';
$act->cid = $video->id;
$act->groupid = $video->groupid;
$act->group_access = $group->approvals;
$act->location = $video->location;

$act->comment_id = $video->id;
$act->comment_type = 'videos';

$act->like_id = $video->id;
$act->like_type = 'videos';

$params = new CParameter('');
$params->set('video_url', $url);
$params->set('style', COMMUNITY_STREAM_STYLE); // set stream style

CActivityStream::add($act, $params->toString());

// @rule: Add point when user adds a new video link
CUserPoints::assignPoint('video.add', $video->creator);

// Trigger for onVideoCreate
$apps = CAppPlugins::getInstance();
$apps->loadApplications();
$params = array();
$params[] = $video;
$apps->triggerEvent('onVideoCreate', $params);

$this->cacheClean(array(COMMUNITY_CACHE_TAG_VIDEOS, COMMUNITY_CACHE_TAG_FRONTPAGE, COMMUNITY_CACHE_TAG_FEATURED, COMMUNITY_CACHE_TAG_VIDEOS_CAT, COMMUNITY_CACHE_TAG_ACTIVITIES));

$objResponse->addScriptCall('__callback', JText::sprintf('COM_COMMUNITY_VIDEOS_UPLOAD_SUCCESS', $video->title));

// Reload the stream with new stream data
$streamHTML = $groupLib->getStreamHTML($group);

break;

default:
return;
}

break;

case 'event':
switch ($attachment) {

case 'profile':
require_once(COMMUNITY_COM_PATH . '/controllers/events.php');

$eventController = new CommunityEventsController();

// Assign default values where necessary
$attachment = $message;
$attachment = 0;
$attachment = 0;

$event = $eventController->ajaxCreate($attachment, $objResponse);

$objResponse->addScriptCall('joms.status.Creator[\'event\'].success', JText::sprintf('COM_COMMUNITY_EVENTS_CREATED_NOTICE', $event->title));

if ( CFactory::getConfig()->get('event_moderation') ) {
$objResponse->addAlert( JText::sprintf('COM_COMMUNITY_EVENTS_MODERATION_NOTICE', $event->title) );
}

break;

case 'groups':
require_once(COMMUNITY_COM_PATH . '/controllers/events.php');

$eventController = new CommunityEventsController();

//
$groupLib = new CGroups();
$group = JTable::getInstance('Group', 'CTable');
$group->load($attachment);

// Assign default values where necessary
$attachment = $message;
$attachment = 0;
$attachment = 0;

$event = $eventController->ajaxCreate($attachment, $objResponse);

$objResponse->addScriptCall('__callback', '');

// Reload the stream with new stream data
$streamHTML = $groupLib->getStreamHTML($group);

if ( CFactory::getConfig()->get('event_moderation') ) {
$objResponse->addAlert( JText::sprintf('COM_COMMUNITY_EVENTS_MODERATION_NOTICE', $event->title) );
}

break;
}

break;

case 'link':
break;
}

if (!isset($attachment)) {
$attachment = '';
}

if (empty($streamHTML)) {
if (!isset($attachment))
$attachment = '';
if (!isset($attachment))
$attachment = '';
$streamHTML = CActivities::getActivitiesByFilter($attachment, $attachment, $attachment);
}

$objResponse->addAssign('activity-stream-container', 'innerHTML', $streamHTML);

// Log user engagement
CEngagement::log($attachment . '.share', $my->id);

return $objResponse->sendResponse();
}

/**
* Add comment to the stream
*
* @param int $actid acitivity id
* @param string $comment
* @return obj
*/
public function ajaxStreamAddComment($actid, $comment) {
$filter = JFilterInput::getInstance();
$actid = $filter->clean($actid, 'int');
$my = CFactory::getUser();
$config = CFactory::getConfig();
$objResponse = new JAXResponse();
$wallModel = CFactory::getModel('wall');
$rawComment = $comment;


// Pull the activity record and find out the actor
// only allow comment if the actor is a friend of current user
$act = JTable::getInstance('Activity', 'CTable');
$act->load($actid);

//who can add comment
$obj = $act;

if ($act->groupid > 0) {
$obj = JTable::getInstance('Group', 'CTable');
$obj->load($act->groupid);
} else if ($act->eventid > 0) {
$obj = JTable::getInstance('Event', 'CTable');
$obj->load($act->eventid);
}

$params = new CParameter($act->params);

$batchcount = $params->get('batchcount', 0);
$wallParam = new CParameter('');
if ($act->app == 'photos' && $batchcount > 1) {
$photo = JTable::getInstance('Photo', 'CTable');
$photo->load($params->get('photoid'));

$act->comment_type = 'albums';
$act->comment_id = $photo->albumid;

$wallParam->set('activityId',$act->id);
}

// Allow comment for system post
$allowComment = false;
if ($act->app == 'system') {
$allowComment = !empty($my->id);
}

if ($my->authorise('community.add', 'activities.comment.' . $act->actor, $obj) || $allowComment) {

$table = JTable::getInstance('Wall', 'CTable');
$table->type = $act->comment_type;
$table->contentid = $act->comment_id;
$table->post_by = $my->id;
$table->comment = $comment;
$table->params = $wallParam->toString();

if (( preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i", $comment))) {

$urlsParser = new CParserUrls ();
$urlsParser->init(array('content' => $comment));
$urls = $urlsParser->extract();

if (count($urls) > 0) {
$url = array_shift($urls);
$crawl = CCrawler::getCrawler();
$data = $crawl->crawl('GET', $url);
$graphObject = $data->parse();

Hi Riccardo

could you please compress the folder /components/com_community into zip and send it to me?
I need to inspect everything. because your code has been changed a lot.

Regards,
Albert

Hi Ricardo,

We have not received any response back from you in over 7 days, and would like to know if you consider this issue to be resolved. If you have any further questions, simply reply to this post.

Regards,
Albert

Hi, I send the file. But I have no response. The program "Invite friend" still doesn't work

Hi,

I think you IP is still blocked, I cant login to your backend :

H A C K E R 
180.253.117.221 
ip address REGISTRATED AND SEND TO POLICE
bastard 180.