modules/shoutbox/shoutbox.module

<?php
// $Id$

/**
 * @file
 * shoutbox module displays a block for users to create short
 * messages for thw whole site. Uses AHAH to update the
 * database and display content.
 *
 */


/**
 * Implementation of hook_help().
 */
function shoutbox_help($path, $arg) {
  switch ($path) {
    case 'admin/build/modules#description':
      return t("This module enables you to display a shoutbox.");
  }
}

/**
 * Implementation of hook_menu().
 */
function shoutbox_menu() {
  $items = array();

  $items['shoutbox/js/view'] = array(
    'title' => 'View Shouts',
    'page callback' => 'shoutbox_js_view',
    'access arguments' => array('access content'),
    'type' => MENU_CALLBACK,
  );
  $items['shoutbox/%shoutbox/edit'] = array(
    'title' => 'Edit Shout',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('shoutbox_edit_form', 1),
    'access arguments' => array('edit own shouts'),
    'type' => MENU_CALLBACK,
  );
  $items['shoutbox/%shoutbox/delete'] = array(
    'title' => 'Delete Shout',
    'page callback' => 'theme',
    'page arguments' => array('shoutbox_delete_form', 1),
    'access arguments' => array('delete own shouts'),
    'type' => MENU_CALLBACK,
  );
  $items['shoutbox/%/promote'] = array(
    'title' => 'Promote Shout',
    'page callback' => 'shoutbox_promote',
    'page arguments' => array(1),
    'access arguments' => array('vote on shouts'),
    'type' => MENU_CALLBACK,
  );
  $items['shoutbox/%/demote'] = array(
    'title' => 'Demote Shout',
    'page callback' => 'shoutbox_demote',
    'page arguments' => array(1),
    'access arguments' => array('vote on shouts'),
    'type' => MENU_CALLBACK,
  );
  $items['admin/build/shoutbox'] = array(
    'title' => 'Shoutbox',
    'description' => 'Settings for displaying and deleting shouts',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('shoutbox_admin_settings'),
    'access arguments' => array('administer site configuration'),
    'type' => MENU_NORMAL_ITEM,
  );

  return $items;
}

/**
 * Implementation of hook_load()
 *
 */
function shoutbox_load($shout_id) {
  $shout = NULL;
  if (is_numeric($shout_id)) {
    $shout = db_fetch_object(db_query('SELECT * FROM {shoutbox} WHERE shout_id = '. db_placeholders($shout_id), $shout_id));
    if ($shout) {
      _shoutbox_sanitize_shout($shout);
    }
    else {
      $shout = FALSE;
    }
  }
  return $shout;
}

/**
 *  Make the shout box block available. (Standard Drupal hook).
 *
 * @param $op
 *   "list" to request list of blocks this module exposes;
 *   any other value to display the stock quotes block.
 * @param $delta
 *   integer block selector (only recognizes 0 = stock quotes).
 * @return
 *   (if $op == "list") array containing list of blocks.
 *   (otherwise) HTML fragment for THE block.
 */
function shoutbox_block($op = 'list', $delta = 0, $edit = array()) {
  switch ($op) {
    case 'list':
      $blocks[0]["info"] = t("Shoutbox");
      return $blocks;
      break;

    case 'view':
      $block = array();
      drupal_add_css(drupal_get_path('module', 'shoutbox') .'/shoutbox.css');
      switch ($delta) {
        case 0:
          if (user_access("access content")) {
            if (!stristr($_GET['q'], 'shoutbox')) {
              // Bind submission to submit.
              drupal_add_js('misc/jquery.form.js');
              drupal_add_js(drupal_get_path('module', 'shoutbox') .'/shoutbox-form.js', 'module');
              $block["subject"] = t("Shout Box");
              $block["content"] = _shoutbox_get_view();
            }
          }
      }
      return $block;
      break;
    default :
      break;
  }
  return;
}

/**
 * Implementation of hook_cron().
 */
function shoutbox_cron() {
  $expiration = variable_get('shoutbox_expire', 0);
  if ($expiration > 0) {
    db_query('DELETE FROM {shoutbox} WHERE created < %d', time() - 60*60*24*$expiration);
  }
}


/**
 * Implementation of hook_perm().
 */
function shoutbox_perm() {
  return array('post shouts', 'administer shoutbox', 'moderate shoutbox',
               'post shouts without approval', 'delete own shouts',
               'edit own shouts', 'vote on shouts');
}

// CALLBACKS.

/**
 * Javascript callback.
 * Prints out shouts only.
 */
function shoutbox_js_view() {
  $show_amount = variable_get('shoutbox_showamount', '20');
  $shoutbox_posts_data = _shoutbox_display_posts($show_amount);
  $output = $shoutbox_posts_data['output'];
  print $output;
}


/**
 * Function to handle promotion of shouts.
 *
 * @param shout_id
 *   The shout id to be promoted.
 */
function shoutbox_promote($shout_id = NULL) {
  $output = "";
  if (!is_numeric($shout_id)) {
    drupal_access_denied();
  }
  else {
    _shoutbox_vote($shout_id, 1);
  }
  drupal_goto('');
}


/**
 * Function to handle demotion of shouts.
 *
 * @param shout_id
 *   The shout id to be demoted.
 */
function shoutbox_demote($shout_id = NULL) {
  $output = "";
  if (!is_numeric($shout_id)) {
    drupal_access_denied();
  }
  else {
    _shoutbox_vote($shout_id, -1);
  }
  drupal_goto('');
}


// THEMES.

/**
 * Implementation of hook_theme().
 */
function shoutbox_theme() {
  return array(
    'shoutbox_links' => array(),
    'shoutbox_post_forbidden' => array(),
    'shoutbox_post' => array(
      'arguments' => array('shout' => NULL, 'links' => array()),
    ),
    'shoutbox_page' => array(
      'arguments' => array('content' => NULL, 'title' => 'Shoutbox'),
    ),
    'shoutbox_delete_form' => array(
      'arguments' => array('shout' => NULL),
      'file' => 'shoutbox.pages.inc',
    ),
  );
}


/**
 * Theme function of shoutbox actions. Actions are edit, delete, promote
 * and demote. NOTE: Function does not return html but rather an array
 * with the actions as keys. See code.
 */
function theme_shoutbox_links() {
  $links['edit']['action'] = 'edit';
  $links['edit']['title'] = 'Edit Shout';
  $links['edit']['img'] = base_path() . drupal_get_path('module', 'shoutbox') .'/icon_edit.gif';
  $links['edit']['img_width'] = 15;
  $links['edit']['img_height'] = 15;
  $links['delete']['action'] = 'delete';
  $links['delete']['title'] = 'Delete Shout';
  $links['delete']['img'] = base_path() . drupal_get_path('module', 'shoutbox') .'/icon_delete.gif';
  $links['delete']['img_width'] = 15;
  $links['delete']['img_height'] = 15;
  $links['promote']['action'] = 'promote';
  $links['promote']['title'] = 'Promote';
  $links['promote']['img'] = base_path() . drupal_get_path('module', 'shoutbox') .'/thumb_up.gif';
  $links['promote']['img_width'] = 15;
  $links['promote']['img_height'] = 15;
  $links['demote']['action'] = 'demote';
  $links['demote']['title'] = 'Demote';
  $links['demote']['img'] = base_path() . drupal_get_path('module', 'shoutbox') .'/thumb_down.gif';
  $links['demote']['img_width'] = 15;
  $links['demote']['img_height'] = 15;

  return $links;
}

/**
 * Theme function for shoutbox posts.
 *
 * @param shout
 *   The shout to be themed.
 * @param links
 *   Links of possible actions that can be performed on this shout
 *   by the current user.
 */
function theme_shoutbox_post($shout, $links = array()) {
  // Get the registered username of the person who posted the shout.
  if ($shout->uid > 0) {
    $user = user_load(array("uid" => $shout->uid));
    $shout->username = $user->name;
  }
  else {
    $shout->username = 'an anonymous user';
  }

  // BUGBUG strstr returns from http:// till end
  // we should use that instead of full url.
  if (strstr($shout->url, "http://")) {
    $shout->url = '<a href="'. $shout->url .'" target="_blank">'. $shout->nick .'</a>';
  }
  else {
    $shout->url = $shout->nick;
  }

  if ($links) {
    foreach ($links as $link) {
      $linkattributes = $link['linkattributes'];
      $link_html = '<img src="'. $link['img'] .'"  width="'. $link['img_width'] .'" height="'. $link['img_height'] .'" alt="'. $link['title'] .'" class="shoutbox-imglink">';
      $link_url = 'shoutbox/'. $shout->shout_id . '/' . $link['action'];
      $img_links = l($link_html, $link_url, array('html' => TRUE)) . $img_links;
    }
  }

  $title = 'Posted '. format_date($shout->created, 'custom', 'm/d/y') .' at '. format_date($shout->created, 'custom', 'h:ia') .' by '. $shout->username;
  $shout_class = (($shout->color) ? ("odd") : ("even"));

  return "<div class=\"shoutbox-$shout_class\" title=\"$title\">$img_links<b>$shout->url</b>: $shout->shout</div>\n";
}

/**
 * Theme function for displaying the shoutbox page.
 *
 * @param $content
 *   The page content.
 * @param $title
 *   The page title, defaults to 'Shoutbox'.
 * @return
 *   String containing HTML formatted page.
 */
function theme_shoutbox_page($content, $title = 'Shoutbox') {
  $output .= $content;
  return $output;
}

/**
 * Theme function for displaying the access denied message.
 *
 * @return
 *   String containing HTML formatted access denied message.
 */
function theme_shoutbox_post_forbidden() {
  global $user;

  if ($user->uid) {
    return '<div class="shoutbox-msg">'. t("Your account does not have the permissions to post shouts") ."</div>\n";
  }
  else {
    return '<div class="shoutbox-msg">'.  t('<a href="!login" target="_top">Login</a> or <a href="!register" target="_top">register</a> to post shouts', array('!login' => url('user/login'), '!register' => url('user/register'))) ."</div>\n";
  }
}


// FORMS.

/**
 * Form for admin/settings/shoutox page.
 */
function shoutbox_admin_settings() {
  $form['display_settings'] = array(
    '#type' => 'fieldset',
    '#title' => t('Display Settings'),
    '#collapsible' => true
  );
  $form['display_settings']['shoutbox_showamount'] = array(
    '#type' => 'textfield',
    '#title' => t('Number of posts to show'),
    '#default_value' => variable_get('shoutbox_showamount', 20),
    '#size' => 4,
    '#maxlength' => 4,
    '#description' => t("Set the number of shoutbox posts to show."),
    );
  $form['display_settings']['shoutbox_ascending'] = array(
    '#type' => 'checkbox',
    '#title' => t('Post newest shouts on top'),
    '#default_value' => variable_get('shoutbox_ascending', 0),
    '#description' => t('When checked, new shouts will appear on the top instead of the bottom.'),
    );
  $form['display_settings']['shoutbox_defaultname'] = array(
    '#type' => 'checkbox',
    '#title' => t('Default the name field to the logged in user name'),
    '#default_value' => variable_get('shoutbox_defaultname', 1),
    '#description' => t('When checked, "Your name/nick" will be replaced by the logged in user name'),
    );
  $form['display_settings']['shoutbox_shownamefield'] = array(
    '#type' => 'checkbox',
    '#title' => t('Show the name field for logged in users'),
    '#default_value' => variable_get('shoutbox_shownamefield', 1),
    '#description' => t('Uncheck to hide the name field for logged in users. Name will then be the user name, so previous option will be useless.'),
    );
  $form['display_settings']['shoutbox_showurlfield'] = array(
    '#type' => 'checkbox',
    '#title' => t('Show the url field'),
    '#default_value' => variable_get('shoutbox_showurlfield', 1),
    '#description' => t('Check to allow users to enter an url.'),
    );
  $form['time_settings'] = array(
    '#type' => 'fieldset',
    '#title' => t('Time Settings'),
    '#collapsible' => true,
    '#collapsed' => false
  );
  $form['time_settings']['shoutbox_refresh'] = array(
    '#type' => 'textfield',
    '#title' => t('Auto refresh (in seconds)'),
    '#default_value' => variable_get('shoutbox_refresh', 0),
    '#size' => 4,
    '#maxlength' => 4,
    '#description' => t("Shoutbox can be set to automatically refresh every x number of seconds.  Set to 0 to turn off the auto refresh (default)."),
  );
  $form['time_settings']['shoutbox_anonymous_timeout'] = array(
    '#type' => 'textfield',
    '#title' => t('Number of minutes for which anonymous users may edit or delete their own posts'),
    '#default_value' => variable_get('shoutbox_anonymous_timeout', 20),
    '#size' => 4,
    '#maxlength' => 4,
    '#description' => t("Anonymous users can edit or delete their post within this amount of time from it being posted, as long as they have the same IP address as when they posted it.  If you don't want shout editing and/or deleting, remove these permissions from Drupal's anonymous users role."),
  );
  $form['time_settings']['shoutbox_registered_timeout'] = array(
    '#type' => 'textfield',
    '#title' => t('Number of minutes for which registered users may edit or delete their own posts'),
    '#default_value' => variable_get('shoutbox_registered_timeout', 1440),
    '#size' => 4,
    '#maxlength' => 4,
    '#description' => t("Registered users can edit or delete their post within this amount of time from it being posted.  If you don't want editing and/or deleting, remove these permissions from Drupal's registered users role."),
  );
  $form['time_settings']['shoutbox_expire'] = array(
    '#type' => 'textfield',
    '#title' => t('Number of days after which shouts will be purged from the database'),
    '#default_value' => variable_get('shoutbox_expire', 0),
    '#size' => 4,
    '#maxlength' => 4,
    '#description' => t("Shouts will be permanently deleted after the number of days specified.  Shouts will never expire when this is set to zero."),
  );

  return system_settings_form($form);
}


/**
 * Generates form for adding shouts.
 */
function shoutbox_add_form() {
  global $user;

  if (isset($_COOKIE['shoutinfo'])) {
    $info = explode("|", $_COOKIE['shoutinfo']);
    $last_nick = $info[0];
    $last_url = $info[1];
  }

  if (variable_get('shoutbox_defaultname', 0) && $user->uid) {
    $default_nick = $user->name;
  }
  else {
    $default_nick = t('Your Name/Nick');
  }
  $default_msg = t('Enter Message');
  $default_url = t('Your Website URL');

  $form = '';
  if (!variable_get('shoutbox_shownamefield', 1) && $user->uid) {
    $form['nick'] = array(
     '#type' => 'hidden',
     '#value' => $user->name,
    );
  }
  else {
    $form['nick'] = array(
      '#type' => 'textfield',
      '#default_value' => ($last_nick) ? $last_nick : $default_nick,
      '#size' => 15,
      '#maxlength' => 30,
    );
  }
  $form['message'] = array(
    '#type' => 'textfield',
    '#default_value' => $default_msg,
    '#size' => 15,
  );
  if (variable_get('shoutbox_showurlfield', 1)) {
    $form['url'] = array(
      '#type' => 'textfield',
      '#default_value' => ($last_url) ? $last_url : $default_url,
      '#size' => 15,
      '#maxlength' => 255,
    );
  }
  $form['#attributes'] = array('name' => 'shoutbox_add');
  $form['#prefix'] = '<div class="shoutbox-add-form">';
  $form['#suffix'] = '</div>';
  $form['ajax'] = array(
    '#type' => 'hidden',
    '#default_value' => 0);
  $form['nextcolor'] = array(
    '#type' => 'hidden',
    '#default_value' => $color);
  $form[] = array('#type' => 'submit', '#value' => t('Shout'));

  return $form;
}

/**
 * Form for editing shouts.
 *
 * @param shout_id
 *   The shout id of the shout being edited.
 */
function shoutbox_edit_form(&$form_state, $shout) {

  if (user_access('administer shouts')) {
    $form[] = array(
      '#type' => 'item',
      '#title' => t('Created'),
      '#value' => date('m/d/y h:i:sa', $shout->created),
    );
    $form[] = array(
      '#type' => 'item',
      '#title' => t('Changed'),
      '#value' => date('m/d/y h:i:sa', $shout->changed),
    );
    $form[] = array(
      '#type' => 'item',
      '#title' => t('Hostname(s)'),
      '#value' => $shout->hostname,
    );
    $form['status'] = array(
      '#type' => 'radios',
      '#title' => t('Status'),
      '#default_value' => $shout->status,
      '#options' => array('not published', 'published'),
    );
    $users[0] = variable_get('anonymous', 'Anonymous');
    $result = db_query("SELECT uid, name FROM {users} WHERE name <> '' ORDER BY name");
    while ($user = db_fetch_object($result)) {
      $users[$user->uid] = $user->name;
    }
    $form['uid'] = array(
      '#type' => 'select',
      '#title' => t('Author'),
      '#default_value' => $shout->uid,
      '#options' => $users,
    );
  }
  if (_shoutbox_user_access('edit own shouts', $shout)) {
    if (!variable_get('shoutbox_shownamefield', 1) && $user->uid) {
      $form['nick'] = array(
        '#type' => 'hidden',
        '#value' => $shout->nick,
      );
    }
    else {
      $form['nick'] = array(
        '#type' => 'textfield',
        '#title' => t('Name/Nick'),
        '#default_value' => $shout->nick,
        '#size' => 16,
        '#maxlength' => 55,
      );
    }
    $form['shout'] = array(
      '#type' => 'textarea',
      '#title' => t('Shout'),
      '#default_value' => $shout->shout,
      '#cols' => 13,
      '#rows' => 7,
    );
    if (variable_get('shoutbox_showurlfield', 1)) {
      $form['url'] = array(
        '#type' => 'textfield',
        '#title' => t('URL'),
        '#default_value' => $shout->url,
        '#size' => 16,
        '#maxlength' => 55,
      );
    }
    $form['shout_id'] = array(
      '#type' => 'hidden',
      '#value' => $shout->shout_id,
    );
  }

  $form[] = array('#type' => 'submit', '#value' => t('Update'));
  $form[] = array('#type' => 'submit', '#value' => t('Cancel'));

  return $form;
}

/**
 * Displays a "Are you sure message ?" with a Yes and Cancel
 * option.
 *
 * @param shout_id
 *   The shout id of the shout being edited.
 */
function shoutbox_delete_form(&$form_state, $shout) {
  $form['shout_id'] = array(
    '#type' => 'value',
    '#value' => $shout->shout_id,
  );
  $form = confirm_form($form, t('Are you sure you want to delete this shout?'), '' );
  return $form;
}


// FORM SUBMITS.

/**
 * Handles submission of a shout.
 * Handles both ajax submission and regular form submission.
 */
function shoutbox_add_form_submit($form, $form_state) {
  global $user;

  // Save the user's nick and url in a cookie for next time (expires in 30 days)
  setcookie("shoutinfo", "{$form_state['values']['nick']}|{$form_state['values']['url']}", time()+60*60*24*30, '/');

  // Check user's permission and set shout visibility status accordingly.
  if (user_access('post shouts without approval')) {
    $status = 1;
  }
  else {
    $status = 0;
  }
  $created = time();

  // Add shout to the database.
  db_query("INSERT INTO {shoutbox} (uid, nick, shout, url, status, created, changed, hostname) VALUES (%d, '%s', '%s', '%s', %d, %d, %d, '%s')", $user->uid, $form_state['values']['nick'], $form_state['values']['message'], $form_state['values']['url'], $status, $created, $created, ip_address());

  // If form was not submitted via javascript
  // set a display message and redirect the user back to the form.
  if ($form_state['values']['ajax'] == '0') {
    drupal_set_message(t('Your shout has been submitted.'));
    drupal_goto("");
  }

  // Form was submitted using ajax.
  else {
    // Pull shout out of db and display.
    // We are pulling it out because thats the only way to get th shout_id
    // which is need for edit, etc.
    $shout = db_fetch_object(db_query("SELECT * FROM {shoutbox} WHERE nick = '%s' AND shout = '%s' AND created = %d AND hostname = '%s'", $form_state['values']['nick'], $form_state['values']['message'], $created, ip_address()) );

    // Add shout color.
    $shout->color = $form_state['values']['nextcolor'];

    _shoutbox_sanitize_shout($shout);
    // Add edit/delete links depending on user's permissions.
    $shoutlinks = _shoutbox_get_links($shout);

    $ajax_output = theme('shoutbox_post', $shout, $shoutlinks);
    print $ajax_output;

    // Exit required to stop drupal from redirecting page.
    exit();
  }
}

/**
 * Handle the edit form submission.
 */
function shoutbox_edit_form_submit($form, $form_state) {
  global $user;

  if ($_POST['op'] == t('Update')) {
    // Get existing shout object.
    $result = db_query("SELECT * FROM {shoutbox} WHERE shout_id = %d", $form_state['values']['shout_id']);
    $existing_shout = db_fetch_object($result);

    // If the user is a shoutbox admin they can edit any shout.
    if (user_access('administer shoutbox')) {
      db_query("UPDATE {shoutbox} SET uid=%d, nick='%s', shout='%s', url='%s', status='%s', changed=%d WHERE shout_id=%d", $form_state['values']['uid'], $form_state['values']['nick'], $form_state['values']['shout'], $form_state['values']['url'], $form_state['values']['status'], time(), $form_state['values']['shout_id']);
      drupal_set_message(t('The shout has been saved.'));
    }

    // Otherwise they may be able to edit their own shout.
    else if (_shoutbox_user_access('edit own shouts', $existing_shout)) {
      db_query("UPDATE {shoutbox} SET nick='%s', shout='%s', url='%s', changed=%d WHERE shout_id=%d", $form_state['values']['nick'], $form_state['values']['shout'], $form_state['values']['url'], time(), $form_state['values']['shout_id']);
      drupal_set_message(t('Your shout has been saved.'));
    }

    else {
      shoutbox_set_message(t('You do not have permission to edit this shout.'));
    }
  }
  drupal_goto('');
}

/**
 * Handle the delete form submission.
 */
function shoutbox_delete_form_submit($form, &$form_state) {

  if ($form_state['clicked_button']['#value'] == 'Confirm') {
    if (is_numeric($form_state['values']['shout_id'])) {
        $result = db_query("SELECT * FROM {shoutbox} WHERE shout_id = %d", $form_state['values']['shout_id']);
        if ($shout = db_fetch_object($result)) {
          if (_shoutbox_user_access('delete own shouts', $shout)) {
            db_query("DELETE FROM {shoutbox} WHERE shout_id =%d", $form_state['values']['shout_id']);
            drupal_set_message(t('Your shout was deleted.'));
          }
          else {
            drupal_set_message(t('You do not have permission to delete this post.'));
          }
        }
        else {
          drupal_not_found();
        }
      }
  }
  $form_state['redirect'] = '';
}
// FORM VALIDATE.

/**
 * Makes sure uses don't submit default values.
 */
function shoutbox_add_form_validate($form, $form_state) {
  if ( ($form_state['values']['nick'] == t('Your Name/Nick')) || ($form_state['values']['message'] == t('Enter Message')) )  {
    form_set_error('', t('Default values are not acceptable'));
  }

  if ( ($form_state['values']['nick'] == '') || ($form_state['values']['message'] == '') ) {
    form_set_error('', t('You must enter a nick and a message.'));
  }
  // URL is optional.
  if ( ($form_state['values']['url'] == t('Your Website URL')) ) {
    $form_state['values']['url'] = '';
  }
}

// INTERNAL FUNCTIONS.

/**
 * Returns the themed HTML to be displayed in the block.
 *
 * @return
 *   Themed HTML content.
 */
function _shoutbox_get_view() {
  global $user;

  // Output the existing shoutbox posts.
  $show_amount = variable_get('shoutbox_showamount', '20');
  $shoutbox_ascending = variable_get('shoutbox_ascending', FALSE);
  $shoutbox_posts_data = _shoutbox_display_posts($show_amount);
  $shoutbox_posts .= $shoutbox_posts_data['output'];
  $output .= $shoutbox_posts;


  // Output the shoutbox form.
  if (user_access('post shouts') || user_access('post shouts without approval')) {
    $output .= drupal_get_form('shoutbox_add_form');
  }
  else {
    $output .= theme('shoutbox_post_forbidden');
  }

  $default_nick = t('Your Name/Nick');
  $default_msg = t('Enter Message');
  $default_url = t('Your Website URL');

  // Variable needed by javascript code.
  $js_settings = array(
    'showAmount' => $show_amount,
    // Convert to milliseconds.
    'refreshDelay' => (1000 * variable_get('shoutbox_refresh', 0)),
    'ascending' => $shoutbox_ascending,
    'shownAmount' => $shoutbox_posts_data['count'],
    'defaultNick' => $default_nick,
    'defaultMsg' => $default_msg,
    'defaultUrl' => $default_url,
    'refreshPath' => base_path() . 'shoutbox/js/view',
  );

  drupal_add_js(array('shoutbox' => $js_settings), 'setting');

  return theme('shoutbox_page', $output, $title);
}


/**
 * Output existing shoutbox posts as html.
 * Used by shoutbox_get_view.
 *
 * @param $show_amount
 *   The number of posts to show.
 * @return
 *   HTML for show_amount number of posts.
 */
function _shoutbox_display_posts($show_amount) {
  global $user;

  $color = 0;
  $count = 0;

  // Get the shoust from the database.
  $result = db_query_range("SELECT * FROM {shoutbox} WHERE status=1 ORDER BY created DESC", 0, $show_amount);

  $output = '';
  while ($shout = db_fetch_object($result)) {
    _shoutbox_sanitize_shout($shout);

    // Add edit/delete links depending on user's permissions.
    $shoutlinks = _shoutbox_get_links($shout);

    // Alternate colors for each post (row of the shoutbox).
    if ($color == 0) {
      $color = 1;
    }
    else {
      $color = 0;
    }

    $shout->color = $color;
    // Figure out if we should display it in ascending or descending order.
    $ascending = variable_get('shoutbox_ascending', false);

    // Theme the shoutbox post.
    if ($ascending) {
      $output .= theme('shoutbox_post', $shout, $shoutlinks);
    }
    else {
      $output = theme('shoutbox_post', $shout, $shoutlinks) . $output;
    }

    ++$count;
  }

  if (!$count) {
    $output .= '<div class="shoutbox-even" title="no shouts">'. t("There are no shouts to view.") ."</div>\n";
  }

  // Wrap shout box messages.
  $output = "<div id=\"shoutbox-posts\">\n". $output ."</div>\n";
  $output_data['count'] = $count;
  $output_data['output'] = $output;

  return $output_data;
}

/**
 * Returns an array containing the possible actions for the current user based
 * on permissions and shout. The actions are edit, delete, moderate.
 *
 * @param shout
 *   The shout for which we are testing permissions.
 * @return
 *   Array of themed actions.
 */
function _shoutbox_get_links($shout) {
  global $user;

  $links = theme('shoutbox_links'); // Get array of links.
  if (_shoutbox_user_access('edit own shouts', $shout)) {
    $shoutlinks[] = $links['edit'];
  }
  if (_shoutbox_user_access('delete own shouts', $shout)) {
    $shoutlinks[] = $links['delete'];
  }
  if (_shoutbox_user_access('vote on shouts', $shout)) {
    $shoutlinks[] = $links['promote'];
    $shoutlinks[] = $links['demote'];
  }
  return $shoutlinks;
}

/**
 * Handles moderation. Moderation is handled by users demoting/promoting a post.
 *
 * @param $shout_id
 *   The id for the shout being moderated.
 * @param $vote
 *   The number of votes the shout is receiving.
 */
function _shoutbox_vote($shout_id, $vote) {
  global $user;

  $result = db_query("SELECT * FROM {shoutbox} WHERE shout_id = %d", $shout_id);
  if ($shout = db_fetch_object($result)) {
    if (_shoutbox_user_access('vote on shouts', $shout)) {
      $result = db_query("SELECT * FROM {shoutbox_moderation} WHERE shout_id = %d AND uid = %d", $shout_id, $user->uid);
      // Make sure the user hasn't already voted for this.
      if ($moderate = db_fetch_object($result)) {
        $message = t('You have already voted this shout.');
        drupal_set_message($message);
      }

      // Insert moderation vote into the database.
      else {
        db_query("INSERT INTO {shoutbox_moderation} (shout_id, uid, vote, timestamp) VALUES (%d, %d, %d, %d)", $shout_id, $user->uid, $vote, time());
        // Get the sum of all the votes for this shout and take the appropriate
        // action.
        $result = db_query("SELECT COUNT(vote) AS count1, SUM(vote) as sum1 FROM {shoutbox_moderation} WHERE shout_id = %d", $shout_id);

        if ($votes = db_fetch_object($result)) {
        }
        $message = t('Thank you for voting.');
        drupal_set_message($message);
      }
    }
    else {
      $message = t('You cannot vote on this shout.');
      drupal_set_message($message);
    }
  }
  else {
    drupal_not_found();
  }
}


/**
 * This function is necessary because even if a user has permission
 * (according to the user_access function), they still should not have
 * some permissions, such as moderating their own posts, etc.
 *
 * @param $permission
 *   The user's permissions.
 * @param $shout
 *   The shout post object.
 * @return
 *   Returns 1 if user should have accces, 0 otherwise.
 */
function _shoutbox_user_access($permission, $shout) {
  global $user;

  $user_timeout = FALSE;
  $user_owned = FALSE;

  if (user_access('administer shoutbox')) {
    return TRUE;
  }
  // If user_access says no, it's definitely no.
  else if (!user_access($permission)) {
    return FALSE;
  }

  else {
    // A registered user's own post.
    if (($shout->uid > 0) && ($shout->uid == $user->uid)) {
      if ($shout->created < time() - 60 * variable_get('shoutbox_registered_timeout', 1440)) {
        $user_timeout = TRUE;
      }
      $user_owned = TRUE;

    }

    // An anonymous user's own post.
    else if (($shout->uid == 0) && ($shout->hostname == ip_address())) {
      if ($shout->created < (time() - 60 * variable_get('shoutbox_anonymous_timeout', 20))) {
        $user_timeout = true;
      }
      $user_owned = true;
    }

    if (($permission == 'edit own shouts') || ($permission == 'delete own shouts')) {
      // If user owns the post and editing priviledges have not timed out ...
      if (($user_owned) && (!$user_timeout)) {
        return 1; // Allow editing and deleting.
      }
    }
    else if ($permission == 'vote on shouts') {
      // users cannot vote on their own shouts
      if (!$user_owned) { // if not user owned ...
        $result = db_query("SELECT * FROM {shoutbox_moderation} WHERE shout_id=%d AND uid=%d", $shout->shout_id, $user->uid);
          // And if the user has not yet voted.
        if (!($votecheck = db_fetch_object($result))) {
          return TRUE; // Allow voting.
        }
      }
      //}
    }
  }
}

/**
 * This function cleans the shout object before it is used.
 *
 * @param &$shout
 *   The shout post object.
 */
function _shoutbox_sanitize_shout(&$shout) {
  // All filtering (including urls, email addresses, censored words, and
  // emoticons) is handled by the drupal filter system.
  $shout->nick = check_plain($shout->nick);
  $shout->shout = check_plain($shout->shout);
  $shout->url = check_url($shout->url);
  $shout->color = check_plain($shout->color);
}

function _shoutbox_print_r($object, $exit=TRUE) {
  if ($exit) {
    print('<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
  <title>Edit view "internships" | GTVP</title>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="shortcut icon" href="/misc/favicon.ico" type="image/x-icon" />
  <link type="text/css" rel="stylesheet" media="all" href="/modules/node/node.css?D" />
<link type="text/css" rel="stylesheet" media="all" href="/modules/system/admin.css?D" />
<link type="text/css" rel="stylesheet" media="all" href="/modules/system/defaults.css?D" />
<link type="text/css" rel="stylesheet" media="all" href="/modules/system/system.css?D" />

<link type="text/css" rel="stylesheet" media="all" href="/modules/system/system-menus.css?D" />
<link type="text/css" rel="stylesheet" media="all" href="/modules/user/user.css?D" />
  <script type="text/javascript" src="/misc/jquery.js?D"></script>
<script type="text/javascript" src="/misc/drupal.js?D"></script>
<script type="text/javascript" src="/misc/jquery.form.js?D"></script>
<script type="text/javascript" src="/misc/collapse.js?D"></script>
<script type="text/javascript" src="/misc/textarea.js?D"></script>
<script type="text/javascript" src="/misc/tabledrag.js?D"></script>

</head>
<body class="adminpage">
');
  }
  print("<pre>");
  print_r($object);
  print("</pre>");
  if ($exit) {
    print('</body></html>');
    exit();
  }
}