Example #1
0
<!DOCTYPE html>
<html>
<head>
<?php 
$this->brick('head');
?>
</head>

<body<?php 
echo User::isPremium() ? ' class="premium-logo"' : null;
?>
>
<div id="layers"></div>
<div class="layout nosidebar" id="layout">
    <div class="layout-inner" id="layout-inner">
    <div class="header" id="header">
        <div id="header-logo">
            <a class="header-logo" href="."></a>
            <h1><?php 
echo htmlentities($this->name);
?>
</h1>
        </div>
    </div>
    <div id="wrapper" class="wrapper">
        <div class="toplinks linklist"><?php 
$this->brick('headerMenu');
?>
</div>
        <div class="toptabs" id="toptabs"></div>
        <div class="topbar" id="topbar">
Example #2
0
 protected function handleCommentEdit()
 {
     if (!User::canComment() && !User::isInGroup(U_GROUP_MODERATOR) || !$this->_get['id'] || !$this->_post['body']) {
         return;
     }
     if (mb_strlen($this->_post['body']) < self::COMMENT_LENGTH_MIN) {
         return;
     }
     // trim to max length
     if (!User::isInGroup(U_GROUP_MODERATOR) && mb_strlen($this->_post['body']) > self::COMMENT_LENGTH_MAX * (User::isPremium() ? 3 : 1)) {
         $this->post['body'] = mb_substr($this->_post['body'], 0, self::COMMENT_LENGTH_MAX * (User::isPremium() ? 3 : 1));
     }
     $update = array('body' => $this->_post['body'], 'editUserId' => User::$id, 'editDate' => time());
     if (User::isInGroup(U_GROUP_MODERATOR)) {
         $update['responseBody'] = !$this->_post['response'] ? '' : $this->_post['response'];
         $update['responseUserId'] = !$this->_post['response'] ? 0 : User::$id;
         $update['responseRoles'] = !$this->_post['response'] ? 0 : User::$groups;
     }
     DB::Aowow()->query('UPDATE ?_comments SET editCount = editCount + 1, ?a WHERE id = ?d', $update, $this->_get['id']);
 }
Example #3
0
 function ebd_premium_payment()
 {
     if (!User::is_login()) {
         echo "not_login";
         exit;
     }
     if (User::is_block() || !User::isPremium()) {
         echo "no_perm";
         exit;
     }
     $service_code = strtoupper(Url::get('service_code'));
     $user = DB::select("user", "id=" . User::id());
     $item_id = (int) Url::get('item_id');
     if ($service_code && isset(SohaPay::$ebp[$service_code])) {
         $pay_info = "Mua dịch vụ {$service_code} (" . SohaPay::$ebp[$service_code]['des'] . " trị giá " . number_format(SohaPay::$ebp[$service_code]['price'], 0, '', '.') . " VNĐ)";
         $price = (int) SohaPay::$ebp[$service_code]['price'];
         $up_number = SohaPay::$ebp[$service_code]['value'];
         $money_quota = $user['money_quota'] - $user['money_used'];
         if ($money_quota * 1000 < $price) {
             echo "over";
             exit;
         } else {
             $item = Item::get_item($item_id);
             if (!$item || $item && $item['status'] == -1) {
                 echo "not_exist";
                 exit;
             }
             $payment_premium = array("log_id" => 0, "user_id" => User::id(), "user_name" => User::user_name(), "type" => 2, "pay_info" => $pay_info, "price" => $price, "time" => TIME_NOW, "status" => 0);
             if (DB::query("UPDATE user SET money_used=money_used+" . ceil($price / 1000) . " WHERE id={$user['id']}")) {
                 $sms_item_up_auto = array('item_id' => (int) $item_id, 'up_total' => $up_number, 'up_number' => $up_number, 'sms_number' => $this->check_mobile($user["mobile_phone"]), 'time' => TIME_NOW, 'status' => 1, 'note' => '"' . $service_code . ' ' . $item_id . '" - ' . $pay_info, 'type' => 5);
                 //insert
                 $payment_premium['log_id'] = DB::insert("sms_item_up_auto", $sms_item_up_auto);
             } else {
                 echo "error";
                 exit;
             }
             if (DB::insert("payment_premium", $payment_premium)) {
                 echo $money_quota - ceil($price / 1000);
                 exit;
             }
         }
     }
     echo "error_service";
     exit;
 }
Example #4
0
 function check_register_service()
 {
     $json['error'] = "";
     $json['user_group'] = 0;
     $json['id'] = 0;
     if (!User::is_login()) {
         $json['error'] = "not_login";
         echo json_encode($json);
         exit;
     }
     if (User::is_block()) {
         $json['error'] = "no_permission";
         echo json_encode($json);
         exit;
     }
     $user_name = User::user_name();
     //kiểm tra xem user có thuộc nhóm premium hay không.
     if (User::isPremium()) {
         $json['user_group'] = 1;
     }
     //end
     $service_name = Url::get('service_name', '');
     $aryOrder = array();
     $aryOrder = DB::select_all('order_services', "user_use='" . $user_name . "' AND (active = 1 OR active = 0 OR active = -4)");
     if (count($aryOrder) > 0 && !User::is_root()) {
         foreach ($aryOrder as $val) {
             if ($service_name == $val['type_scs']) {
                 $json['error'] = "exist_service_order";
                 echo json_encode($json);
                 exit;
             }
             if ($val['payment_status'] == 1) {
                 $json['error'] = "over_reg_scs_payment";
             } else {
                 if ($val['active'] == 1) {
                     $json['error'] = "over_reg_scs_active";
                 } elseif ($val['active'] == -3 || $val['active'] == 0 || $val['active'] == -4) {
                     $json['error'] = "confirm_cancel_reg_scs";
                     $json['id'] = $val['id'];
                 }
             }
         }
         echo json_encode($json);
         exit;
     } else {
         $json['error'] = "success";
         echo json_encode($json);
         exit;
     }
 }
Example #5
0
 private function handleComment()
 {
     // post sizes
     $_minCmt = 10;
     $_maxCmt = 7500 * (User::isPremium() ? 3 : 1);
     $_minRpl = 15;
     $_maxRpl = 600;
     $result = null;
     /*
         note: return values must be formated as STRICT json!
     */
     switch ($this->params[0]) {
         case 'add':
             // i .. have problems believing, that everything uses nifty ajax while adding comments requires a brutal header(Loacation: <wherever>), yet, thats how it is
             if (!$this->get('typeid') || !$this->get('type') || !isset(Util::$typeStrings[$this->get('type')])) {
                 return;
             }
             // whatever, we cant even send him back
             // trim to max length
             if (!User::isInGroup(U_GROUP_MODERATOR) && mb_strlen($this->post('commentbody')) > $_maxCmt) {
                 $this->post['body'] = substr($this->post('body'), 0, $_maxCmt);
             }
             if (User::canComment() && !empty($this->post('commentbody')) && mb_strlen($this->post('commentbody')) >= $_minCmt) {
                 if ($postIdx = DB::Aowow()->query('INSERT INTO ?_comments (type, typeId, userId, roles, body, date) VALUES (?d, ?d, ?d, ?d, ?, UNIX_TIMESTAMP())', $this->get('type'), $this->get('typeid'), User::$id, User::$groups, $this->post('commentbody'))) {
                     Util::gainSiteReputation(User::$id, SITEREP_ACTION_COMMENT, ['id' => $postIdx]);
                     // every comment starts with a rating of +1 and i guess the simplest thing to do is create a db-entry with the system as owner
                     DB::Aowow()->query('INSERT INTO ?_comments_rates (commentId, userId, value) VALUES (?d, 0, 1)', $postIdx);
                     // flag target with hasComment (if filtrable)
                     if ($tbl = Util::getCCTableParent($this->get('type'))) {
                         DB::Aowow()->query('UPDATE ' . $tbl . ' SET cuFlags = cuFlags | ?d WHERE id = ?d', CUSTOM_HAS_COMMENT, $this->get('typeid'));
                     }
                 }
             }
             header('Location: ?' . Util::$typeStrings[$this->get('type')] . '=' . $this->get('typeid') . '#comments', true, 302);
             break;
         case 'edit':
             if (!User::canComment() && !User::isInGroup(U_GROUP_MODERATOR) || !$this->get('id') || !$this->post('body')) {
                 break;
             }
             if (mb_strlen($this->post('body')) < $_minCmt) {
                 break;
             }
             // trim to max length
             if (!User::isInGroup(U_GROUP_MODERATOR) && mb_strlen($this->post('body')) > $_maxCmt) {
                 $this->post['body'] = substr($this->post('body'), 0, $_maxCmt);
             }
             $update = array('body' => $this->post('body'), 'editUserId' => User::$id, 'editDate' => time());
             if (User::isInGroup(U_GROUP_MODERATOR)) {
                 $update['responseBody'] = !$this->post('response') ? '' : $this->post('response');
                 $update['responseUserId'] = !$this->post('response') ? 0 : User::$id;
                 $update['responseRoles'] = !$this->post('response') ? 0 : User::$groups;
             }
             DB::Aowow()->query('UPDATE ?_comments SET editCount = editCount + 1, ?a WHERE id = ?d', $update, $this->get('id'));
             break;
         case 'delete':
             if (!$this->post('id')) {
                 break;
             }
             $ok = DB::Aowow()->query('UPDATE ?_comments SET flags = flags | ?d, deleteUserId = ?d, deleteDate = UNIX_TIMESTAMP() WHERE id IN (?a){ AND userId = ?d}', CC_FLAG_DELETED, User::$id, (array) $this->post('id'), User::isInGroup(U_GROUP_MODERATOR) ? DBSIMPLE_SKIP : User::$id);
             // deflag hasComment (if filtrable)
             if ($ok) {
                 $coInfo = DB::Aowow()->selectRow('SELECT IF(BIT_OR(~b.flags) & ?d, 1, 0) as hasMore, b.type, b.typeId FROM ?_comments a JOIN ?_comments b ON a.type = b.type AND a.typeId = b.typeId WHERE a.id = ?d', CC_FLAG_DELETED, $this->post('id') ?: $this->get('id'));
                 if (!$coInfo['hasMore'] && ($tbl = Util::getCCTableParent($coInfo['type']))) {
                     DB::Aowow()->query('UPDATE ' . $tbl . ' SET cuFlags = cuFlags & ~?d WHERE id = ?d', CUSTOM_HAS_COMMENT, $coInfo['typeId']);
                 }
             }
             break;
         case 'undelete':
             if (!$this->post('id')) {
                 break;
             }
             $ok = DB::Aowow()->query('UPDATE ?_comments SET flags = flags & ~?d WHERE id IN (?a){ AND userId = deleteUserId AND deleteUserId = ?d}', CC_FLAG_DELETED, (array) $this->post('id'), User::isInGroup(U_GROUP_MODERATOR) ? DBSIMPLE_SKIP : User::$id);
             // reflag hasComment (if filtrable)
             if ($ok) {
                 $coInfo = DB::Aowow()->selectRow('SELECT type, typeId FROM ?_comments WHERE id = ?d', $this->post('id') ?: $this->get('id'));
                 if ($tbl = Util::getCCTableParent($coInfo['type'])) {
                     DB::Aowow()->query('UPDATE ' . $tbl . ' SET cuFlags = cuFlags | ?d WHERE id = ?d', CUSTOM_HAS_COMMENT, $coInfo['typeId']);
                 }
             }
             break;
         case 'rating':
             // up/down - distribution
             if (!$this->get('id')) {
                 $result = ['success' => 0];
                 break;
             }
             if ($votes = DB::Aowow()->selectRow('SELECT 1 AS success, SUM(IF(value > 0, value, 0)) AS up, SUM(IF(value < 0, -value, 0)) AS down FROM ?_comments_rates WHERE commentId = ?d GROUP BY commentId', $this->get('id'))) {
                 return json_encode($votes, JSON_NUMERIC_CHECK);
             }
             $result = ['success' => 1, 'up' => 0, 'down' => 0];
             break;
         case 'vote':
             // up, down and remove
             if (!User::$id || !$this->get('id') || !$this->get('rating')) {
                 $result = ['error' => 1, 'message' => Lang::main('genericError')];
                 break;
             }
             $target = DB::Aowow()->selectRow('SELECT c.userId AS owner, cr.value FROM ?_comments c LEFT JOIN ?_comments_rates cr ON cr.commentId = c.id AND cr.userId = ?d WHERE c.id = ?d', User::$id, $this->get('id'));
             $val = User::canSupervote() ? 2 : 1;
             if ($this->get('rating') < 0) {
                 $val *= -1;
             }
             if (User::getCurDailyVotes() <= 0) {
                 $result = ['error' => 1, 'message' => Lang::main('tooManyVotes')];
             } else {
                 if (!$target || $val != $this->get('rating')) {
                     $result = ['error' => 1, 'message' => Lang::main('genericError')];
                 } else {
                     if ($val > 0 && !User::canUpvote() || $val < 0 && !User::canDownvote()) {
                         $result = ['error' => 1, 'message' => Lang::main('bannedRating')];
                     }
                 }
             }
             if ($result) {
                 break;
             }
             $ok = false;
             // old and new have same sign; undo vote (user may have gained/lost access to superVote in the meantime)
             if ($target['value'] && $target['value'] < 0 == $val < 0) {
                 $ok = DB::Aowow()->query('DELETE FROM ?_comments_rates WHERE commentId = ?d AND userId = ?d', $this->get('id'), User::$id);
             } else {
                 // replace, because we may be overwriting an old, opposing vote
                 if ($ok = DB::Aowow()->query('REPLACE INTO ?_comments_rates (commentId, userId, value) VALUES (?d, ?d, ?d)', (int) $this->get('id'), User::$id, $val)) {
                     User::decrementDailyVotes();
                 }
             }
             // do not refund retracted votes!
             if (!$ok) {
                 $result = ['error' => 1, 'message' => Lang::main('genericError')];
                 break;
             }
             if ($val > 0) {
                 // gain rep
                 Util::gainSiteReputation($target['owner'], SITEREP_ACTION_UPVOTED, ['id' => $this->get('id'), 'voterId' => User::$id]);
             } else {
                 if ($val < 0) {
                     Util::gainSiteReputation($target['owner'], SITEREP_ACTION_DOWNVOTED, ['id' => $this->get('id'), 'voterId' => User::$id]);
                 }
             }
             $result = ['error' => 0];
             break;
         case 'sticky':
             // toggle flag
             if (!$this->post('id') || !User::isInGroup(U_GROUP_MODERATOR)) {
                 break;
             }
             if ($this->post('sticky')) {
                 DB::Aowow()->query('UPDATE ?_comments SET flags = flags |  ?d WHERE id = ?d', CC_FLAG_STICKY, $this->post('id'));
             } else {
                 DB::Aowow()->query('UPDATE ?_comments SET flags = flags & ~?d WHERE id = ?d', CC_FLAG_STICKY, $this->post('id'));
             }
             break;
         case 'out-of-date':
             // toggle flag
             if (!$this->post('id')) {
                 $result = 'The comment does not exist.';
                 break;
             }
             $ok = false;
             if (User::isInGroup(U_GROUP_MODERATOR)) {
                 if (!$this->post('remove')) {
                     $ok = DB::Aowow()->query('UPDATE ?_comments SET flags = flags |  0x4 WHERE id = ?d', $this->post('id'));
                 } else {
                     $ok = DB::Aowow()->query('UPDATE ?_comments SET flags = flags & ~0x4 WHERE id = ?d', $this->post('id'));
                 }
             } else {
                 if (User::$id && !$this->post('reason') || mb_strlen($this->post('reason')) < 15) {
                     $result = 'Your message is too short.';
                     break;
                 } else {
                     if (User::$id) {
                         $ok = DB::Aowow()->query('INSERT INTO ?_reports (userId, mode, reason, subject, ip, description, userAgent, appName) VALUES (?d, 1, 17, ?d, ?, "<automated comment report>", ?, ?)', User::$id, $this->post('id'), User::$ip, $_SERVER['HTTP_USER_AGENT'], get_browser(null, true)['browser']);
                     }
                 }
             }
             if ($ok) {
                 // this one is very special; as in: completely retarded
                 return 'ok';
             }
             // the script expects the actual characters 'ok' not some string like "ok"
             $result = Lang::main('genericError');
             break;
         case 'show-replies':
             $result = !$this->get('id') ? [] : CommunityContent::getCommentReplies($this->get('id'));
             break;
         case 'add-reply':
             // also returns all replies on success
             if (!User::canComment()) {
                 $result = 'You are not allowed to reply.';
             } else {
                 if (!$this->post('body') || mb_strlen($this->post('body')) < $_minRpl || mb_strlen($this->post('body')) > $_maxRpl) {
                     $result = 'Your reply has ' . mb_strlen($this->post('body')) . ' characters and must have at least ' . $_minRpl . ' and at most ' . $_maxRpl . '.';
                 } else {
                     if (!$this->post('commentId') || !DB::Aowow()->selectCell('SELECT 1 FROM ?_comments WHERE id = ?d', $this->post('commentId'))) {
                         $result = Lang::main('genericError');
                     } else {
                         if (DB::Aowow()->query('INSERT INTO ?_comments (`userId`, `roles`, `body`, `date`, `replyTo`) VALUES (?d, ?d, ?, UNIX_TIMESTAMP(), ?d)', User::$id, User::$groups, $this->post('body'), $this->post('commentId'))) {
                             $result = CommunityContent::getCommentReplies($this->post('commentId'));
                         } else {
                             $result = Lang::main('genericError');
                         }
                     }
                 }
             }
             break;
         case 'edit-reply':
             // also returns all replies on success
             if (!User::canComment()) {
                 $result = 'You are not allowed to reply.';
             } else {
                 if (!$this->post('replyId') || $this->post('commentId')) {
                     $result = Lang::main('genericError');
                 } else {
                     if (!$this->post('body') || mb_strlen($this->post('body')) < $_minRpl || mb_strlen($this->post('body')) > $_maxRpl) {
                         $result = 'Your reply has ' . mb_strlen($this->post('body')) . ' characters and must have at least ' . $_minRpl . ' and at most ' . $_maxRpl . '.';
                     }
                 }
             }
             if ($result) {
                 break;
             }
             $ok = DB::Aowow()->query('UPDATE ?_comments SET body = ?, editUserId = ?d, editDate = UNIX_TIMESTAMP(), editCount = editCount + 1 WHERE id = ?d AND replyTo = ?d{ AND userId = ?d}', $this->post('body'), User::$id, $this->post('replyId'), $this->post('commentId'), User::isInGroup(U_GROUP_MODERATOR) ? DBSIMPLE_SKIP : User::$id);
             $result = $ok ? CommunityContent::getCommentReplies($this->post('commentId')) : Lang::main('genericError');
             break;
         case 'detach-reply':
             if (!User::isInGroup(U_GROUP_MODERATOR) || !$this->post('id')) {
                 break;
             }
             DB::Aowow()->query('UPDATE ?_comments c1, ?_comments c2 SET c1.replyTo = 0, c1.type = c2.type, c1.typeId = c2.typeId WHERE c1.replyTo = c2.id AND c1.id = ?d', $this->post('id'));
             break;
         case 'delete-reply':
             if (!User::$id || !$this->post('id')) {
                 break;
             }
             if (DB::Aowow()->query('DELETE FROM ?_comments WHERE id = ?d{ AND userId = ?d}', $this->post('id'), User::isInGroup(U_GROUP_MODERATOR) ? DBSIMPLE_SKIP : User::$id)) {
                 DB::Aowow()->query('DELETE FROM ?_comments_rates WHERE commentId = ?d', $this->post('id'));
             }
             break;
         case 'flag-reply':
             if (!User::$id || $this->post('id')) {
                 break;
             }
             DB::Aowow()->query('INSERT INTO ?_reports (userId, mode, reason, subject, ip, description, userAgent, appName) VALUES (?d, 1, 19, ?d, ?, "<automated commentreply report>", ?, ?)', User::$id, $this->post('id'), User::$ip, $_SERVER['HTTP_USER_AGENT'], get_browser(null, true)['browser']);
             break;
         case 'upvote-reply':
             if (!$this->post('id') || !User::canUpvote()) {
                 break;
             }
             $ok = DB::Aowow()->query('INSERT INTO ?_comments_rates (commentId, userId, value) VALUES (?d, ?d, ?d)', $this->post('id'), User::$id, User::canSupervote() ? 2 : 1);
             if ($ok) {
                 User::decrementDailyVotes();
             }
             break;
         case 'downvote-reply':
             if (!$this->post('id') || !User::canUpvote()) {
                 break;
             }
             $ok = DB::Aowow()->query('INSERT INTO ?_comments_rates (commentId, userId, value) VALUES (?d, ?d, ?d)', $this->post('id'), User::$id, User::canSupervote() ? -2 : -1);
             if ($ok) {
                 User::decrementDailyVotes();
             }
     }
     return json_encode($result, JSON_NUMERIC_CHECK);
 }
Example #6
0
<!DOCTYPE html>
<html>
<head>
<?php 
$this->brick('head');
?>

</head>
<body class="home<?php 
echo User::isPremium() ? ' premium-logo' : null;
?>
">
    <div id="layers"></div>
    <div class="home-wrapper">
        <h1>Aowow</h1>
        <div class="home-logo" id="home-logo"></div>

<?php 
$this->brick('announcement');
?>

        <div class="home-search" id="home-search">
            <form method="get" action="">
                <input type="text" name="search" />
            </form>
        </div>

        <div class="home-menu" id="home-menu"></div>

<?php 
if ($this->oneliner) {