public static function updated(User $user) { if (!$user->is_anonymous()) { $query = Comment::where("user_id <> ?", $user->id); } else { $query = Comment::none(); } if (!($newest_comment = $query->order("id desc")->limit(1)->select("created_at")->first())) { return false; } !$user->last_comment_read_at && ($user->last_comment_read_at = '0000-00-00 00:00:00'); return $newest_comment->created_at > $user->last_comment_read_at; }
/** * @param User $a * @param User $b * @return bool */ private function user_can_edit_user(User $a, User $b) { if ($a->is_anonymous()) { $this->theme->display_error(401, "Error", "You aren't logged in"); return false; } if ($a->name == $b->name || $b->can("protected") && $a->class->name == "admin" || !$b->can("protected") && $a->can("edit_user_info")) { return true; } else { $this->theme->display_error(401, "Error", "You need to be an admin to change other people's details"); return false; } }
/** * Check if the given user has permission to edit/change the pool. * * TODO: Should the user variable be global? * * @param \User $user * @param array $pool * @return bool */ private function have_permission($user, $pool) { // If the pool is public and user is logged OR if the user is admin OR if the pool is owned by the user. if (($pool['public'] == "Y" || $pool['public'] == "y") && !$user->is_anonymous() || $user->is_admin() || $user->id == $pool['user_id']) { return true; } else { return false; } }
/** * @param \User $user * @return string */ public static function get_user_privs(User $user) { global $config; if ($user->is_anonymous()) { $sqes = $config->get_string("ext_rating_anon_privs"); } else { if ($user->is_admin()) { $sqes = $config->get_string("ext_rating_admin_privs"); } else { $sqes = $config->get_string("ext_rating_user_privs"); } } return $sqes; }
/** * @param int $image_id * @param User $user * @param string $comment * @throws CommentPostingException */ private function comment_checks($image_id, User $user, $comment) { global $config, $page; // basic sanity checks if (!$user->can("create_comment")) { throw new CommentPostingException("Anonymous posting has been disabled"); } else { if (is_null(Image::by_id($image_id))) { throw new CommentPostingException("The image does not exist"); } else { if (trim($comment) == "") { throw new CommentPostingException("Comments need text..."); } else { if (strlen($comment) > 9000) { throw new CommentPostingException("Comment too long~"); } else { if (strlen($comment) / strlen(gzcompress($comment)) > 10) { throw new CommentPostingException("Comment too repetitive~"); } else { if ($user->is_anonymous() && !$this->hash_match()) { $page->add_cookie("nocache", "Anonymous Commenter", time() + 60 * 60 * 24, "/"); throw new CommentPostingException("Comment submission form is out of date; refresh the " . "comment form to show you aren't a spammer~"); } else { if ($this->is_comment_limit_hit()) { throw new CommentPostingException("You've posted several comments recently; wait a minute and try again..."); } else { if ($this->is_dupe($image_id, $comment)) { throw new CommentPostingException("Someone already made that comment on that image -- try and be more original?"); } else { if ($config->get_bool('comment_captcha') && !captcha_check()) { throw new CommentPostingException("Error in captcha"); } else { if ($user->is_anonymous() && $this->is_spam_akismet($comment)) { throw new CommentPostingException("Akismet thinks that your comment is spam. Try rewriting the comment, or logging in."); } } } } } } } } } } }
/** * See if the given user is allowed to edit the given page * * @retval boolean */ public static function can_edit(User $user, WikiPage $page) { global $config; // admins can edit everything if ($user->is_admin()) { return true; } // anon / user can't ever edit locked pages if ($page->is_locked()) { return false; } // anon / user can edit if allowed by config if ($config->get_bool("wiki_edit_anon", false) && $user->is_anonymous()) { return true; } if ($config->get_bool("wiki_edit_user", false) && !$user->is_anonymous()) { return true; } return false; }