public static function updated(User $user)
{
if (!$user->is_anonymous()) {
$query = Comment::where("user_id <> ?", $user->id);
} else {
$query = Comment::none();
}
if (!($newest_comment = $query->order("id desc")->limit(1)->select("created_at")->first())) {
return false;
}
!$user->last_comment_read_at && ($user->last_comment_read_at = '0000-00-00 00:00:00');
return $newest_comment->created_at > $user->last_comment_read_at;
}
/**
* @param User $a
* @param User $b
* @return bool
*/
private function user_can_edit_user(User $a, User $b)
{
if ($a->is_anonymous()) {
$this->theme->display_error(401, "Error", "You aren't logged in");
return false;
}
if ($a->name == $b->name || $b->can("protected") && $a->class->name == "admin" || !$b->can("protected") && $a->can("edit_user_info")) {
return true;
} else {
$this->theme->display_error(401, "Error", "You need to be an admin to change other people's details");
return false;
}
}
/**
* Check if the given user has permission to edit/change the pool.
*
* TODO: Should the user variable be global?
*
* @param \User $user
* @param array $pool
* @return bool
*/
private function have_permission($user, $pool)
{
// If the pool is public and user is logged OR if the user is admin OR if the pool is owned by the user.
if (($pool['public'] == "Y" || $pool['public'] == "y") && !$user->is_anonymous() || $user->is_admin() || $user->id == $pool['user_id']) {
return true;
} else {
return false;
}
}
/**
* @param \User $user
* @return string
*/
public static function get_user_privs(User $user)
{
global $config;
if ($user->is_anonymous()) {
$sqes = $config->get_string("ext_rating_anon_privs");
} else {
if ($user->is_admin()) {
$sqes = $config->get_string("ext_rating_admin_privs");
} else {
$sqes = $config->get_string("ext_rating_user_privs");
}
}
return $sqes;
}
/**
* @param int $image_id
* @param User $user
* @param string $comment
* @throws CommentPostingException
*/
private function comment_checks($image_id, User $user, $comment)
{
global $config, $page;
// basic sanity checks
if (!$user->can("create_comment")) {
throw new CommentPostingException("Anonymous posting has been disabled");
} else {
if (is_null(Image::by_id($image_id))) {
throw new CommentPostingException("The image does not exist");
} else {
if (trim($comment) == "") {
throw new CommentPostingException("Comments need text...");
} else {
if (strlen($comment) > 9000) {
throw new CommentPostingException("Comment too long~");
} else {
if (strlen($comment) / strlen(gzcompress($comment)) > 10) {
throw new CommentPostingException("Comment too repetitive~");
} else {
if ($user->is_anonymous() && !$this->hash_match()) {
$page->add_cookie("nocache", "Anonymous Commenter", time() + 60 * 60 * 24, "/");
throw new CommentPostingException("Comment submission form is out of date; refresh the " . "comment form to show you aren't a spammer~");
} else {
if ($this->is_comment_limit_hit()) {
throw new CommentPostingException("You've posted several comments recently; wait a minute and try again...");
} else {
if ($this->is_dupe($image_id, $comment)) {
throw new CommentPostingException("Someone already made that comment on that image -- try and be more original?");
} else {
if ($config->get_bool('comment_captcha') && !captcha_check()) {
throw new CommentPostingException("Error in captcha");
} else {
if ($user->is_anonymous() && $this->is_spam_akismet($comment)) {
throw new CommentPostingException("Akismet thinks that your comment is spam. Try rewriting the comment, or logging in.");
}
}
}
}
}
}
}
}
}
}
}
/**
* See if the given user is allowed to edit the given page
*
* @retval boolean
*/
public static function can_edit(User $user, WikiPage $page)
{
global $config;
// admins can edit everything
if ($user->is_admin()) {
return true;
}
// anon / user can't ever edit locked pages
if ($page->is_locked()) {
return false;
}
// anon / user can edit if allowed by config
if ($config->get_bool("wiki_edit_anon", false) && $user->is_anonymous()) {
return true;
}
if ($config->get_bool("wiki_edit_user", false) && !$user->is_anonymous()) {
return true;
}
return false;
}
