function FormatPropertiesForDatabaseInput()
 {
     $this->Label = FormatStringForDatabaseInput($this->Label);
     $this->Contents = FormatStringForDatabaseInput($this->Contents);
     $this->Contents = eregi_replace("&lt;textarea&gt;", "<textarea>", $this->Contents);
     $this->Contents = eregi_replace("&lt;//textarea&gt;", "</textarea>", $this->Contents);
 }
 function GetIdentity()
 {
     if (!session_id()) {
         session_start();
     }
     $UserID = ForceInt(@$_SESSION[$this->Context->Configuration['SESSION_USER_IDENTIFIER']], 0);
     if ($UserID == 0) {
         // UserID wasn't found in the session, so attempt to retrieve it from the cookies
         // Retrieve cookie values
         $EncryptedUserID = ForceIncomingCookieString($this->Context->Configuration['COOKIE_USER_KEY'], '');
         $VerificationKey = ForceIncomingCookieString($this->Context->Configuration['COOKIE_VERIFICATION_KEY'], '');
         if ($EncryptedUserID != '' && $VerificationKey != '') {
             // Compare against db values
             // Sadly, because this class is meant to be an interface for distributed objects, I can't use any of the error checking in the Lussumo Framework
             $Query = "select UserID\n               from LUM_User\n               where VerificationKey = '" . FormatStringForDatabaseInput($VerificationKey) . "'";
             $Result = $this->Context->Database->Execute($Query, 'Authenticator', 'GetIdentity', 'An error occurred while attempting to validate your remember me credentials');
             if ($Result) {
                 $UserID = 0;
                 while ($rows = $this->Context->Database->GetRow($Result)) {
                     if ($EncryptedUserID == md5($rows['UserID'])) {
                         $UserID = ForceInt($rows['UserID'], 0);
                         $EncryptedUserID = $rows['EncryptedUserID'];
                         break;
                     }
                 }
                 if ($UserID > 0) {
                     // 1. Set a new verification key
                     $VerificationKey = DefineVerificationKey();
                     // 2. Update the user's information
                     $this->UpdateLastVisit($UserID, $VerificationKey);
                     // 3. Set the 'remember me' cookies
                     $this->SetCookieCredentials($EncryptedUserID, $VerificationKey);
                     // 4. Log the user's IP address
                     $this->LogIp($UserID);
                 }
             }
         }
     }
     // If it has now been found, set up the session.
     $this->AssignSessionUserID($UserID);
     return $UserID;
 }
 function FormatPropertiesForDatabaseInput()
 {
     $this->RoleName = FormatStringForDatabaseInput($this->RoleName, 1);
     $this->Icon = FormatStringForDatabaseInput($this->Icon, 1);
     $this->Description = FormatStringForDatabaseInput($this->Description, 1);
     if (is_array($this->Permissions)) {
         // Make sure to remove the hard-coded permissions from the array before saving
         if (array_key_exists('PERMISSION_SIGN_IN', $this->Permissions)) {
             unset($this->Permissions['PERMISSION_SIGN_IN']);
         }
         if (array_key_exists('PERMISSION_HTML_ALLOWED', $this->Permissions)) {
             unset($this->Permissions['PERMISSION_HTML_ALLOWED']);
         }
         if (array_key_exists('PERMISSION_RECEIVE_APPLICATION_NOTIFICATION', $this->Permissions)) {
             unset($this->Permissions['PERMISSION_RECEIVE_APPLICATION_NOTIFICATION']);
         }
         // Now serialize the array
         $this->Permissions = SerializeArray($this->Permissions);
     }
 }
 function FormatPropertiesForDatabaseInput()
 {
     $this->Name = FormatStringForDatabaseInput($this->Name, 1);
     $this->Url = FormatStringForDatabaseInput($this->Url, 1);
     $this->PreviewImage = FormatStringForDatabaseInput($this->PreviewImage, 1);
 }
 function VerifyPasswordResetRequest($VerificationUserID, $EmailVerificationKey)
 {
     $VerificationUserID = ForceInt($VerificationUserID, 0);
     $EmailVerificationKey = ForceString($EmailVerificationKey, '');
     $EmailVerificationKey = FormatStringForDatabaseInput($EmailVerificationKey);
     // Attempt to retrieve email address
     $s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
     $s->SetMainTable('User', 'u');
     $s->AddSelect('UserID', 'u');
     $s->AddWhere('u', 'UserID', '', $VerificationUserID, '=');
     $s->AddWhere('u', 'EmailVerificationKey', '', $EmailVerificationKey, '=');
     $UserResult = $this->Context->Database->Select($s, $this->Name, 'VerifyPasswordResetRequest', 'An error occurred while retrieving account information.');
     if ($this->Context->Database->RowCount($UserResult) == 0) {
         $this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrPasswordResetRequest'));
     }
     return $this->Context->WarningCollector->Iif();
 }
 function FormatPropertiesForDatabaseInput()
 {
     $this->Label = FormatStringForDatabaseInput($this->Label);
     $this->Keywords = FormatStringForDatabaseInput($this->Keywords);
     $this->Query = FormatStringForDatabaseInput($this->Query);
     $this->AuthUsername = FormatStringForDatabaseInput($this->AuthUsername);
     $this->Categories = FormatStringForDatabaseInput($this->Categories);
     $this->Roles = FormatStringForDatabaseInput($this->Roles);
 }
    }
}
if ($Type != "") {
    // Perform some http authentication if public browsing is not enabled.
    if (!agPUBLIC_BROWSING && $Context->Session->UserID == 0) {
        $UserIsAuthenticated = 0;
        // Assume user is not authenticated
        $PHP_AUTH_USER = ForceString(@$_SERVER["PHP_AUTH_USER"], "");
        $PHP_AUTH_PW = ForceString(@$_SERVER["PHP_AUTH_PW"], "");
        if ($PHP_AUTH_USER != "" && $PHP_AUTH_PW != "") {
            // Validate the inputs
            $s = $Context->ObjectFactory->NewContextObject($Context, "SqlBuilder");
            $s->SetMainTable("User", "u");
            $s->AddSelect("UserID", "u");
            $s->AddWhere("Name", FormatStringForDatabaseInput($PHP_AUTH_USER), "=");
            $s->AddWhere("Password", FormatStringForDatabaseInput($PHP_AUTH_PW), "=", "and", "md5");
            $ValidationData = $Context->Database->Select($Context, $s, "Feed", "ValidateCredentials", "An error occurred while validating user credentials.");
            if ($Context->Database->RowCount($ValidationData) > 0) {
                $UserIsAuthenticated = true;
            }
        }
        if (!$UserIsAuthenticated) {
            header('WWW-Authenticate: Basic realm="Private"');
            header('HTTP/1.0 401 Unauthorized');
        }
    }
    if ($UserIsAuthenticated) {
        // Create a new sqlbuilder to retrieve feed data
        $s = $Context->ObjectFactory->NewContextObject($Context, "SqlBuilder");
        $s->SetMainTable("Discussion", "d");
        $s->AddSelect(array("DiscussionID", "CategoryID", "AuthUserID", "Name", "DateCreated", "DateLastActive", "CountComments"), "d");
 function ValidateWhisperUsername(&$Comment)
 {
     if ($Comment->WhisperUsername != '') {
         $Name = FormatStringForDatabaseInput($Comment->WhisperUsername);
         $s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
         $s->SetMainTable('User', 'u');
         $s->AddSelect('UserID', 'u');
         $s->AddWhere('u', 'Name', '', $Name, '=');
         $Result = $this->Context->Database->Select($s, $this->Name, 'ValidateWhisperUsername', 'An error occurred while attempting to validate the username entered as the whisper recipient.');
         while ($Row = $this->Context->Database->GetRow($Result)) {
             $Comment->WhisperUserID = ForceInt($Row['UserID'], 0);
         }
         if ($Comment->WhisperUserID == 0) {
             $this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrWhisperInvalid'));
         }
     }
     return $this->Context->WarningCollector->Iif();
 }
 function ValidateWhisperUsername(&$Comment)
 {
     if ($Comment->WhisperUsername != "") {
         $Name = FormatStringForDatabaseInput($Comment->WhisperUsername);
         $s = $this->Context->ObjectFactory->NewContextObject($this->Context, "SqlBuilder");
         $s->SetMainTable("User", "u");
         $s->AddSelect("UserID", "u");
         $s->AddWhere("Name", $Name, "=");
         $Result = $this->Context->Database->Select($this->Context, $s, $this->Name, "ValidateWhisperUsername", "An error occurred while attempting to validate the username entered as the whisper recipient.");
         while ($Row = $this->Context->Database->GetRow($Result)) {
             $Comment->WhisperUserID = ForceInt($Row["UserID"], 0);
         }
         if ($Comment->WhisperUserID == 0) {
             $this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrWhisperInvalid"));
         }
     }
     return $this->Context->WarningCollector->Iif();
 }
 function FormatPropertiesForDatabaseInput()
 {
     $this->Name = FormatStringForDatabaseInput($this->Name, 1);
     $this->Description = FormatStringForDatabaseInput($this->Description, 1);
 }
 function SaveDiscussion($Discussion)
 {
     if (!$this->Context->Session->User->Permission('PERMISSION_START_DISCUSSION')) {
         $this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrPermissionStartDiscussions'));
     } else {
         // If not editing, and the posted discussion count is less than the
         // user's current discussion count, silently skip the posting and
         // redirect as if everything is normal.
         if ($Discussion->DiscussionID == 0 && $Discussion->UserDiscussionCount < $this->Context->Session->User->CountDiscussions) {
             // Silently fail to post the data
             // Need to get the user's last posted discussionID and direct them to it
             $s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
             $s->SetMainTable('Discussion', 'd');
             $s->AddSelect('DiscussionID', 'd');
             $s->AddWhere('c', 'AuthUserID', '', $this->Context->Session->UserID, '=');
             $s->AddOrderBy('DateCreated', 'd', 'desc');
             $s->AddLimit(0, 1);
             $LastDiscussionData = $this->Context->Database->Select($s, $this->Name, 'SaveDiscussion', 'An error occurred while retrieving your last discussion.');
             while ($Row = $this->Context->Database->GetRow($LastDiscussionData)) {
                 $Discussion->DiscussionID = ForceInt($Row['DiscussionID'], 0);
             }
             // Make sure we got it
             if ($Discussion->DiscussionID == 0) {
                 $this->Context->ErrorManager->AddError($this->Context, $this->Name, 'SaveDiscussion', 'Your last discussion could not be found.');
             }
         } else {
             $NewDiscussion = 0;
             $OldDiscussion = false;
             if ($Discussion->DiscussionID == 0) {
                 $NewDiscussion = 1;
             } else {
                 $OldDiscussion = $this->GetDiscussionById($Discussion->DiscussionID);
             }
             // Validate the Discussion topic
             $Name = FormatStringForDatabaseInput($Discussion->Name);
             Validate($this->Context->GetDefinition('DiscussionTopicLower'), 1, $Name, 100, '', $this->Context);
             //Validate the category ID and role
             $s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
             $s->SetMainTable('Category', 'c');
             $s->AddSelect('CategoryID', 'c');
             $s->AddJoin('CategoryRoleBlock', 'crb', 'CategoryID', 'c', 'CategoryID', 'left join', ' and crb.' . $this->Context->DatabaseColumns['CategoryRoleBlock']['RoleID'] . ' = ' . $this->Context->Session->User->RoleID);
             $s->AddWhere('crb', 'Blocked', '', '0', '=', 'and', '', 1, 1);
             $s->AddWhere('crb', 'Blocked', '', '0', '=', 'or', '', 0, 0);
             $s->AddWhere('crb', 'Blocked', '', 'null', 'is', 'or', '', 0, 0);
             $s->AddWhere('c', 'CategoryID', '', $Discussion->CategoryID, '=', 'and');
             $s->EndWhereGroup();
             $CategoryAllowed = $this->Context->Database->Select($s, $this->Name, 'SaveDiscussion', 'An error occurred while validating category permissions.');
             if ($this->Context->Database->RowCount($CategoryAllowed) < 1) {
                 $Discussion->CategoryID = 0;
             }
             if ($Discussion->CategoryID <= 0) {
                 $this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrSelectCategory'));
             }
             // Validate first comment
             $Discussion->Comment->DiscussionID = $Discussion->DiscussionID;
             if ($OldDiscussion) {
                 $Discussion->Comment->CommentID = $OldDiscussion->FirstCommentID;
             } else {
                 $Discussion->Comment->CommentID = 0;
             }
             $CommentManager = $this->Context->ObjectFactory->NewContextObject($this->Context, 'CommentManager');
             $CommentManager->ValidateComment($Discussion->Comment, 0);
             // Validate the whisperusername
             $CommentManager->ValidateWhisperUsername($Discussion);
             // If updating, validate that this is admin or the author
             if (!$NewDiscussion) {
                 if ($OldDiscussion->AuthUserID != $this->Context->Session->UserID && !$this->Context->Session->User->Permission('PERMISSION_EDIT_DISCUSSIONS')) {
                     $this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrPermissionEditComments'));
                 }
             }
             // If validation was successful, then reset the properties to db safe values for saving
             if ($this->Context->WarningCollector->Count() == 0) {
                 $Discussion->Name = $Name;
             }
             if ($this->Context->WarningCollector->Iif()) {
                 $s->Clear();
                 // Update the user info & check for spam
                 if ($NewDiscussion) {
                     $UserManager = $this->Context->ObjectFactory->NewContextObject($this->Context, 'UserManager');
                     $UserManager->UpdateUserDiscussionCount($this->Context->Session->UserID);
                 }
                 // Proceed with the save if there are no warnings
                 if ($this->Context->WarningCollector->Count() == 0) {
                     $this->DelegateParameters['SqlBuilder'] =& $s;
                     $this->CallDelegate('PreSaveDiscussion');
                     $s->SetMainTable('Discussion', 'd');
                     $s->AddFieldNameValue('Name', $Discussion->Name);
                     $s->AddFieldNameValue('CategoryID', $Discussion->CategoryID);
                     if ($NewDiscussion) {
                         $s->AddFieldNameValue('AuthUserID', $this->Context->Session->UserID);
                         $s->AddFieldNameValue('DateCreated', MysqlDateTime());
                         $s->AddFieldNameValue('DateLastActive', MysqlDateTime());
                         $s->AddFieldNameValue('CountComments', 0);
                         $s->AddFieldNameValue('WhisperUserID', $Discussion->WhisperUserID);
                         if ($Discussion->WhisperUserID != '0') {
                             $s->AddFieldNameValue('DateLastWhisper', MysqlDateTime());
                         }
                         $Discussion->DiscussionID = $this->Context->Database->Insert($s, $this->Name, 'NewDiscussion', 'An error occurred while creating a new discussion.');
                         $Discussion->Comment->DiscussionID = $Discussion->DiscussionID;
                     } else {
                         $s->AddWhere('d', 'DiscussionID', '', $Discussion->DiscussionID, '=');
                         $this->Context->Database->Update($s, $this->Name, 'NewDiscussion', 'An error occurred while updating the discussion.');
                     }
                 }
                 // Now save the associated Comment
                 if ($Discussion->Comment->DiscussionID > 0) {
                     $CommentManager->SaveComment($Discussion->Comment, 1);
                     // Now update the topic table so that we know what the first comment in the discussion was
                     if ($Discussion->Comment->CommentID > 0 && $NewDiscussion) {
                         $s->Clear();
                         $s->SetMainTable('Discussion', 'd');
                         $s->AddFieldNameValue('FirstCommentID', $Discussion->Comment->CommentID);
                         $s->AddWhere('d', 'DiscussionID', '', $Discussion->Comment->DiscussionID, '=');
                         $this->Context->Database->Update($s, $this->Name, 'NewDiscussion', 'An error occurred while updating discussion properties.');
                     }
                 }
             }
         }
     }
     return $this->Context->WarningCollector->Iif($Discussion, false);
 }
     $Connection = @mysql_connect($DBHost, $DBUser, $DBPass);
     if (!$Connection) {
         $WarningCollector->Add("We couldn't connect to the server you provided (" . $DBHost . "). Are you sure you entered the right server, username and password?");
     } elseif (!mysql_select_db($DBName, $Connection)) {
         $WarningCollector->Add("We connected to the server, but we couldn't access the \"" . $DBName . "\" database. Are you sure it exists and that the specified user has access to it?");
     }
 }
 // Create the administrative user
 if ($WarningCollector->Count() == 0 && $Connection) {
     $Username = FormatStringForDatabaseInput($Username);
     $Password = FormatStringForDatabaseInput($Password);
     $s = new SqlBuilder($Context);
     $s->SetMainTable("User", "u");
     $s->AddFieldNameValue("FirstName", "Administrative");
     $s->AddFieldNameValue("LastName", "User");
     $s->AddFieldNameValue("Email", FormatStringForDatabaseInput($SupportEmail));
     $s->AddFieldNameValue("Name", $Username);
     $s->AddFieldNameValue("Password", $Password, 1, "md5");
     $s->AddFieldNameValue("DateFirstVisit", MysqlDateTime());
     $s->AddFieldNameValue("DateLastActive", MysqlDateTime());
     $s->AddFieldNameValue("CountVisit", 0);
     $s->AddFieldNameValue("CountDiscussions", 0);
     $s->AddFieldNameValue("CountComments", 0);
     $s->AddFieldNameValue("RoleID", 6);
     $s->AddFieldNameValue("StyleID", 1);
     $s->AddFieldNameValue("UtilizeEmail", 0);
     $s->AddFieldNameValue("RemoteIP", GetRemoteIp(1));
     if (!@mysql_query($s->GetInsert(), $Connection)) {
         $WarningCollector->Add("Something bad happened when we were trying to create your administrative user account. Mysql said: " . mysql_error($Connection));
     } else {
         // Now insert the role history assignment
 function VerifyPasswordResetRequest($VerificationUserID, $EmailVerificationKey)
 {
     $VerificationUserID = ForceInt($VerificationUserID, 0);
     $EmailVerificationKey = ForceString($EmailVerificationKey, "");
     $EmailVerificationKey = FormatStringForDatabaseInput($EmailVerificationKey);
     // Attempt to retrieve email address
     $s = $this->Context->ObjectFactory->NewContextObject($this->Context, "SqlBuilder");
     $s->SetMainTable("User");
     $s->AddSelect("UserID");
     $s->AddWhere("UserID", $VerificationUserID, "=");
     $s->AddWhere("EmailVerificationKey", $EmailVerificationKey, "=");
     $UserResult = $this->Context->Database->Select($this->Context, $s, $this->Name, "VerifyPasswordResetRequest", "An error occurred while retrieving account information.");
     if ($this->Context->Database->RowCount($UserResult) == 0) {
         $this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrPasswordResetRequest"));
     }
     return $this->Context->WarningCollector->Iif();
 }
 function FormatPropertiesForDatabaseInput()
 {
     $this->CustomStyle = FormatStringForDatabaseInput($this->CustomStyle, 1);
     $this->Name = FormatStringForDatabaseInput($this->Name, 1);
     $this->FirstName = FormatStringForDatabaseInput($this->FirstName, 1);
     $this->LastName = FormatStringForDatabaseInput($this->LastName, 1);
     $this->Email = FormatStringForDatabaseInput($this->Email, 1);
     $this->Icon = FormatStringForDatabaseInput($this->Icon, 1);
     $this->Picture = FormatStringForDatabaseInput($this->Picture, 1);
     $this->Password = FormatStringForDatabaseInput($this->Password, 1);
     $this->OldPassword = FormatStringForDatabaseInput($this->OldPassword, 1);
     $this->NewPassword = FormatStringForDatabaseInput($this->NewPassword, 1);
     $this->ConfirmPassword = FormatStringForDatabaseInput($this->ConfirmPassword, 1);
     $this->VerificationKey = FormatStringForDatabaseInput($this->VerificationKey);
     $this->Attributes = SerializeArray($this->Attributes);
     $this->Discovery = FormatStringForDatabaseInput($this->Discovery, 1);
 }
 function GetIdentity()
 {
     if (!session_id()) {
         session_set_cookie_params(0, $this->Context->Configuration['COOKIE_PATH'], $this->Context->Configuration['COOKIE_DOMAIN']);
         session_start();
     }
     $UserID = ForceInt(@$_SESSION[$this->Context->Configuration['SESSION_USER_IDENTIFIER']], 0);
     if ($UserID == 0) {
         // UserID wasn't found in the session, so attempt to retrieve it from the cookies
         // Retrieve cookie values
         $CookieUserID = ForceIncomingCookieString($this->Context->Configuration['COOKIE_USER_KEY'], '');
         $VerificationKey = ForceIncomingCookieString($this->Context->Configuration['COOKIE_VERIFICATION_KEY'], '');
         if ($CookieUserID != '' && $VerificationKey != '') {
             // Compare against db values
             $s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
             $s->SetMainTable('User', 'u');
             $s->AddJoin('Role', 'r', 'RoleID', 'u', 'RoleID', 'inner join');
             $s->AddSelect('UserID', 'u');
             $s->AddWhere('u', 'UserID', '', FormatStringForDatabaseInput($CookieUserID), '=');
             $s->AddWhere('u', 'VerificationKey', '', FormatStringForDatabaseInput($VerificationKey), '=');
             $Result = $this->Context->Database->Select($s, 'Authenticator', 'GetIdentity', 'An error occurred while attempting to validate your remember me credentials');
             if ($Result) {
                 while ($rows = $this->Context->Database->GetRow($Result)) {
                     $UserID = ForceInt($rows['UserID'], 0);
                 }
                 if ($UserID > 0) {
                     // 1. Update the user's information
                     $this->UpdateLastVisit($UserID);
                     // 2. Log the user's IP address
                     $this->LogIp($UserID);
                 }
             }
         }
     }
     // If it has now been found, set up the session.
     $this->AssignSessionUserID($UserID);
     return $UserID;
 }
 function FormatPropertiesForDatabaseInput()
 {
     $this->Username = FormatStringForDatabaseInput($this->Username, 1);
     $this->Password = FormatStringForDatabaseInput($this->Password, 1);
 }
 function ValidateComment(&$Comment, $DiscussionIDRequired = "1")
 {
     $DiscussionIDRequired = ForceBool($DiscussionIDRequired, 0);
     if ($DiscussionIDRequired) {
         $Comment->DiscussionID = ForceInt($Comment->DiscussionID, 0);
         if ($Comment->DiscussionID == 0) {
             $this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrDiscussionID"));
         }
     }
     // First update the values so they are safe for db input
     $Body = FormatStringForDatabaseInput($Comment->Body);
     // Instantiate a new validator for each field
     Validate($this->Context->GetDefinition("CommentsLower"), 1, $Body, agMAX_COMMENT_LENGTH, "", $this->Context);
     return $this->Context->WarningCollector->Iif();
 }
function GetRemoteIp($FormatIpForDatabaseInput = '0')
{
    $FormatIpForDatabaseInput = ForceBool($FormatIpForDatabaseInput, 0);
    $sReturn = ForceString(@$_SERVER['REMOTE_ADDR'], '');
    if (strlen($sReturn) > 20) {
        $sReturn = substr($sReturn, 0, 19);
    }
    if ($FormatIpForDatabaseInput) {
        $sReturn = FormatStringForDatabaseInput($sReturn, 1);
    }
    return $sReturn;
}
 function SaveDiscussion($Discussion)
 {
     if (!$this->Context->Session->User->CanPostDiscussion) {
         $this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrPermissionStartDiscussions"));
     } else {
         // If not editing, and the posted discussion count is less than the
         // user's current discussion count, silently skip the posting and
         // redirect as if everything is normal.
         if ($Discussion->DiscussionID == 0 && $Discussion->UserDiscussionCount < $this->Context->Session->User->CountDiscussions) {
             // Silently fail to post the data
             // Need to get the user's last posted discussionID and direct them to it
             $s = $this->Context->ObjectFactory->NewContextObject($this->Context, "SqlBuilder");
             $s->SetMainTable("Discussion", "d");
             $s->AddSelect("DiscussionID", "d");
             $s->AddWhere("AuthUserID", $this->Context->Session->UserID, "=");
             $s->AddOrderBy("DateCreated", "d", "desc");
             $s->AddLimit(0, 1);
             $LastDiscussionData = $this->Context->Database->Select($this->Context, $s, $this->Name, "SaveDiscussion", "An error occurred while retrieving your last discussion.");
             while ($Row = $this->Context->Database->GetRow($LastDiscussionData)) {
                 $Discussion->DiscussionID = ForceInt($Row["DiscussionID"], 0);
             }
             // Make sure we got it
             if ($Discussion->DiscussionID == 0) {
                 $this->Context->ErrorManager->AddError($this->Context, $this->Name, "SaveDiscussion", "Your last discussion could not be found.");
             }
         } else {
             $NewDiscussion = 0;
             $OldDiscussion = false;
             if ($Discussion->DiscussionID == 0) {
                 $NewDiscussion = 1;
             } else {
                 $OldDiscussion = $this->GetDiscussionById($Discussion->DiscussionID);
             }
             // Validate the Discussion topic
             $Name = FormatStringForDatabaseInput($Discussion->Name);
             Validate($this->Context->GetDefinition("DiscussionTopicLower"), 1, $Name, 100, "", $this->Context);
             if ($Discussion->CategoryID <= 0) {
                 $this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrSelectCategory"));
             }
             // Validate first comment
             $Discussion->Comment->DiscussionID = $Discussion->DiscussionID;
             if ($OldDiscussion) {
                 $Discussion->Comment->CommentID = $OldDiscussion->FirstCommentID;
             } else {
                 $Discussion->Comment->CommentID = 0;
             }
             $CommentManager = $this->Context->ObjectFactory->NewContextObject($this->Context, "CommentManager");
             $CommentManager->ValidateComment($Discussion->Comment, 0);
             // If updating, validate that this is admin or the author
             if (!$NewDiscussion) {
                 if ($OldDiscussion->AuthUserID != $this->Context->Session->UserID && !$this->Context->Session->User->AdminCategories) {
                     $this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrPermissionEditComments"));
                 }
             }
             // If validation was successful, then reset the properties to db safe values for saving
             if ($this->Context->WarningCollector->Count() == 0) {
                 $Discussion->Name = $Name;
             }
             if ($this->Context->WarningCollector->Iif()) {
                 $s = $this->Context->ObjectFactory->NewContextObject($this->Context, "SqlBuilder");
                 // Update the user info & check for spam
                 if ($NewDiscussion) {
                     $UserManager = $this->Context->ObjectFactory->NewContextObject($this->Context, "UserManager");
                     $UserManager->UpdateUserDiscussionCount($this->Context->Session->UserID);
                 }
                 // Proceed with the save if there are no warnings
                 if ($this->Context->WarningCollector->Count() == 0) {
                     $s->SetMainTable("Discussion");
                     $s->AddFieldNameValue("Name", $Discussion->Name);
                     $s->AddFieldNameValue("CategoryID", $Discussion->CategoryID);
                     if ($NewDiscussion) {
                         $s->AddFieldNameValue("AuthUserID", $this->Context->Session->UserID);
                         $s->AddFieldNameValue("DateCreated", MysqlDateTime());
                         $s->AddFieldNameValue("DateLastactive", MysqlDateTime());
                         $s->AddFieldNameValue("CountComments", 0);
                         $Discussion->DiscussionID = $this->Context->Database->Insert($this->Context, $s, $this->Name, "NewDiscussion", "An error occurred while creating a new discussion.");
                         $Discussion->Comment->DiscussionID = $Discussion->DiscussionID;
                         if ($this->Context->WarningCollector->Count() == 0) {
                             $n = $this->Context->ObjectFactory->NewContextObject($this->Context, "Notify");
                             $n->NotifyDiscussion($Discussion->DiscussionID, $this);
                         }
                     } else {
                         $s->AddWhere("DiscussionID", $Discussion->DiscussionID, "=");
                         $this->Context->Database->Update($this->Context, $s, $this->Name, "NewDiscussion", "An error occurred while updating the discussion.");
                     }
                 }
                 // Now save the associated Comment
                 if ($Discussion->Comment->DiscussionID > 0) {
                     $CommentManager->SaveComment($Discussion->Comment, 1);
                     // Now update the topic table so that we know what the first comment in the discussion was
                     if ($Discussion->Comment->CommentID > 0 && $NewDiscussion) {
                         $s->Clear();
                         $s->SetMainTable("Discussion", "d");
                         $s->AddFieldNameValue("FirstCommentID", $Discussion->Comment->CommentID);
                         $s->AddWhere("DiscussionID", $Discussion->Comment->DiscussionID, "=");
                         $this->Context->Database->Update($this->Context, $s, $this->Name, "NewDiscussion", "An error occurred while updating discussion properties.");
                     }
                 }
             }
         }
     }
     return $this->Context->WarningCollector->Iif($Discussion, false);
 }
Beispiel #20
0
/*
* Copyright 2003 Mark O'Sullivan
* This file is part of Vanilla.
* Vanilla is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
* Vanilla is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
* You should have received a copy of the GNU General Public License along with Vanilla; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
* The latest source code for Vanilla is available at www.lussumo.com
* Contact Mark O'Sullivan at mark [at] lussumo [dot] com
*
* Description: File used by Dynamic Data Management object to fill autocomplete data on user input field
*/
include '../appg/settings.php';
include '../appg/init_ajax.php';
$Search = ForceIncomingString('Search', '');
$Search = urldecode($Search);
$Search = FormatStringForDatabaseInput($Search);
if ($Search != '') {
    $s = $Context->ObjectFactory->NewContextObject($Context, 'SqlBuilder');
    $s->SetMainTable('User', 'u');
    $s->AddSelect('Name', 'u');
    $s->AddWhere('u', 'Name', '', $Search . '%', 'like');
    $s->AddOrderBy('Name', 'u', 'asc');
    $s->AddLimit(0, 10);
    $ResultSet = $Context->Database->Select($s, 'Ajax', 'AutoComplete', 'An error occurred while retrieving autocomplete items.', 0);
    $Name = '';
    $Loop = 1;
    if ($ResultSet) {
        while ($row = $Context->Database->GetRow($ResultSet)) {
            if ($Loop > 1) {
                echo ',';
            }
 function FormatPropertiesForDatabaseInput()
 {
     // Pass the body into a formatter for db input
     $this->Body = $this->Context->FormatString($this->Body, $this, $this->FormatType, FORMAT_STRING_FOR_DATABASE);
     $this->Body = FormatStringForDatabaseInput($this->Body);
     $this->WhisperUsername = FormatStringForDatabaseInput($this->WhisperUsername);
 }
 /**
  * Validate user's Verification
  *
  * Return user's id
  *
  * @param int $UserID
  * @param string $VerificationKey
  * @return unknown
  */
 function ValidateVerificationKey($UserID, $VerificationKey)
 {
     $UserID = ForceInt($UserID, 0);
     $VerificationKey = FormatStringForDatabaseInput($VerificationKey);
     if ($UserID && $VerificationKey) {
         $s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
         $s->SetMainTable('User', 'u');
         $s->AddSelect('UserID', 'u');
         $s->AddWhere('u', 'UserID', '', $UserID, '=');
         $s->AddWhere('u', 'VerificationKey', '', $VerificationKey, '=');
         $Result = $this->Context->Database->Select($s, $this->Name, 'VerifyVerificationKey', 'An error occurred while attempting to validate your remember me credentials');
         if ($Result) {
             $UserID = 0;
             while ($rows = $this->Context->Database->GetRow($Result)) {
                 $UserID = ForceInt($rows['UserID'], 0);
             }
             return $UserID;
         }
     }
     return 0;
 }
Beispiel #23
0
 function FormatPropertiesForDatabaseInput()
 {
     $this->Name = FormatStringForDatabaseInput($this->Name);
     $this->Title = FormatStringForDatabaseInput($this->Title);
     $this->Description = FormatStringForDatabaseInput($this->Description);
     $this->Path = FormatStringForDatabaseInput($this->Path);
 }