public function login() { $username = jget('username', 'txt'); $password = jget('password'); $openid = jget('openid'); if ($username == "" || $password == "") { json_error("无法登录,用户名或密码不能为空"); } if ($this->Config['login_by_uid']) { is_numeric($username) && json_error("禁止使用UID登录"); } if ($GLOBALS['_J']['plugins']['func']['login']) { hookscript('login', 'funcs', array('param' => $this->Post, 'step' => 'check'), 'login'); } $rets = jsg_member_login($username, $password); $uid = (int) $rets['uid']; if ($uid < 1) { json_error(array_iconv($this->Config['charset'], 'utf-8', $rets['error'])); } $r = false; if ($openid && $uid) { $r = jlogic('wechat')->do_bind($openid, $uid); } if ($r) { json_result("绑定成功!"); } else { json_error("绑定失败!"); } }
public function run() { header('Access-Control-Allow-Origin: *'); date_default_timezone_set('Asia/Seoul'); user()->login(); if ($model = http_input('model')) { list($model_name, $class_name, $method_name) = explode('.', $model); $uc_first_class_name = ucfirst($class_name); $namespace = "of\\{$model_name}\\{$uc_first_class_name}"; $obj = new $namespace(); return $obj->{$method_name}(); } switch ($doing = http_input('do')) { default: if (strpos($doing, '.')) { $doing = str_replace('.', '\\', $doing); } else { $doing = ucfirst($doing); } $name = "of\\{$doing}"; $obj = new $name(); $obj->runAjax(); json_error(-40444, "Nothing to do"); return null; } }
protected function executeImpl(ArrayAdapter $params) { $action = $params->str('action'); $gallery = $params->str('gallery'); switch ($action) { case 'creategall': PsGallery::makeNew($gallery, $params->str('name')); break; case 'save': PsGallery::inst($gallery)->saveGallery($params->str('name'), $params->arr('images')); break; case 'imgadd': PsGallery::inst($gallery)->addWebImg($params->arr('img')); break; case 'imgdel': if ($params->bool('web')) { PsGallery::inst($gallery)->deleteWebImg($params->str('file')); } else { PsGallery::inst($gallery)->deleteLocalImg($params->str('file')); } break; default: json_error("Unknown action [{$action}]."); } return new AjaxSuccess(); }
/** * 로그인 과정을 진행한다. * * 입력 정보는 HTTP input 의 idx_member 와 session_id 로 들어오며, * 회원 정보를 $sys->member 에 저장하고, * 회원 번호를 리턴한다. * * 이것은 module/ajax/DataLayer.php 의 회원 로그인과 비슷하며, * * ajax 의 model=.... 와 같이 호출하는 경우, overframe/ajax/Ajax.php 의 run() 에 의해서 호출된다. * * @return mixed 회원번호 또는 ajax 에러 메세지. */ public function login() { global $sys; $in = http_input(); $in['remember'] = 'Y'; sys()->log(" =========> UserLayer::login() in: "); if (empty($in['idx_member'])) { return FALSE; } if (isset($in['idx_member']) && $in['idx_member'] && isset($in['session_id'])) { $member = $sys->member->get($in['idx_member']); if (empty($member)) { json_error(-508, "User not found. Wrong idx_member."); } if ($this->session_id($member) != $in['session_id']) { json_error(-507, "Wrong user session id. Your IP and location information has been reported to admin."); } } else { sys()->log(" =====> No. login. in[idx_member] and in[action] is not member_register_submit, in[id], in[password] is empty. "); return FALSE; } $sys->member->idx = $member['idx']; $sys->member->info = $member; return $sys->member->idx; }
/** * Validate the provided API key. */ public function checkAuth() { $api = new API(); $api->key = $_GET['key']; try { $api->validate_key(); } catch (Exception $e) { json_error($e->getMessage()); die; } }
/** * Check that the object can be accessed. * * @param mixed $id Object ID * @return boolean|WP_Error */ protected function check_object($id) { $id = (int) $id; $post = get_post($id, ARRAY_A); if (empty($id) || empty($post['ID'])) { json_error(BigAppErr::$post['code'], BigAppErr::$post['msg'], "empty {$id}"); } if (!json_check_post_permission($post, 'edit')) { json_error(BigAppErr::$post['code'], BigAppErr::$post['msg'], "cant read:{$id}"); } return true; }
function do_upload_avatar() { $cleaned = vB::getCleaner()->cleanArray($_REQUEST, array('upload' => vB_Cleaner::TYPE_FILE)); if (empty($cleaned['upload'])) { return json_error(ERR_NO_PERMISSION); } $upload_result = vB_Api::instance('profile')->upload($cleaned['upload']); if (!empty($upload_result['errors'])) { return json_error(ERR_NO_PERMISSION); } return true; }
/** * Выполнение ajax действия * * @param AjaxClassProvider $provider */ function execute_ajax_action(AbstractAjaxAction $action = null) { /* Для безопасности не будем писать детали обработки */ if (!$action) { json_error('Действие не опеределено'); } $result = $action->execute(); $result = $result ? $result : 'Ошибка выполнения действия'; if ($result instanceof AjaxSuccess) { json_success($result->getJsParams()); } json_error($result); }
function handle($args) { /* * Make sure we have a search term. */ if (!isset($args['term']) || empty($args['term'])) { json_error('Search term not provided.'); die; } /* * Clean up the search term. */ $term = filter_var($args['term'], FILTER_SANITIZE_STRING); /* * Append an asterix to the search term, so that Solr can suggest autocomplete terms. */ $term .= '*'; /* * Intialize Solarium. */ $client = new Solarium_Client($GLOBALS['solr_config']); /* * Set up our query. */ $query = $client->createSuggester(); $query->setHandler('suggest'); $query->setQuery($term); $query->setOnlyMorePopular(TRUE); $query->setCount(5); $query->setCollate(TRUE); /* * Execute the query. */ $search_results = $client->suggester($query); /* * If there are no results. */ if (count($search_results) == 0) { $response->terms = FALSE; } else { $response->terms = array(); foreach ($search_results as $term => $term_result) { $i = 0; foreach ($term_result as $suggestion) { $response->terms[] = array('id' => $i, 'term' => $suggestion); $i++; } } } $this->render($response, 'OK'); }
function process_work($pdo, $worker_id, $pool_id, $response, $json_id) { $q = $pdo->prepare(' INSERT IGNORE INTO work_data (worker_id, pool_id, data, time_requested) VALUES (:worker_id, :pool_id, :data, UTC_TIMESTAMP()) '); $data = strtolower(substr($response->result->data, 0, 152)); if (!$q->execute(array(':worker_id' => $worker_id, ':pool_id' => $pool_id, ':data' => $data))) { json_error('Database error on INSERT into work_data: ' . json_encode($q->errorInfo()), $json_id); } }
/** * 设置AK SK * @param ak,sk */ public function set_ak_sk($ak, $sk) { $ak = trim($ak); $sk = trim($sk); $st = false; if (strlen($ak) == 32 && strlen($sk) == 32) { $ak_sk = array('ak' => $ak, 'sk' => $sk); $st = update_option("bigapp_ak_sk", json_encode($ak_sk)); $st = true; } else { json_error(BigAppErr::$server['code'], __lan("app key/app secret format is wrong"), ""); } return $st; }
function do_subscribe_thread() { $userinfo = vB_Api::instance('user')->fetchUserInfo(); if ($userinfo['userid'] < 1) { return json_error(ERR_NO_PERMISSION); } $cleaned = vB::getCleaner()->cleanArray($_REQUEST, array('threadid' => vB_Cleaner::TYPE_UINT)); if (empty($cleaned['threadid'])) { return json_error(ERR_INVALID_SUB); } $result = vB_Api::instance('follow')->add($cleaned['threadid'], vB_Api_Follow::FOLLOWTYPE_CONTENT); if (empty($result) || !empty($result['errors'])) { return json_error(ERR_INVALID_SUB); } return true; }
function do_get_announcement() { $cleaned = vB::getCleaner()->cleanArray($_REQUEST, array('forumid' => vB_Cleaner::TYPE_UINT)); if (!isset($cleaned['forumid']) || $cleaned['forumid'] < 1) { return json_error(ERR_NO_PERMISSION); } $result = vB_Api::instance('announcement')->fetch($cleaned['forumid']); if ($result === null || isset($result['errors'])) { return json_error(ERR_NO_PERMISSION); } $posts = array(); foreach ($result as $ann) { $posts[] = fr_parse_post($ann); } return array('posts' => $posts, 'total_posts' => count($posts)); }
public function actionDeleteAttachment() { $vals = $this->_input->filter(array('attachmentid' => XenForo_Input::UINT, 'poststarttime' => XenForo_Input::STRING)); try { $attachment = $this->_getAttachmentOrError($vals['attachmentid']); } catch (Exception $e) { $error = new XenForo_Phrase('do_not_have_permission'); json_error($error->render()); } if (!$this->_getAttachmentModel()->canDeleteAttachment($attachment, $vals['poststarttime'])) { $error = new XenForo_Phrase('do_not_have_permission'); json_error($error->render()); } $dw = XenForo_DataWriter::create('XenForo_DataWriter_Attachment'); $dw->setExistingData($attachment, true); $dw->delete(); return array('success' => true); }
protected function executeImpl(ArrayAdapter $params) { $action = $params->str('action'); $controller = PsLogger::controller(); switch ($action) { case 'reset': $controller->clearLogs(); break; case 'on': $controller->setLoggingEnabled(true); break; case 'off': $controller->setLoggingEnabled(false); break; default: json_error("Unknown action [{$action}]."); } return new AjaxSuccess(); }
function do_upload_attachment() { global $vbulletin, $db, $foruminfo, $attachlib; $vbulletin->input->clean_gpc('f', 'attachment', TYPE_FILE); // format vbulletin expects: $files[name][x]... we only have one per post $vbulletin->GPC['attachment'] = array('name' => array($vbulletin->GPC['attachment']['name']), 'tmp_name' => array($vbulletin->GPC['attachment']['tmp_name']), 'error' => array($vbulletin->GPC['attachment']['error']), 'size' => array($vbulletin->GPC['attachment']['size'])); if ($vbulletin->GPC['flash'] and is_array($vbulletin->GPC['attachment'])) { $vbulletin->GPC['attachment']['utf8_names'] = true; } $uploadids = $attachlib->upload($vbulletin->GPC['attachment'], array(), $vbulletin->GPC['filedata']); $uploads = explode(',', $uploadids); if (!empty($attachlib->errors)) { $errorlist = ''; foreach ($attachlib->errors as $error) { $filename = htmlspecialchars_uni($error['filename']); $errormessage = $error['error'] ? $error['error'] : $vbphrase["{$error['errorphrase']}"]; json_error($errormessage, RV_UPLOAD_ERROR); } } return array('attachmentid' => $uploads[0]); }
function do_delete_attachment() { $userinfo = vB_Api::instance('user')->fetchUserInfo(); if ($userinfo['userid'] < 1) { return json_error(ERR_NO_PERMISSION); } $cleaned = vB::getCleaner()->cleanArray($_REQUEST, array('attachmentid' => vB_Cleaner::TYPE_UINT)); if (empty($cleaned['attachmentid'])) { return json_error(ERR_NO_PERMISSION); } $fr_attach = vB_dB_Assertor::instance()->assertQuery('ForumRunner:getAttachmentMarkerById', array('id' => $cleaned['attachmentid'])); if (empty($fr_attach)) { return json_error(ERR_NO_PERMISSION); } $result = vB_Api::instance('content_attach')->deleteAttachment($fr_attach['attachmentid']); if (empty($result) || !empty($result['errors'])) { return json_error(ERR_NO_PERMISSION); } vB_dB_Assertor::instance()->assertQuery('ForumRunner:deleteAttachmentMarker', array('id' => $cleaned['attachmentid'])); return true; }
function do_online() { $userinfo = vB_Api::instance('user')->fetchUserInfo(); $result = vB_Api::instance('wol')->fetchAll(); $options = vB::get_datastore()->get_value('options'); if (is_null($result) || isset($result['errors'])) { return json_error(ERR_NO_PERMISSION); } $user_counts = vB_Api::instance('wol')->fetchCounts(); if (is_null($user_counts) || isset($user_counts['errors'])) { return json_error(ERR_NO_PERMISSION); } $users = array(); foreach ($result as $user) { $user_final = array('username' => $user['username'], 'userid' => $user['userid'], 'avatarurl' => $options['bburl'] . '/' . $user['avatarpath']); if (!empty($userinfo) && $user['userid'] === $userinfo['userid']) { $user_final['me'] = true; } $users[] = $user_final; } return array('users' => $users, 'num_guests' => $user_counts['guests']); }
/** * * */ public function attend() { $idx = user()->getIdx(); if (empty($idx)) { json_error(-40443, "로그인을 하십시오."); } $id = user()->getUsername(); $meta = new PhilgoMeta(); $nick = $meta->get("google_store.{$id}"); if (empty($nick)) { json_error(-40401, "앱 평가를 먼저 하셔야 출석을 할 수 있습니다."); } $date = date('Ymd'); $entity = $this->load("user_id={$idx} AND date={$date}"); if ($entity) { $count = $this->count_consecutive_attend(); if ($count >= self::max_attend) { json_error(-40448, "출석 이벤트를 완료하였습니다."); } else { $ymd = preg_replace('/([0-9]{4})([0-9]{2})([0-9]{2})/', "\$1년 \$2월 \$3일", $date); json_error(-40448, "{$ymd}에 출근 도장을 이미 찍으셨습니다. 연속으로 {$count} 번 출근 도장을 찍으셨습니다."); } } $entity = $this->create()->sets(array('user_id' => $idx, 'date' => $date))->save(); if ($entity) { $count = $this->count_consecutive_attend(); if ($count >= 5) { $meta = new PhilgoMeta(); $meta->set("attend.complete.{$idx}", time()); json_success(array('code' => 1, 'message' => "축하합니다. 출석 이벤트를 완료하였습니다.")); } else { json_success(array('count' => $count)); } } else { json_error(-40041, "출근 실패"); } }
function handle_json_rpc($object) { /* if ($input == '') { $input = file_get_contents('php://input'); } */ $input = $GLOBALS['HTTP_RAW_POST_DATA']; $encoding = mb_detect_encoding($input, 'auto'); //convert to unicode if ($encoding != 'UTF-8') { $input = iconv($encoding, 'UTF-8', $input); } $input = json_decode($input); header('Content-Type: text/plain'); // handle Errors if (!$input) { if ($GLOBALS['HTTP_RAW_POST_DATA'] == "") { echo response(null, 0, array("code" => -32700, "message" => "Parse Error: no data")); } else { // json parse error $error = json_error(); $id = extract_id(); echo response(null, $id, array("code" => -32700, "message" => "Parse Error: {$error}")); } exit; } else { $method = get_field($input, 'method', null); $params = get_field($input, 'params', null); $id = get_field($input, 'id', null); // json rpc error if (!($method && $id)) { if (!$id) { $id = extract_id(); } if (!$method) { $error = "no method"; } else { if (!$id) { $error = "no id"; } else { $error = "unknown reason"; } } echo response(null, $id, array("code" => -32600, "message" => "Invalid Request: {$error}")); exit; } } // fix params (if params is null set it to empty array) if (!$params) { $params = array(); } // if params is object change it to array if (is_object($params)) { if (count(get_object_vars($params)) == 0) { $params = array(); } else { $params = get_object_vars($params); } } // call Service Method try { $class = get_class($object); $methods = get_class_methods($class); do_debug($methods); if (strcmp($method, 'help') == 0) { if (count($params) > 0) { if (!in_array($params[0], $methods)) { $no_method = 'There is no ' . $params[0] . ' method'; throw new Exception($no_method); } else { $static = get_class_vars($class); $help_str_name = $params[0] . "_documentation"; //throw new Exception(implode(", ", $static)); if (array_key_exists($help_str_name, $static)) { echo response($static[$help_str_name], $id, null); } else { throw new Exception($method . " method has no documentation"); } } } else { $url = "http://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]; $msg = 'PHP JSON-RPC - in "' . $url . "\"\n"; $msg .= "class \"{$class}\" has methods: " . implode(", ", array_slice($methods, 0, -1)) . " and " . $methods[count($methods) - 1] . "."; echo response($msg, $id, null); } } else { if (!in_array($method, $methods)) { $msg = 'There is no ' . $method . ' method'; echo response(null, $id, array("code" => -32601, "message" => $msg)); } else { //throw new Exception('x -> ' . json_encode($params)); $result = call_user_func_array(array($object, $method), $params); echo response($result, $id, null); } } exit; } catch (Exception $e) { //catch all exeption from user code $msg = "Internal error: " . $e->getMessage(); echo response(null, $id, array("code" => -32603, "message" => $msg)); } }
function require_authentification() { global $logged_in; if (!$logged_in) { header('WWW-Authenticate: Basic realm="My Realm"'); header('HTTP/1.0 401 Unauthorized'); json_error("Authentification required."); } }
/** * Delete a post * * @see WP_JSON_Posts::delete_post() */ public function delete_post($id, $force = false) { $id = (int) $id; if (empty($id)) { json_error(BigAppErr::$post['code'], BigAppErr::$post['msg'], ""); } $post = get_post($id, ARRAY_A); if ($post['post_type'] !== $this->type) { json_error(BigAppErr::$post['code'], BigAppErr::$post['msg'], ""); } return parent::delete_post($id, $force); }
public function actionLike() { $postid = $this->_input->filterSingle('postid', XenForo_Input::UINT); $helper = $this->getHelper('ForumThreadPost'); try { list($post_info, $thread_info, $forum_info) = $helper->assertPostValidAndViewable($postid); } catch (Exception $e) { json_error($e->getControllerResponse()->errorText->render()); } if (!$this->_getPostModel()->canLikePost($post_info, $thread_info, $forum_info, $error)) { $phrase = new XenForo_Phrase($error); json_error($phrase->render()); } $like_model = $this->_getLikeModel(); $existing_like = $like_model->getContentLikeByLikeUser('post', $postid, XenForo_Visitor::getUserId()); if ($existing_like) { $like_model->unlikeContent($existing_like); } else { $like_model->likeContent('post', $postid, $post_info['user_id']); } return array('success' => true); }
/** * * @SWG\Api( * path="/project/{uuid}/invite", * description="API for project actions", * @SWG\Operation( * method="POST", * type="ProjectInvite", * summary="Invite a user to a project. You can either invite a member of your team by passing their uuid or by sending them an external email", * @SWG\Parameter( * name="uuid", * description="UUID of the project", * paramType="path", * required=true, * type="string" * ), * @SWG\Parameter( * name="user_uuid", * description="The uuid of the user you would like to invite (optional)", * paramType="form", * required=false, * type="string" * ), * @SWG\Parameter( * name="email", * description="The email address of the external user you would like to invite (optional)", * paramType="form", * required=false, * type="string" * ), * ) * ) * * Invites a user to a project * @param string $uuid */ private function project_invite($uuid = '') { $this->load->helper('notification'); $project = validate_project_uuid($uuid); /* Validate that the team owner has a valid subscription or free trial */ validate_team_read($project->team_id); /* Validate that they are the team owner */ validate_team_owner($project->team_id, get_user_id()); $user_uuid = $this->post('user_uuid', TRUE); $email = $this->post('email', TRUE); /* Validate that they have a valid subscription and can add a project */ validate_user_add(get_user_id(), $user_uuid); if ($email) { /** Look to see if there is an existing invite and resend it */ $invite = $this->Project_Invite->get_for_email_project($email, $project->id); $invite_id = 0; if ($invite && !$invite->user_id) { $invite_id = $invite->id; $key = $invite->key; } else { $key = random_string('unique'); $invite_id = $this->Project_Invite->add(array('email' => $email, 'project_id' => $project->id, 'key' => $key)); } notify_project_invite_new_user($invite_id, get_user_id()); json_success("User invited successfully", array('invite_id' => $invite_id, 'email' => $email, 'key' => $key)); exit; } else { if ($user_uuid) { $user = validate_user_uuid($user_uuid); /* Validate that the user is on the project */ if (!$this->User->is_on_team(get_team_id(), $user->id)) { json_error('The user you are inviting is not on your team. Please invite them to your team first.'); exit; } $invite = $this->Project_Invite->get_for_user_id_project($user->id, $project->id); if ($invite) { $invite_id = $invite->id; $key = $invite->key; } else { $key = random_string('unique'); $invite_id = $this->Project_Invite->add(array('project_id' => $project->id, 'user_id' => $user->id, 'email' => $user->email, 'key' => $key)); } notify_project_invite_new_user($invite_id, get_user_id()); json_success("User invited successfully", array('invite_id' => $invite_id, 'email' => $email, 'key' => $key)); exit; } } json_error("You must provide either a user id or an email address to invite to this project."); }
function _image_error($msg) { if ('normal' == $this->Type) { echo "<script type='text/javascript'>window.parent.MessageBox('warning', '{$msg}');</script>"; exit; } else { json_error($msg); } }
C::t('news_viewer')->insert($addviewer); } } $news['dateline'] = dgmdate($news[dateline], 'u'); $data = $news; $message = 'success'; break; default: $result = false; $message = '不存在的方法'; break; } if ($result) { json_success($message, $data); } else { json_error($message); } function catList($catid = 0, $sql, $param) { global $_G; //查询 $params = array('news'); $params[] = 'news_viewer'; $params[] = $_G['uid']; $params = $param ? array_merge_recursive($params, $param) : $params; foreach (C::t('news_cat')->fetch_all_by_pid($catid) as $value) { $catids = $common = ''; $result[$value['catid']] = $value; $sun = C::t('news_cat')->fetch_all_by_pid($value['catid']); if ($sun) { foreach ($sun as $s) {
/** * Get term for a post type * * @param string $taxonomy Taxonomy slug * @param string $term Term slug * @param string $context Context (view/view-parent) * @return array Term entity * 获取当个分类信息的接口:action=get_taxonomy_term&taxonomy=category&term=3 */ public function get_taxonomy_term($taxonomy, $term, $context = 'view') { if (!taxonomy_exists($taxonomy)) { json_error(BigAppErr::$taxonomy['code'], BigAppErr::$taxonomy['msg'], "Invalid taxonomy ID."); } $data = get_term($term, $taxonomy); if (empty($data) or is_wp_error($data)) { json_error(BigAppErr::$taxonomy['code'], BigAppErr::$taxonomy['msg'], "Invalid taxonomy ID."); } return $this->prepare_taxonomy_term($data, $context); }
} } // Disable this filter for DAFIF (no IATA data) if ($iatafilter == "false" || $dbname == "airports_dafif") { $sql .= " 1=1"; // dummy } else { $sql .= " iata != '' AND iata != 'N/A'"; } } if (!$offset) { $offset = 0; } // Check result count $sql2 = str_replace("*", "COUNT(*)", $sql); $result2 = mysql_query($sql2, $db) or json_error('Operation ' . $param . ' failed: ' . $sql2); if ($row = mysql_fetch_array($result2, MYSQL_NUM)) { $max = $row[0]; } $response = array("status" => 1, "offset" => $offset, "max" => $max); // Fetch airport data $sql .= " ORDER BY name LIMIT 10 OFFSET " . $offset; $result = mysql_query($sql, $db) or die(json_encode(array("status" => 0, "message" => 'Operation ' . $param . ' failed: ' . $sql))); while ($rows[] = mysql_fetch_assoc($result)) { } array_pop($rows); foreach ($rows as &$row) { if ($dbname == "airports_dafif" || $dbname == "airports_oa") { $row["country"] = $row["code"]; } if ($row["uid"] || $uid == $OF_ADMIN_UID) {
function do_subscribe_thread() { global $vbulletin, $db, $foruminfo, $threadinfo; if (!$vbulletin->userinfo['userid']) { json_error(ERR_INVALID_LOGGEDIN, RV_NOT_LOGGED_IN); } $vbulletin->input->clean_array_gpc('r', array('emailupdate' => TYPE_UINT, 'folderid' => TYPE_INT)); $vbulletin->GPC['folderid'] = 0; if (!$foruminfo['forumid']) { json_error(ERR_INVALID_THREAD); } $forumperms = fetch_permissions($foruminfo['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) { json_error(ERR_INVALID_THREAD); } if (!$foruminfo['allowposting'] or $foruminfo['link'] or !$foruminfo['cancontainthreads']) { json_error(ERR_CANNOT_SUB_FORUM_CLOSED); } // check if there is a forum password and if so, ensure the user has it set if (!verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false)) { json_error(ERR_CANNOT_SUB_PASSWORD); } if ($threadinfo['threadid']) { if (!$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts') or $threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'], 'candeleteposts')) { json_error(ERR_INVALID_THREAD); } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or ($vbulletin->userinfo['userid'] != $threadinfo['postuserid'] or !$vbulletin->userinfo['userid']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) { json_error(ERR_INVALID_THREAD); } /*insert query*/ $db->query_write("\n\t\t\tREPLACE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\tVALUES (" . $vbulletin->userinfo['userid'] . ", {$threadinfo['threadid']}, " . $vbulletin->GPC['emailupdate'] . ", " . $vbulletin->GPC['folderid'] . ", 1)\n\t\t"); } else { if ($foruminfo['forumid']) { /*insert query*/ $db->query_write("\n\t\t\tREPLACE INTO " . TABLE_PREFIX . "subscribeforum (userid, emailupdate, forumid)\n\t\t\tVALUES (" . $vbulletin->userinfo['userid'] . ", " . $vbulletin->GPC['emailupdate'] . ", " . $vbulletin->GPC['forumid'] . ")\n\t\t"); } } return array('success' => true); }
function do_ban_user() { $userinfo = vB_Api::instance('user')->fetchUserInfo(); if ($userinfo['userid'] < 1) { return json_error(ERR_NO_PERMISSION); } $cleaned = vB::getCleaner()->cleanArray($_REQUEST, array('userid' => vB_Cleaner::TYPE_UINT, 'usergroupid' => vB_Cleaner::TYPE_UINT, 'period' => vB_Cleaner::TYPE_STR, 'reason' => vB_Cleaner::TYPE_STR)); if (!isset($cleaned['userid']) || !isset($cleaned['period'])) { return json_error(ERR_NO_PERMISSION); } !isset($cleaned['usergroupid']) || $cleaned['usergroupid'] < 1 ? $banusergroupid = 8 : ($banusergroupid = $cleaned['usergroupid']); $user = vB_Api::instance('user')->banUsers(array($cleaned['userid']), $banusergroupid, $cleaned['period'], $cleaned['reason']); if ($user === null || isset($user['errors'])) { return false; } return true; }