public function reply()
{
//hacking attempt
if ($_POST['end_of_line'] != "") {
exit;
}
/** TODO::::
if (!\CODOF\User\CurrentUser\CurrentUser::loggedIn()) {
echo _t("You must be logged in to reply");
}
*/
$topic = new \CODOF\Forum\Topic($this->db);
$tid = (int) $_POST['tid'];
$info = $topic->get_catid_title_tuid($tid);
$catid = $info['cat_id'];
if (!$topic->canViewTopic($info['tuid'], $catid, $tid) || !$topic->canReplyTopic($info['tuid'], $catid, $tid)) {
echo _t("You do not have permission to ") . _t("reply");
exit;
}
if (isset($_POST['input_txt']) && isset($_POST['output_txt']) && isset($_POST['tid'])) {
$post = new \CODOF\Forum\Post($this->db);
$in = $_POST['input_txt'];
$out = $_POST['output_txt'];
$filter = new \CODOF\SpamFilter();
$needsModeration = false;
if ($filter->isSpam($in)) {
$needsModeration = true;
}
$pid = $post->ins_post($catid, $tid, $in, $out, $needsModeration);
$user = \CODOF\User\User::get();
if (!$needsModeration) {
$options = array(":pid" => $pid, ":uid" => $user->id, ":name" => $user->name, ":time" => time(), ":tid" => $tid);
$topic->update_last_post_details($options);
}
$notifier = new \CODOF\Forum\Notification\Notifier();
$subscriber = new \CODOF\Forum\Notification\Subscriber();
//get any @mentions from the topic post
$mentions = $subscriber->getMentions($_POST['input_txt']);
//get userids from mentions that actually exists in the database
$ids = $subscriber->getIdsThatExisits($mentions);
if (!$subscriber->existsForTopic($catid, $tid, $user->id)) {
//subscribe self to topic as a Subscriber::FOLLOWING
$subscriber->toTopic($catid, $tid, \CODOF\Forum\Notification\Subscriber::$FOLLOWING);
}
//if post was inserted successfully
if ($pid) {
$title = $info['title'];
$topicData = array("label" => 'New reply', "cid" => $catid, "tid" => $tid, "tuid" => $info['tuid'], "message" => \CODOF\Util::start_cut(\CODOF\Format::imessage($_POST['input_txt']), 120), "pid" => $pid, "mentions" => $ids, "notification" => "%actor% replied to <b>%title%</b>", "bindings" => array("title" => \CODOF\Util::start_cut($title, 100)));
$notifier->queueNotify('new_reply', $topicData);
\CODOF\Hook::call('after_reply_insert', $topicData);
}
echo json_encode(array("pid" => $pid, "spam" => $needsModeration));
//TODO: error logging and checks !
}
}
public function approveReply($_pid)
{
$db = \DB::getPDO();
$pid = (int) $_pid;
$qry = 'SELECT p.post_status, p.cat_id, p.topic_id, p.uid,p.post_created, p.imessage FROM ' . PREFIX . 'codo_posts AS p' . ' WHERE p.post_id=' . $pid;
$res = $db->query($qry);
if ($res) {
$row = $res->fetch();
$status = $row['post_status'];
$cid = $row['cat_id'];
$text = $row['imessage'];
$user = \CODOF\User\User::get();
if ($user->can('moderate posts', $cid)) {
$qry = 'UPDATE ' . PREFIX . 'codo_posts SET post_status=' . \CODOF\Forum\Forum::APPROVED . ' WHERE post_id=' . $pid;
$db->query($qry);
$post = new \CODOF\Forum\Post($db);
$post->incPostCount($cid, $row['topic_id'], $row['uid']);
$options = array(":pid" => $pid, ":uid" => $user->id, ":name" => $user->name, ":time" => $row['post_created'], ":tid" => $row['topic_id']);
$topic = new \CODOF\Forum\Topic($db);
$topic->update_last_post_details($options);
//If a post considered as spam by filter is being approved
//it means the filter needs to relearn that it is not spam
if ($status == \CODOF\Forum\Forum::MODERATION_BY_FILTER) {
$filter = new \CODOF\SpamFilter();
$filter->ham($text);
}
}
}
}
