public function reply() { //hacking attempt if ($_POST['end_of_line'] != "") { exit; } /** TODO:::: if (!\CODOF\User\CurrentUser\CurrentUser::loggedIn()) { echo _t("You must be logged in to reply"); } */ $topic = new \CODOF\Forum\Topic($this->db); $tid = (int) $_POST['tid']; $info = $topic->get_catid_title_tuid($tid); $catid = $info['cat_id']; if (!$topic->canViewTopic($info['tuid'], $catid, $tid) || !$topic->canReplyTopic($info['tuid'], $catid, $tid)) { echo _t("You do not have permission to ") . _t("reply"); exit; } if (isset($_POST['input_txt']) && isset($_POST['output_txt']) && isset($_POST['tid'])) { $post = new \CODOF\Forum\Post($this->db); $in = $_POST['input_txt']; $out = $_POST['output_txt']; $filter = new \CODOF\SpamFilter(); $needsModeration = false; if ($filter->isSpam($in)) { $needsModeration = true; } $pid = $post->ins_post($catid, $tid, $in, $out, $needsModeration); $user = \CODOF\User\User::get(); if (!$needsModeration) { $options = array(":pid" => $pid, ":uid" => $user->id, ":name" => $user->name, ":time" => time(), ":tid" => $tid); $topic->update_last_post_details($options); } $notifier = new \CODOF\Forum\Notification\Notifier(); $subscriber = new \CODOF\Forum\Notification\Subscriber(); //get any @mentions from the topic post $mentions = $subscriber->getMentions($_POST['input_txt']); //get userids from mentions that actually exists in the database $ids = $subscriber->getIdsThatExisits($mentions); if (!$subscriber->existsForTopic($catid, $tid, $user->id)) { //subscribe self to topic as a Subscriber::FOLLOWING $subscriber->toTopic($catid, $tid, \CODOF\Forum\Notification\Subscriber::$FOLLOWING); } //if post was inserted successfully if ($pid) { $title = $info['title']; $topicData = array("label" => 'New reply', "cid" => $catid, "tid" => $tid, "tuid" => $info['tuid'], "message" => \CODOF\Util::start_cut(\CODOF\Format::imessage($_POST['input_txt']), 120), "pid" => $pid, "mentions" => $ids, "notification" => "%actor% replied to <b>%title%</b>", "bindings" => array("title" => \CODOF\Util::start_cut($title, 100))); $notifier->queueNotify('new_reply', $topicData); \CODOF\Hook::call('after_reply_insert', $topicData); } echo json_encode(array("pid" => $pid, "spam" => $needsModeration)); //TODO: error logging and checks ! } }
public function approveReply($_pid) { $db = \DB::getPDO(); $pid = (int) $_pid; $qry = 'SELECT p.post_status, p.cat_id, p.topic_id, p.uid,p.post_created, p.imessage FROM ' . PREFIX . 'codo_posts AS p' . ' WHERE p.post_id=' . $pid; $res = $db->query($qry); if ($res) { $row = $res->fetch(); $status = $row['post_status']; $cid = $row['cat_id']; $text = $row['imessage']; $user = \CODOF\User\User::get(); if ($user->can('moderate posts', $cid)) { $qry = 'UPDATE ' . PREFIX . 'codo_posts SET post_status=' . \CODOF\Forum\Forum::APPROVED . ' WHERE post_id=' . $pid; $db->query($qry); $post = new \CODOF\Forum\Post($db); $post->incPostCount($cid, $row['topic_id'], $row['uid']); $options = array(":pid" => $pid, ":uid" => $user->id, ":name" => $user->name, ":time" => $row['post_created'], ":tid" => $row['topic_id']); $topic = new \CODOF\Forum\Topic($db); $topic->update_last_post_details($options); //If a post considered as spam by filter is being approved //it means the filter needs to relearn that it is not spam if ($status == \CODOF\Forum\Forum::MODERATION_BY_FILTER) { $filter = new \CODOF\SpamFilter(); $filter->ham($text); } } } }