/**
  * Check email confirmation code
  *
  * @return true;
  */
 public function checkEmailConfirmation($h)
 {
     $user_id = $h->cage->get->getInt('id');
     $conf = $h->cage->get->getAlnum('conf');
     $user = new UserAuth();
     $user->getUserBasic($h, $user_id);
     if (!$user_id || !$conf) {
         $h->messages[$h->lang['user_signin_register_emailconf_fail']] = 'red';
     }
     $sql = "SELECT user_email_conf FROM " . TABLE_USERS . " WHERE user_id = %d";
     $user_email_conf = $h->db->get_var($h->db->prepare($sql, $user_id));
     if ($conf === $user_email_conf) {
         // update role:
         $user->role = $h->vars['regStatus'];
         $h->pluginHook('user_signin_email_conf_post_role');
         // update user with new permissions:
         $new_perms = $user->getDefaultPermissions($h, $user->role);
         unset($new_perms['options']);
         // don't need this for individual users
         $user->setAllPermissions($new_perms);
         $user->updatePermissions($h);
         $user->updateUserBasic($h);
         // set email valid to 1:
         $sql = "UPDATE " . TABLE_USERS . " SET user_email_valid = %d WHERE user_id = %d";
         $h->db->query($h->db->prepare($sql, 1, $user->id));
         // notify chosen mods of new user by email:
         if ($h->vars['useEmailNotify'] == 'checked' && file_exists(PLUGINS . 'users/libs/UserFunctions.php')) {
             require_once PLUGINS . 'users/libs/UserFunctions.php';
             $uf = new UserFunctions();
             $uf->notifyMods($h, 'user', $user->role, $user->id);
         }
         $success_message = $h->lang['user_signin_register_emailconf_success'] . " <br /><b><a href='" . $h->url(array('page' => 'login')) . "'>" . $h->lang['user_signin_register_emailconf_success_login'] . "</a></b>";
         $h->messages[$success_message] = 'green';
     } else {
         $h->messages[$h->lang['user_signin_register_emailconf_fail']] = 'red';
     }
     return true;
 }
Beispiel #2
0
 /**
  * Define table name, include language file and creat global Comments object
  */
 public function theme_index_top($h)
 {
     // Create a new global object called "comment".
     require_once LIBS . 'Comment.php';
     $h->comment = new Comment();
     // Get settings from database if they exist...
     $comments_settings = $h->getSerializedSettings();
     // Assign settings to class member
     $h->comment->avatars = $comments_settings['comment_avatars'];
     $h->comment->avatarSize = $comments_settings['comment_avatar_size'];
     $h->comment->voting = $comments_settings['comment_voting'];
     $h->comment->email = $comments_settings['comment_email'];
     $h->comment->allowableTags = $comments_settings['comment_allowable_tags'];
     $h->comment->levels = $comments_settings['comment_levels'];
     $h->comment->setPending = $comments_settings['comment_set_pending'];
     $h->comment->allForms = $comments_settings['comment_all_forms'];
     $h->vars['comment_hide'] = $comments_settings['comment_hide'];
     if ($h->pageName == 'rss_comments') {
         $this->rssFeed($h);
         return true;
     }
     if ($h->pageName == 'comments') {
         // set current comment and responses to pending:
         if ($h->cage->get->getAlpha('action') == 'setpending') {
             // before setting pending, we need to be certain this user has permission:
             if ($h->currentUser->loggedIn && $h->currentUser->getPermission('can_set_comments_pending') == 'yes') {
                 $cid = $h->cage->get->testInt('cid');
                 // comment id
                 $comment = $h->comment->getComment($h, $cid);
                 $h->comment->readComment($h, $comment);
                 // read comment
                 $h->comment->status = 'pending';
                 // set to pending
                 $h->comment->editComment($h);
                 // update this comment
                 $h->comment->postId = $h->cage->get->testInt('pid');
                 // post id
                 $h->comment->setPendingCommentTree($h, $cid);
                 // set all responses to 'pending', too.
                 // redirect back to thread:
                 $h->post = new Post();
                 $h->readPost($h->comment->postId);
                 header("Location: " . $h->url(array('page' => $h->post->id)));
                 // Go to the post
                 die;
             }
         }
         // delete current comment and responses:
         if ($h->cage->get->getAlpha('action') == 'delete') {
             // before deleting a comment, we need to be certain this user has permission:
             if ($h->currentUser->loggedIn && $h->currentUser->getPermission('can_delete_comments') == 'yes') {
                 $cid = $h->cage->get->testInt('cid');
                 // comment id
                 $comment = $h->comment->getComment($h, $cid);
                 $h->comment->readComment($h, $comment);
                 // read comment
                 $h->pluginHook('comments_delete_comment');
                 $h->comment->deleteComment($h, $cid);
                 // delete this comment
                 $h->comment->deleteCommentTree($h, $cid);
                 // delete all responses, too.
                 $h->clearCache('html_cache', false);
                 // clear HTML cache to refresh Comments and Activity widgets
                 $h->comment->postId = $h->cage->get->testInt('pid');
                 // post id
                 // redirect back to thread:
                 $h->readPost($h->comment->postId);
                 header("Location: " . $h->url(array('page' => $h->comment->postId)));
                 // Go to the post
                 die;
             }
         }
         // FOR THE COMMENTS PAGE:
         $h->pageTitle = $h->lang['comments'];
         if ($h->cage->get->keyExists('user')) {
             $h->pageTitle .= '[delimiter]' . $h->cage->get->testUsername('user');
         }
     }
     // Is the comment form open on this thread?
     $h->comment->thisForm = $h->comment->formStatus($h, 'select');
     // returns 'open' or 'closed'
     if ($h->pageType == 'post' && $h->comment->thisForm == 'open' && $h->comment->allForms == 'checked') {
         if ($h->currentUser->loggedIn) {
             if ($h->cage->post->getAlpha('comment_process') == 'newcomment' || $h->cage->post->getAlpha('comment_process') == 'editcomment') {
                 if ($h->cage->post->keyExists('comment_content')) {
                     $h->comment->content = sanitize($h->cage->post->getHtmLawed('comment_content'), 'tags', $h->comment->allowableTags);
                     $h->comment->content = make_urls_clickable($h->comment->content);
                 }
                 if ($h->cage->post->keyExists('comment_post_id')) {
                     $h->comment->postId = $h->cage->post->testInt('comment_post_id');
                 }
                 if ($h->cage->post->keyExists('comment_user_id')) {
                     $h->comment->author = $h->cage->post->testInt('comment_user_id');
                 }
                 if ($h->cage->post->keyExists('comment_parent')) {
                     $h->comment->parent = $h->cage->post->testInt('comment_parent');
                     if ($h->cage->post->getAlpha('comment_process') == 'editcomment') {
                         $h->comment->id = $h->cage->post->testInt('comment_parent');
                     }
                 }
                 if ($h->cage->post->keyExists('comment_subscribe')) {
                     $h->comment->subscribe = 1;
                 } else {
                     $h->comment->subscribe = 0;
                     $h->comment->unsubscribe($h, $h->comment->postId);
                 }
                 if ($h->cage->post->getAlpha('comment_process') == 'newcomment') {
                     // before posting, we need to be certain this user has permission:
                     $safe = false;
                     $can_comment = $h->currentUser->getPermission('can_comment');
                     if ($can_comment == 'yes') {
                         $safe = true;
                     }
                     if ($can_comment == 'mod') {
                         $safe = true;
                         $h->comment->status = 'pending';
                     }
                     $result = array();
                     // holds results from addComment function
                     // Okay, safe to add the comment...
                     if ($safe) {
                         // A user can unsubscribe by submitting an empty comment, so...
                         if ($h->comment->content != '') {
                             $result = $h->comment->addComment($h);
                             // notify chosen mods of new comment by email if enabled and UserFunctions file exists
                             if ($comments_settings['comment_email_notify'] && file_exists(PLUGINS . 'users/libs/UserFunctions.php')) {
                                 require_once PLUGINS . 'users/libs/UserFunctions.php';
                                 $uf = new UserFunctions();
                                 $uf->notifyMods($h, 'comment', $h->comment->status, $h->comment->postId, $h->comment->id);
                             }
                             // email comment subscribers if this comment has 'approved' status:
                             if ($h->comment->status == 'approved') {
                                 $this->emailCommentSubscribers($h, $h->comment->postId);
                             }
                         } else {
                             //comment empty so just check subscribe box:
                             $h->comment->updateSubscribe($h, $h->comment->postId);
                             $h->messages[$h->lang['comment_moderation_unsubscribed']] = 'green';
                         }
                     }
                     if ($result['exceeded_daily_limit']) {
                         $h->messages[$h->lang['comment_moderation_exceeded_daily_limit']] = 'green';
                     } elseif ($result['exceeded_url_limit']) {
                         $h->messages[$h->lang['comment_moderation_exceeded_url_limit']] = 'green';
                     } elseif ($result['not_enough_comments']) {
                         $h->messages[$h->lang['comment_moderation_not_enough_comments']] = 'green';
                     }
                 } elseif ($h->cage->post->getAlpha('comment_process') == 'editcomment') {
                     // before editing, we need to be certain this user has permission:
                     $safe = false;
                     $can_edit = $h->currentUser->getPermission('can_edit_comments');
                     if ($can_edit == 'yes') {
                         $safe = true;
                     }
                     if ($can_edit == 'own' && $h->currentUser->id == $h->comment->author) {
                         $safe = true;
                     }
                     if ($safe) {
                         $h->comment->editComment($h);
                     }
                 }
                 if ($h->comment->status == 'pending') {
                     return false;
                 }
                 header("Location: " . $h->url(array('page' => $h->comment->postId)));
                 // Go to the post
                 die;
             }
         }
     }
     return false;
 }
Beispiel #3
0
 /**
  * Do Submit Confirm
  */
 public function doSubmitConfirm($h, $funcs = array())
 {
     $post_id = $h->cage->post->testInt('submit_post_id');
     $h->readPost($post_id);
     // be careful! The results are cached and returned on next readPost
     $h->changePostStatus('new');
     $h->post->status = 'new';
     // this fixes a caching-related problem by forcing the new status on the post property
     $return = 0;
     // will return false later if set to 1.
     $h->pluginHook('submit_step_3_pre_trackback');
     // Akismet uses this to change the status
     // set to pending?
     $set_pending = $h->vars['submit_settings']['set_pending'];
     if ($set_pending == 'some_pending') {
         $posts_approved = $h->postsApproved();
         $x_posts_needed = $h->vars['submit_settings']['x_posts'];
     }
     // Set to pending is the user's permissions for "can_submit" are "mod" OR
     // if "Put all new posts in moderation" has been checked in Admin->Submit
     if ($h->currentUser->getPermission('can_submit') == 'mod' || $set_pending == 'all_pending' || $set_pending == 'some_pending' && $posts_approved <= $x_posts_needed) {
         // Submitted posts given 'pending' for this user
         $h->changePostStatus('pending');
         $h->messages[$h->lang['submit_moderation']] = 'green';
         $return = 1;
         // will return false just after we notify admins of the post (see about 10 lines down)
     }
     $h->pluginHook('submit_confirm_pre_trackback');
     // Vote uses this to change post status and redirection
     // notify chosen mods of new post by email if enabled and UserFunctions file exists
     if ($h->vars['submit_settings']['email_notify'] && file_exists(PLUGINS . 'users/libs/UserFunctions.php')) {
         require_once PLUGINS . 'users/libs/UserFunctions.php';
         $uf = new UserFunctions();
         $uf->notifyMods($h, 'post', $h->post->status, $h->post->id);
     }
     if ($return == 1) {
         return false;
     }
     // post is pending so we don't want to send a trackback. Return now.
     $h->sendTrackback();
     if (isset($h->vars['submit_redirect'])) {
         header("Location: " . $h->vars['submit_redirect']);
     } else {
         header("Location: " . $h->url(array('page' => 'latest')));
         // Go to the Latest page
     }
 }