/** * Check email confirmation code * * @return true; */ public function checkEmailConfirmation($h) { $user_id = $h->cage->get->getInt('id'); $conf = $h->cage->get->getAlnum('conf'); $user = new UserAuth(); $user->getUserBasic($h, $user_id); if (!$user_id || !$conf) { $h->messages[$h->lang['user_signin_register_emailconf_fail']] = 'red'; } $sql = "SELECT user_email_conf FROM " . TABLE_USERS . " WHERE user_id = %d"; $user_email_conf = $h->db->get_var($h->db->prepare($sql, $user_id)); if ($conf === $user_email_conf) { // update role: $user->role = $h->vars['regStatus']; $h->pluginHook('user_signin_email_conf_post_role'); // update user with new permissions: $new_perms = $user->getDefaultPermissions($h, $user->role); unset($new_perms['options']); // don't need this for individual users $user->setAllPermissions($new_perms); $user->updatePermissions($h); $user->updateUserBasic($h); // set email valid to 1: $sql = "UPDATE " . TABLE_USERS . " SET user_email_valid = %d WHERE user_id = %d"; $h->db->query($h->db->prepare($sql, 1, $user->id)); // notify chosen mods of new user by email: if ($h->vars['useEmailNotify'] == 'checked' && file_exists(PLUGINS . 'users/libs/UserFunctions.php')) { require_once PLUGINS . 'users/libs/UserFunctions.php'; $uf = new UserFunctions(); $uf->notifyMods($h, 'user', $user->role, $user->id); } $success_message = $h->lang['user_signin_register_emailconf_success'] . " <br /><b><a href='" . $h->url(array('page' => 'login')) . "'>" . $h->lang['user_signin_register_emailconf_success_login'] . "</a></b>"; $h->messages[$success_message] = 'green'; } else { $h->messages[$h->lang['user_signin_register_emailconf_fail']] = 'red'; } return true; }
/** * Define table name, include language file and creat global Comments object */ public function theme_index_top($h) { // Create a new global object called "comment". require_once LIBS . 'Comment.php'; $h->comment = new Comment(); // Get settings from database if they exist... $comments_settings = $h->getSerializedSettings(); // Assign settings to class member $h->comment->avatars = $comments_settings['comment_avatars']; $h->comment->avatarSize = $comments_settings['comment_avatar_size']; $h->comment->voting = $comments_settings['comment_voting']; $h->comment->email = $comments_settings['comment_email']; $h->comment->allowableTags = $comments_settings['comment_allowable_tags']; $h->comment->levels = $comments_settings['comment_levels']; $h->comment->setPending = $comments_settings['comment_set_pending']; $h->comment->allForms = $comments_settings['comment_all_forms']; $h->vars['comment_hide'] = $comments_settings['comment_hide']; if ($h->pageName == 'rss_comments') { $this->rssFeed($h); return true; } if ($h->pageName == 'comments') { // set current comment and responses to pending: if ($h->cage->get->getAlpha('action') == 'setpending') { // before setting pending, we need to be certain this user has permission: if ($h->currentUser->loggedIn && $h->currentUser->getPermission('can_set_comments_pending') == 'yes') { $cid = $h->cage->get->testInt('cid'); // comment id $comment = $h->comment->getComment($h, $cid); $h->comment->readComment($h, $comment); // read comment $h->comment->status = 'pending'; // set to pending $h->comment->editComment($h); // update this comment $h->comment->postId = $h->cage->get->testInt('pid'); // post id $h->comment->setPendingCommentTree($h, $cid); // set all responses to 'pending', too. // redirect back to thread: $h->post = new Post(); $h->readPost($h->comment->postId); header("Location: " . $h->url(array('page' => $h->post->id))); // Go to the post die; } } // delete current comment and responses: if ($h->cage->get->getAlpha('action') == 'delete') { // before deleting a comment, we need to be certain this user has permission: if ($h->currentUser->loggedIn && $h->currentUser->getPermission('can_delete_comments') == 'yes') { $cid = $h->cage->get->testInt('cid'); // comment id $comment = $h->comment->getComment($h, $cid); $h->comment->readComment($h, $comment); // read comment $h->pluginHook('comments_delete_comment'); $h->comment->deleteComment($h, $cid); // delete this comment $h->comment->deleteCommentTree($h, $cid); // delete all responses, too. $h->clearCache('html_cache', false); // clear HTML cache to refresh Comments and Activity widgets $h->comment->postId = $h->cage->get->testInt('pid'); // post id // redirect back to thread: $h->readPost($h->comment->postId); header("Location: " . $h->url(array('page' => $h->comment->postId))); // Go to the post die; } } // FOR THE COMMENTS PAGE: $h->pageTitle = $h->lang['comments']; if ($h->cage->get->keyExists('user')) { $h->pageTitle .= '[delimiter]' . $h->cage->get->testUsername('user'); } } // Is the comment form open on this thread? $h->comment->thisForm = $h->comment->formStatus($h, 'select'); // returns 'open' or 'closed' if ($h->pageType == 'post' && $h->comment->thisForm == 'open' && $h->comment->allForms == 'checked') { if ($h->currentUser->loggedIn) { if ($h->cage->post->getAlpha('comment_process') == 'newcomment' || $h->cage->post->getAlpha('comment_process') == 'editcomment') { if ($h->cage->post->keyExists('comment_content')) { $h->comment->content = sanitize($h->cage->post->getHtmLawed('comment_content'), 'tags', $h->comment->allowableTags); $h->comment->content = make_urls_clickable($h->comment->content); } if ($h->cage->post->keyExists('comment_post_id')) { $h->comment->postId = $h->cage->post->testInt('comment_post_id'); } if ($h->cage->post->keyExists('comment_user_id')) { $h->comment->author = $h->cage->post->testInt('comment_user_id'); } if ($h->cage->post->keyExists('comment_parent')) { $h->comment->parent = $h->cage->post->testInt('comment_parent'); if ($h->cage->post->getAlpha('comment_process') == 'editcomment') { $h->comment->id = $h->cage->post->testInt('comment_parent'); } } if ($h->cage->post->keyExists('comment_subscribe')) { $h->comment->subscribe = 1; } else { $h->comment->subscribe = 0; $h->comment->unsubscribe($h, $h->comment->postId); } if ($h->cage->post->getAlpha('comment_process') == 'newcomment') { // before posting, we need to be certain this user has permission: $safe = false; $can_comment = $h->currentUser->getPermission('can_comment'); if ($can_comment == 'yes') { $safe = true; } if ($can_comment == 'mod') { $safe = true; $h->comment->status = 'pending'; } $result = array(); // holds results from addComment function // Okay, safe to add the comment... if ($safe) { // A user can unsubscribe by submitting an empty comment, so... if ($h->comment->content != '') { $result = $h->comment->addComment($h); // notify chosen mods of new comment by email if enabled and UserFunctions file exists if ($comments_settings['comment_email_notify'] && file_exists(PLUGINS . 'users/libs/UserFunctions.php')) { require_once PLUGINS . 'users/libs/UserFunctions.php'; $uf = new UserFunctions(); $uf->notifyMods($h, 'comment', $h->comment->status, $h->comment->postId, $h->comment->id); } // email comment subscribers if this comment has 'approved' status: if ($h->comment->status == 'approved') { $this->emailCommentSubscribers($h, $h->comment->postId); } } else { //comment empty so just check subscribe box: $h->comment->updateSubscribe($h, $h->comment->postId); $h->messages[$h->lang['comment_moderation_unsubscribed']] = 'green'; } } if ($result['exceeded_daily_limit']) { $h->messages[$h->lang['comment_moderation_exceeded_daily_limit']] = 'green'; } elseif ($result['exceeded_url_limit']) { $h->messages[$h->lang['comment_moderation_exceeded_url_limit']] = 'green'; } elseif ($result['not_enough_comments']) { $h->messages[$h->lang['comment_moderation_not_enough_comments']] = 'green'; } } elseif ($h->cage->post->getAlpha('comment_process') == 'editcomment') { // before editing, we need to be certain this user has permission: $safe = false; $can_edit = $h->currentUser->getPermission('can_edit_comments'); if ($can_edit == 'yes') { $safe = true; } if ($can_edit == 'own' && $h->currentUser->id == $h->comment->author) { $safe = true; } if ($safe) { $h->comment->editComment($h); } } if ($h->comment->status == 'pending') { return false; } header("Location: " . $h->url(array('page' => $h->comment->postId))); // Go to the post die; } } } return false; }
/** * Do Submit Confirm */ public function doSubmitConfirm($h, $funcs = array()) { $post_id = $h->cage->post->testInt('submit_post_id'); $h->readPost($post_id); // be careful! The results are cached and returned on next readPost $h->changePostStatus('new'); $h->post->status = 'new'; // this fixes a caching-related problem by forcing the new status on the post property $return = 0; // will return false later if set to 1. $h->pluginHook('submit_step_3_pre_trackback'); // Akismet uses this to change the status // set to pending? $set_pending = $h->vars['submit_settings']['set_pending']; if ($set_pending == 'some_pending') { $posts_approved = $h->postsApproved(); $x_posts_needed = $h->vars['submit_settings']['x_posts']; } // Set to pending is the user's permissions for "can_submit" are "mod" OR // if "Put all new posts in moderation" has been checked in Admin->Submit if ($h->currentUser->getPermission('can_submit') == 'mod' || $set_pending == 'all_pending' || $set_pending == 'some_pending' && $posts_approved <= $x_posts_needed) { // Submitted posts given 'pending' for this user $h->changePostStatus('pending'); $h->messages[$h->lang['submit_moderation']] = 'green'; $return = 1; // will return false just after we notify admins of the post (see about 10 lines down) } $h->pluginHook('submit_confirm_pre_trackback'); // Vote uses this to change post status and redirection // notify chosen mods of new post by email if enabled and UserFunctions file exists if ($h->vars['submit_settings']['email_notify'] && file_exists(PLUGINS . 'users/libs/UserFunctions.php')) { require_once PLUGINS . 'users/libs/UserFunctions.php'; $uf = new UserFunctions(); $uf->notifyMods($h, 'post', $h->post->status, $h->post->id); } if ($return == 1) { return false; } // post is pending so we don't want to send a trackback. Return now. $h->sendTrackback(); if (isset($h->vars['submit_redirect'])) { header("Location: " . $h->vars['submit_redirect']); } else { header("Location: " . $h->url(array('page' => 'latest'))); // Go to the Latest page } }