/**
* Check email confirmation code
*
* @return true;
*/
public function checkEmailConfirmation($h)
{
$user_id = $h->cage->get->getInt('id');
$conf = $h->cage->get->getAlnum('conf');
$user = new UserAuth();
$user->getUserBasic($h, $user_id);
if (!$user_id || !$conf) {
$h->messages[$h->lang['user_signin_register_emailconf_fail']] = 'red';
}
$sql = "SELECT user_email_conf FROM " . TABLE_USERS . " WHERE user_id = %d";
$user_email_conf = $h->db->get_var($h->db->prepare($sql, $user_id));
if ($conf === $user_email_conf) {
// update role:
$user->role = $h->vars['regStatus'];
$h->pluginHook('user_signin_email_conf_post_role');
// update user with new permissions:
$new_perms = $user->getDefaultPermissions($h, $user->role);
unset($new_perms['options']);
// don't need this for individual users
$user->setAllPermissions($new_perms);
$user->updatePermissions($h);
$user->updateUserBasic($h);
// set email valid to 1:
$sql = "UPDATE " . TABLE_USERS . " SET user_email_valid = %d WHERE user_id = %d";
$h->db->query($h->db->prepare($sql, 1, $user->id));
// notify chosen mods of new user by email:
if ($h->vars['useEmailNotify'] == 'checked' && file_exists(PLUGINS . 'users/libs/UserFunctions.php')) {
require_once PLUGINS . 'users/libs/UserFunctions.php';
$uf = new UserFunctions();
$uf->notifyMods($h, 'user', $user->role, $user->id);
}
$success_message = $h->lang['user_signin_register_emailconf_success'] . " <br /><b><a href='" . $h->url(array('page' => 'login')) . "'>" . $h->lang['user_signin_register_emailconf_success_login'] . "</a></b>";
$h->messages[$success_message] = 'green';
} else {
$h->messages[$h->lang['user_signin_register_emailconf_fail']] = 'red';
}
return true;
}
/**
* Define table name, include language file and creat global Comments object
*/
public function theme_index_top($h)
{
// Create a new global object called "comment".
require_once LIBS . 'Comment.php';
$h->comment = new Comment();
// Get settings from database if they exist...
$comments_settings = $h->getSerializedSettings();
// Assign settings to class member
$h->comment->avatars = $comments_settings['comment_avatars'];
$h->comment->avatarSize = $comments_settings['comment_avatar_size'];
$h->comment->voting = $comments_settings['comment_voting'];
$h->comment->email = $comments_settings['comment_email'];
$h->comment->allowableTags = $comments_settings['comment_allowable_tags'];
$h->comment->levels = $comments_settings['comment_levels'];
$h->comment->setPending = $comments_settings['comment_set_pending'];
$h->comment->allForms = $comments_settings['comment_all_forms'];
$h->vars['comment_hide'] = $comments_settings['comment_hide'];
if ($h->pageName == 'rss_comments') {
$this->rssFeed($h);
return true;
}
if ($h->pageName == 'comments') {
// set current comment and responses to pending:
if ($h->cage->get->getAlpha('action') == 'setpending') {
// before setting pending, we need to be certain this user has permission:
if ($h->currentUser->loggedIn && $h->currentUser->getPermission('can_set_comments_pending') == 'yes') {
$cid = $h->cage->get->testInt('cid');
// comment id
$comment = $h->comment->getComment($h, $cid);
$h->comment->readComment($h, $comment);
// read comment
$h->comment->status = 'pending';
// set to pending
$h->comment->editComment($h);
// update this comment
$h->comment->postId = $h->cage->get->testInt('pid');
// post id
$h->comment->setPendingCommentTree($h, $cid);
// set all responses to 'pending', too.
// redirect back to thread:
$h->post = new Post();
$h->readPost($h->comment->postId);
header("Location: " . $h->url(array('page' => $h->post->id)));
// Go to the post
die;
}
}
// delete current comment and responses:
if ($h->cage->get->getAlpha('action') == 'delete') {
// before deleting a comment, we need to be certain this user has permission:
if ($h->currentUser->loggedIn && $h->currentUser->getPermission('can_delete_comments') == 'yes') {
$cid = $h->cage->get->testInt('cid');
// comment id
$comment = $h->comment->getComment($h, $cid);
$h->comment->readComment($h, $comment);
// read comment
$h->pluginHook('comments_delete_comment');
$h->comment->deleteComment($h, $cid);
// delete this comment
$h->comment->deleteCommentTree($h, $cid);
// delete all responses, too.
$h->clearCache('html_cache', false);
// clear HTML cache to refresh Comments and Activity widgets
$h->comment->postId = $h->cage->get->testInt('pid');
// post id
// redirect back to thread:
$h->readPost($h->comment->postId);
header("Location: " . $h->url(array('page' => $h->comment->postId)));
// Go to the post
die;
}
}
// FOR THE COMMENTS PAGE:
$h->pageTitle = $h->lang['comments'];
if ($h->cage->get->keyExists('user')) {
$h->pageTitle .= '[delimiter]' . $h->cage->get->testUsername('user');
}
}
// Is the comment form open on this thread?
$h->comment->thisForm = $h->comment->formStatus($h, 'select');
// returns 'open' or 'closed'
if ($h->pageType == 'post' && $h->comment->thisForm == 'open' && $h->comment->allForms == 'checked') {
if ($h->currentUser->loggedIn) {
if ($h->cage->post->getAlpha('comment_process') == 'newcomment' || $h->cage->post->getAlpha('comment_process') == 'editcomment') {
if ($h->cage->post->keyExists('comment_content')) {
$h->comment->content = sanitize($h->cage->post->getHtmLawed('comment_content'), 'tags', $h->comment->allowableTags);
$h->comment->content = make_urls_clickable($h->comment->content);
}
if ($h->cage->post->keyExists('comment_post_id')) {
$h->comment->postId = $h->cage->post->testInt('comment_post_id');
}
if ($h->cage->post->keyExists('comment_user_id')) {
$h->comment->author = $h->cage->post->testInt('comment_user_id');
}
if ($h->cage->post->keyExists('comment_parent')) {
$h->comment->parent = $h->cage->post->testInt('comment_parent');
if ($h->cage->post->getAlpha('comment_process') == 'editcomment') {
$h->comment->id = $h->cage->post->testInt('comment_parent');
}
}
if ($h->cage->post->keyExists('comment_subscribe')) {
$h->comment->subscribe = 1;
} else {
$h->comment->subscribe = 0;
$h->comment->unsubscribe($h, $h->comment->postId);
}
if ($h->cage->post->getAlpha('comment_process') == 'newcomment') {
// before posting, we need to be certain this user has permission:
$safe = false;
$can_comment = $h->currentUser->getPermission('can_comment');
if ($can_comment == 'yes') {
$safe = true;
}
if ($can_comment == 'mod') {
$safe = true;
$h->comment->status = 'pending';
}
$result = array();
// holds results from addComment function
// Okay, safe to add the comment...
if ($safe) {
// A user can unsubscribe by submitting an empty comment, so...
if ($h->comment->content != '') {
$result = $h->comment->addComment($h);
// notify chosen mods of new comment by email if enabled and UserFunctions file exists
if ($comments_settings['comment_email_notify'] && file_exists(PLUGINS . 'users/libs/UserFunctions.php')) {
require_once PLUGINS . 'users/libs/UserFunctions.php';
$uf = new UserFunctions();
$uf->notifyMods($h, 'comment', $h->comment->status, $h->comment->postId, $h->comment->id);
}
// email comment subscribers if this comment has 'approved' status:
if ($h->comment->status == 'approved') {
$this->emailCommentSubscribers($h, $h->comment->postId);
}
} else {
//comment empty so just check subscribe box:
$h->comment->updateSubscribe($h, $h->comment->postId);
$h->messages[$h->lang['comment_moderation_unsubscribed']] = 'green';
}
}
if ($result['exceeded_daily_limit']) {
$h->messages[$h->lang['comment_moderation_exceeded_daily_limit']] = 'green';
} elseif ($result['exceeded_url_limit']) {
$h->messages[$h->lang['comment_moderation_exceeded_url_limit']] = 'green';
} elseif ($result['not_enough_comments']) {
$h->messages[$h->lang['comment_moderation_not_enough_comments']] = 'green';
}
} elseif ($h->cage->post->getAlpha('comment_process') == 'editcomment') {
// before editing, we need to be certain this user has permission:
$safe = false;
$can_edit = $h->currentUser->getPermission('can_edit_comments');
if ($can_edit == 'yes') {
$safe = true;
}
if ($can_edit == 'own' && $h->currentUser->id == $h->comment->author) {
$safe = true;
}
if ($safe) {
$h->comment->editComment($h);
}
}
if ($h->comment->status == 'pending') {
return false;
}
header("Location: " . $h->url(array('page' => $h->comment->postId)));
// Go to the post
die;
}
}
}
return false;
}
/**
* Do Submit Confirm
*/
public function doSubmitConfirm($h, $funcs = array())
{
$post_id = $h->cage->post->testInt('submit_post_id');
$h->readPost($post_id);
// be careful! The results are cached and returned on next readPost
$h->changePostStatus('new');
$h->post->status = 'new';
// this fixes a caching-related problem by forcing the new status on the post property
$return = 0;
// will return false later if set to 1.
$h->pluginHook('submit_step_3_pre_trackback');
// Akismet uses this to change the status
// set to pending?
$set_pending = $h->vars['submit_settings']['set_pending'];
if ($set_pending == 'some_pending') {
$posts_approved = $h->postsApproved();
$x_posts_needed = $h->vars['submit_settings']['x_posts'];
}
// Set to pending is the user's permissions for "can_submit" are "mod" OR
// if "Put all new posts in moderation" has been checked in Admin->Submit
if ($h->currentUser->getPermission('can_submit') == 'mod' || $set_pending == 'all_pending' || $set_pending == 'some_pending' && $posts_approved <= $x_posts_needed) {
// Submitted posts given 'pending' for this user
$h->changePostStatus('pending');
$h->messages[$h->lang['submit_moderation']] = 'green';
$return = 1;
// will return false just after we notify admins of the post (see about 10 lines down)
}
$h->pluginHook('submit_confirm_pre_trackback');
// Vote uses this to change post status and redirection
// notify chosen mods of new post by email if enabled and UserFunctions file exists
if ($h->vars['submit_settings']['email_notify'] && file_exists(PLUGINS . 'users/libs/UserFunctions.php')) {
require_once PLUGINS . 'users/libs/UserFunctions.php';
$uf = new UserFunctions();
$uf->notifyMods($h, 'post', $h->post->status, $h->post->id);
}
if ($return == 1) {
return false;
}
// post is pending so we don't want to send a trackback. Return now.
$h->sendTrackback();
if (isset($h->vars['submit_redirect'])) {
header("Location: " . $h->vars['submit_redirect']);
} else {
header("Location: " . $h->url(array('page' => 'latest')));
// Go to the Latest page
}
}
