function moderate($cid, $zid, $rid)
{
if (!db_has_rec("comment", $cid)) {
return;
}
if (db_has_rec("comment_vote", array("cid" => $cid, "zid" => $zid))) {
$comment_vote = db_get_rec("comment_vote", array("cid" => $cid, "zid" => $zid));
$old = $comment_vote["rid"];
if ($rid == $old) {
return;
} else {
if ($rid == 0) {
db_del_rec("comment_vote", array("cid" => $cid, "zid" => $zid));
} else {
$comment_vote["rid"] = $rid;
db_set_rec("comment_vote", $comment_vote);
return;
}
}
}
$comment_vote = array();
$comment_vote["cid"] = $cid;
$comment_vote["zid"] = $zid;
$comment_vote["rid"] = $rid;
$comment_vote["time"] = time();
db_set_rec("comment_vote", $comment_vote);
}
function captcha_challenge()
{
global $remote_ip;
list($captcha_id, $question) = get_captcha();
$captcha_challenge = array();
$captcha_challenge["remote_ip"] = $remote_ip;
$captcha_challenge["captcha_id"] = $captcha_id;
db_set_rec("captcha_challenge", $captcha_challenge);
return $question;
}
$fid = add_feed($uri);
}
if (!db_has_rec("feed", $fid)) {
die("fid not found [{$fid}]");
}
if (db_has_rec("feed_user", array("zid" => $auth_zid, "fid" => $fid))) {
die("feed [{$fid}] is already on your page");
}
$row = run_sql("select max(pos) as max_pos from feed_user where zid = ? and col = ?", array($auth_zid, $col));
$pos = $row[0]["max_pos"] + 1;
$feed_user = array();
$feed_user["zid"] = $auth_zid;
$feed_user["fid"] = $fid;
$feed_user["col"] = $col;
$feed_user["pos"] = $pos;
db_set_rec("feed_user", $feed_user);
header("Location: edit");
die;
}
print_header();
writeln('<table class="fill">');
writeln('<tr>');
writeln('<td class="left_col">');
print_left_bar("account", "feed");
writeln('</td>');
writeln('<td class="fill">');
writeln('<form method="post">');
writeln('<div class="dialog_title">Add Feed</div>');
writeln('<div class="dialog_body">');
writeln('<table style="width: 100%">');
writeln(' <tr>');
function add_feed($uri)
{
if (db_has_rec("feed", array("uri" => $uri))) {
//die("feed already exists [$uri]");
$feed = db_get_rec("feed", array("uri" => $uri));
return $feed["fid"];
}
$data = download_feed($uri);
$sp = new SimplePie();
$sp->set_raw_data($data);
$sp->init();
$title = $sp->get_title();
$link = get_feed_link($sp, $uri);
$count = $sp->get_item_quantity();
if (strlen($title) == 0 || $count == 0) {
die("unable to parse feed [{$uri}]");
//die("unable to parse feed [$uri] data [$data]");
}
$feed = array();
$feed["fid"] = 0;
$feed["time"] = time();
$feed["uri"] = $uri;
$feed["title"] = $title;
$feed["link"] = $link;
db_set_rec("feed", $feed);
$feed = db_get_rec("feed", array("uri" => $uri));
save_feed($feed["fid"], $data);
return $feed["fid"];
}
$time = time();
if (!captcha_verify($answer)) {
die("captcha failed");
}
$topic = db_get_rec("topic", $tid);
$title = clean_entities($title);
$new_body = str_replace("\n", "<br>", $body);
$new_body = clean_html($new_body);
if (http_post("preview")) {
print_submit_box($title, $body, $new_body, $tid, true);
die;
}
$pipe = array();
$pipe["pid"] = 0;
$pipe["tid"] = $tid;
$pipe["zid"] = $auth_zid;
$pipe["editor"] = "";
$pipe["title"] = $title;
$pipe["ctitle"] = clean_url($title);
$pipe["icon"] = $topic["icon"];
$pipe["time"] = $time;
$pipe["closed"] = 0;
$pipe["reason"] = "";
$pipe["story"] = $new_body;
db_set_rec("pipe", $pipe);
$pipe = db_get_rec("pipe", array("zid" => $auth_zid, "time" => $time));
$pid = $pipe["pid"];
header("Location: /pipe/{$pid}");
die;
}
print_submit_box("", "", "", 13, false);
//$pipe_vote = db_get_rec("pipe_vote", array("pid" => $pid, "zid" => $auth_zid));
//$value = $pipe_vote["value"];
db_del_rec("pipe_vote", array("pid" => $pid, "zid" => $auth_zid));
$result = "undone";
} else {
if ($up) {
$result = "up";
} else {
$result = "down";
}
$pipe_vote = array();
$pipe_vote["pid"] = $pid;
$pipe_vote["zid"] = $auth_zid;
$pipe_vote["time"] = time();
if ($up) {
$pipe_vote["value"] = 1;
} else {
$pipe_vote["value"] = -1;
}
db_set_rec("pipe_vote", $pipe_vote);
}
if ($redirect) {
header("Location: /pipe/");
die;
}
$row = run_sql("select sum(value) as score from pipe_vote where pid = ?", array($pid));
$score = (int) $row[0]["score"];
if ($score > 0) {
$score = "+{$score}";
}
writeln("{$pid} {$score} {$result}");
function send_web_mail($to, $subject, $body, $in_reply_to = "", $sent = true)
{
global $auth_zid;
global $auth_user;
global $server_name;
global $server_title;
if ($auth_user["real_name"] == "") {
$from = "<{$auth_zid}>";
} else {
$from = $auth_user["real_name"] . " <{$auth_zid}>";
}
if (!$sent) {
$from = "{$server_title} <no-reply@{$server_name}>";
}
$time = time();
$message_id = generate_message_id();
$header = "From: {$from}\r\n";
$header .= "To: {$to}\r\n";
$header .= "Date: " . date("r", $time) . "\r\n";
$header .= "Subject: {$subject}\r\n";
if ($in_reply_to != "") {
$header .= "In-Reply-To: {$in_reply_to}\r\n";
}
$header .= "Message-ID: <{$message_id}>\r\n";
$header .= "Reply-To: {$from}\r\n";
$body = "{$header}\r\n{$body}";
$a = parse_mail_address($to);
if ($a["domain"] == $server_name) {
if (is_local_user($a["email"])) {
$mail = array();
$mail["mail_id"] = 0;
$mail["body"] = $body;
$mail["in_reply_to"] = $in_reply_to;
$mail["location"] = "Inbox";
$mail["mail_from"] = $from;
$mail["message_id"] = $message_id;
$mail["received_time"] = $time;
$mail["rcpt_to"] = $to;
$mail["reply_to"] = $from;
$mail["size"] = strlen($body);
$mail["subject"] = $subject;
$mail["zid"] = $a["email"];
db_set_rec("mail", $mail);
if ($sent) {
$mail["location"] = "Sent";
$mail["zid"] = $auth_zid;
db_set_rec("mail", $mail);
}
}
}
}
$zid = $pipe["zid"];
if (http_post()) {
$title = http_post_string("title", array("len" => 100, "valid" => "[a-z][A-Z][0-9]`~!@#\$%^&*()_+-={}|[]\\:\";',./? "));
$body = http_post_string("story", array("len" => 64000, "valid" => "[ALL]"));
$icon = http_post_string("icon", array("len" => 50, "valid" => "[a-z][0-9]-_"));
$tid = http_post_int("tid");
$title = clean_entities($title);
$new_body = str_replace("\n", "<br>", $body);
$new_body = clean_html($new_body);
if (http_post("publish")) {
$story["tid"] = $tid;
$story["title"] = $title;
$story["ctitle"] = clean_url($title);
$story["icon"] = $icon;
$story["story"] = $new_body;
db_set_rec("story", $story);
header("Location: /story/{$sid}");
die;
}
} else {
$title = $story["title"];
$tid = $story["tid"];
$icon = $story["icon"];
$body = $story["story"];
$new_body = $story["story"];
$body = dirty_html($new_body);
}
$topic = db_get_rec("topic", $tid);
$topic = $topic["topic"];
print_header();
writeln('<form method="post">');
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Pipecode. If not, see <http://www.gnu.org/licenses/>.
//
include "render.php";
$cid = (int) $s2;
if (!http_post()) {
die("error: post method required");
}
if ($auth_zid == "") {
die("error: sign in to moderate");
}
if (!db_has_rec("comment", $cid)) {
die("error: comment not found [{$cid}]");
}
if (db_has_rec("comment_vote", array("cid" => $cid, "zid" => $auth_zid))) {
db_del_rec("comment_vote", array("cid" => $cid, "zid" => $auth_zid));
}
$rid = http_post_int("rid");
if ($rid > 0 && $rid <= 10) {
$comment_vote = array();
$comment_vote["cid"] = $cid;
$comment_vote["zid"] = $auth_zid;
$comment_vote["rid"] = $rid;
$comment_vote["time"] = time();
db_set_rec("comment_vote", $comment_vote);
}
$score = get_comment_score($cid);
writeln("{$cid} {$score}");
$username = http_post_string("username", array("len" => 20, "valid" => "[a-z][A-Z][0-9]"));
$zid = strtolower($username) . "@{$site_name}";
if (!is_local_user($zid)) {
die("no such user [{$zid}]");
}
$user_conf = db_get_conf("user_conf", $zid);
$hash = crypt_sha256(rand());
if (db_has_rec("email_challenge", array("username" => $username))) {
db_del_rec("email_challenge", array("username" => $username));
}
$email_challenge = array();
$email_challenge["challenge"] = $hash;
$email_challenge["username"] = $username;
$email_challenge["email"] = $user["email"];
$email_challenge["expires"] = time() + 86400 * 3;
db_set_rec("email_challenge", $email_challenge);
$subject = "Forgot Password";
$body = "Did you forget your password for \"{$username}\" on {$server_name}?\n";
$body .= "\n";
$body .= "In order to reset your password, you must visit the following link:\n";
$body .= "\n";
if ($https_enabled) {
$body .= "https://{$server_name}/forgot?verify={$hash}\n";
} else {
$body .= "http://{$server_name}/forgot?verify={$hash}\n";
}
$body .= "\n";
$body .= "This confirmation code will expire in 3 days.\n";
print_header("Email Sent");
writeln('<h1>Email Sent</h1>');
writeln('<p>Please visit the link in the email within 3 days to reset your password.</p>');
writeln('</tr>');
writeln('</table>');
print_footer();
die;
}
$comment = array();
$comment["cid"] = 0;
$comment["sid"] = $sid;
$comment["qid"] = $qid;
$comment["pid"] = $pid;
$comment["parent"] = $cid;
$comment["zid"] = $zid;
$comment["time"] = $time;
$comment["subject"] = $subject;
$comment["comment"] = $new_body;
db_set_rec("comment", $comment);
$comment = db_get_rec("comment", array("zid" => $zid, "time" => $time));
send_notifications($cid, $comment);
if ($sid != 0) {
header("Location: /story/{$day}/" . $story["ctitle"]);
} elseif ($pid != 0) {
header("Location: /pipe/{$pid}");
} elseif ($qid != 0) {
header("Location: /poll/{$qid}");
}
die;
}
$sid = http_get_int("sid", array("required" => false));
$cid = http_get_int("cid", array("required" => false));
$pid = http_get_int("pid", array("required" => false));
$qid = http_get_int("qid", array("required" => false));
}
if (http_post("junk")) {
$message["location"] = "Junk";
db_set_rec("mail", $message);
header("Location: /mail/");
die;
}
if (http_post("delete")) {
$message["location"] = "Trash";
db_set_rec("mail", $message);
header("Location: /mail/");
die;
}
if (http_post("restore")) {
$message["location"] = "Inbox";
db_set_rec("mail", $message);
header("Location: /mail/");
die;
}
if (http_post("expunge")) {
$message["location"] = "Trash";
db_del_rec("mail", $message["mail_id"]);
header("Location: /mail/trash");
die;
}
//$address = parse_mail_address($message["mail_from"]);
//$name = array();
//$icon = array();
//$link = array();
//if ($message["location"] != "Junk") {
// $name[] = "Reply";
