Ejemplo n.º 1
0
function qa_admin_check_clicks()
{
    if (qa_is_http_post()) {
        foreach ($_POST as $field => $value) {
            if (strpos($field, 'admin_') === 0) {
                @(list($dummy, $postid, $action) = explode('_', $field));
                if (strlen($postid) && strlen($action) && qa_admin_single_click($postid, $action)) {
                    qa_redirect(qa_request());
                }
            }
        }
    }
}
Ejemplo n.º 2
0
    qa_set_template('custom-' . $custompage['pageid']);
    $qa_content = qa_content_prepare();
    $level = qa_get_logged_in_level();
    if (!qa_permit_value_error($custompage['permit'], $userid, $level, qa_get_logged_in_flags()) || !isset($custompage['permit'])) {
        $qa_content['title'] = qa_html($custompage['heading']);
        $qa_content['custom'] = $custompage['content'];
        if ($level >= QA_USER_LEVEL_ADMIN) {
            $qa_content['navigation']['sub'] = array('admin/pages' => array('label' => qa_lang('admin/edit_custom_page'), 'url' => qa_path_html('admin/pages', array('edit' => $custompage['pageid']))));
        }
    } else {
        $qa_content['error'] = qa_lang_html('users/no_permission');
    }
    return $qa_content;
}
//	Then, see if we should redirect because the 'qa' page is the same as the home page
if ($explicitqa && !qa_is_http_post() && !qa_has_custom_home()) {
    qa_redirect(qa_category_path_request($categories, $categoryid), $_GET);
}
//	Then, if there's a slug that matches no category, check page modules provided by plugins
if (!$explicitqa && $countslugs && !isset($categoryid)) {
    $pagemodules = qa_load_modules_with('page', 'match_request');
    $request = qa_request();
    foreach ($pagemodules as $pagemodule) {
        if ($pagemodule->match_request($request)) {
            qa_set_template('plugin');
            return $pagemodule->process_request($request);
        }
    }
}
//	Then, check whether we are showing a custom home page
if (!$explicitqa && !$countslugs && qa_opt('show_custom_home')) {
Ejemplo n.º 3
0
 /**
  * Outputs cache to the user
  */
 private function get_cache()
 {
     qa_report_process_stage('init_page');
     qa_db_connect('qa_page_db_fail_handler');
     qa_page_queue_pending();
     qa_load_state();
     qa_check_login_modules();
     if (QA_DEBUG_PERFORMANCE) {
         if (qa_qa_version_below('1.7')) {
             qa_usage_mark('setup');
         } else {
             //global $qa_usage;
             //$qa_usage->mark('setup');
             null;
         }
     }
     qa_check_page_clicks();
     qa_set_form_security_key();
     if (!QA_CACHING_FILE) {
         $contents = $this->get_cache_db();
     } else {
         $contents = $this->get_cache_file();
     }
     $qa_content = array();
     // Dummy contents
     $userid = qa_get_logged_in_userid();
     $questionid = qa_request_part(0);
     $cookieid = qa_cookie_get(true);
     if (is_numeric($questionid)) {
         $question = qa_db_select_with_pending(qa_db_full_post_selectspec($userid, $questionid));
         if (is_numeric($questionid) && qa_opt('do_count_q_views') && !preg_match("/^(?:POST|PUT)\$/i", $_SERVER["REQUEST_METHOD"]) && !qa_is_http_post() && qa_is_human_probably() && (!$question['views'] || ($question['lastviewip'] != qa_remote_ip_address() || !isset($question['lastviewip'])) && ($question['createip'] != qa_remote_ip_address() || !isset($question['createip'])) && ($question['userid'] != $userid || !isset($question['userid'])) && ($question['cookieid'] != $cookieid || !isset($question['cookieid'])))) {
             $qa_content['inc_views_postid'] = $questionid;
         } else {
             $qa_content['inc_views_postid'] = null;
         }
         qa_do_content_stats($qa_content);
     }
     if (QA_DEBUG_PERFORMANCE) {
         ob_start();
         if (qa_qa_version_below('1.7')) {
             qa_usage_output();
         } else {
             global $qa_usage;
             $qa_usage->output();
         }
         $contents .= ob_get_contents();
         ob_end_clean();
     }
     qa_db_disconnect();
     header('Content-type: ' . strtr('^type/^format; charset=utf-8', array('^type' => 'text', '^format' => $this->get_cache_file_extension())));
     exit($contents);
 }
Ejemplo n.º 4
0
function qa_admin_check_clicks()
{
    if (qa_is_http_post()) {
        foreach ($_POST as $field => $value) {
            if (strpos($field, 'admin_') === 0) {
                @(list($dummy, $entityid, $action) = explode('_', $field));
                if (strlen($entityid) && strlen($action)) {
                    if (!qa_check_form_security_code('admin/click', qa_post_text('code'))) {
                        return qa_lang_html('misc/form_security_again');
                    } elseif (qa_admin_single_click($entityid, $action)) {
                        qa_redirect(qa_request());
                    }
                }
            }
        }
    }
    return null;
}
$qa_content['script_rel'][] = 'qa-content/qa-admin.js?' . QA_VERSION;
$pluginfiles = glob(QA_PLUGIN_DIR . '*/qa-plugin.php');
foreach ($moduletypes as $type) {
    $modules = qa_load_modules_with($type, 'init_queries');
    foreach ($modules as $name => $module) {
        $queries = $module->init_queries($tables);
        if (!empty($queries)) {
            if (qa_is_http_post()) {
                qa_redirect('install');
            } else {
                $qa_content['error'] = strtr(qa_lang_html('admin/module_x_database_init'), array('^1' => qa_html($name), '^2' => qa_html($type), '^3' => '<a href="' . qa_path_html('install') . '">', '^4' => '</a>'));
            }
        }
    }
}
if (qa_is_http_post() && !qa_check_form_security_code('admin/plugins', qa_post_text('qa_form_security_code'))) {
    $qa_content['error'] = qa_lang_html('misc/form_security_reload');
    $showpluginforms = false;
} else {
    $showpluginforms = true;
}
if (count($pluginfiles)) {
    foreach ($pluginfiles as $pluginindex => $pluginfile) {
        $plugindirectory = dirname($pluginfile) . '/';
        $hash = qa_admin_plugin_directory_hash($plugindirectory);
        $showthisform = $showpluginforms && qa_get('show') == $hash;
        $contents = file_get_contents($pluginfile);
        $metadata = qa_admin_addon_metadata($contents, array('name' => 'Plugin Name', 'uri' => 'Plugin URI', 'description' => 'Plugin Description', 'version' => 'Plugin Version', 'date' => 'Plugin Date', 'author' => 'Plugin Author', 'author_uri' => 'Plugin Author URI', 'license' => 'Plugin License', 'min_q2a' => 'Plugin Minimum Question2Answer Version', 'min_php' => 'Plugin Minimum PHP Version', 'update' => 'Plugin Update Check URI'));
        if (strlen(@$metadata['name'])) {
            $namehtml = qa_html($metadata['name']);
        } else {
Ejemplo n.º 6
0
$in = array();
$followpostid = qa_get('follow');
$in['categoryid'] = qa_get_category_field_value('category');
if (!isset($in['categoryid'])) {
    $in['categoryid'] = qa_get('cat');
}
$userid = qa_get_logged_in_userid();
@(list($categories, $followanswer, $completetags) = qa_db_select_with_pending(qa_db_category_nav_selectspec($in['categoryid'], true), isset($followpostid) ? qa_db_full_post_selectspec($userid, $followpostid) : null, qa_db_popular_tags_selectspec(0, QA_DB_RETRIEVE_COMPLETE_TAGS)));
if (!isset($categories[$in['categoryid']])) {
    $in['categoryid'] = null;
}
if (@$followanswer['basetype'] != 'A') {
    $followanswer = null;
}
//	Check for permission error
$permiterror = qa_user_permit_error('permit_post_q', qa_is_http_post() ? QA_LIMIT_QUESTIONS : null);
// only check rate limit later on
if ($permiterror) {
    $qa_content = qa_content_prepare();
    switch ($permiterror) {
        case 'login':
            $qa_content['error'] = qa_insert_login_links(qa_lang_html('question/ask_must_login'), qa_request(), isset($followpostid) ? array('follow' => $followpostid) : null);
            break;
        case 'confirm':
            $qa_content['error'] = qa_insert_login_links(qa_lang_html('question/ask_must_confirm'), qa_request(), isset($followpostid) ? array('follow' => $followpostid) : null);
            break;
        case 'limit':
            $qa_content['error'] = qa_lang_html('question/ask_limit');
            break;
        default:
            $qa_content['error'] = qa_lang_html('users/no_permission');
Ejemplo n.º 7
0
}
if ($question['basetype'] == 'Q') {
    $qa_content['a_list']['title_tags'] = 'id="a_list_title"';
    if ($countfortitle > 0) {
        $split = $countfortitle == 1 ? qa_lang_html_sub_split('question/1_answer_title', '1', '1') : qa_lang_html_sub_split('question/x_answers_title', $countfortitle);
        if ($microdata) {
            $split['data'] = '<span itemprop="answerCount">' . $split['data'] . '</span>';
        }
        $qa_content['a_list']['title'] = $split['prefix'] . $split['data'] . $split['suffix'];
    } else {
        $qa_content['a_list']['title_tags'] .= ' style="display:none;" ';
    }
}
if (!$formrequested) {
    $qa_content['page_links'] = qa_html_page_links(qa_request(), $pagestart, $pagesize, $countforpages, qa_opt('pages_prev_next'), array(), false, 'a_list_title');
}
//	Some generally useful stuff
if (qa_using_categories() && count($categories)) {
    $qa_content['navigation']['cat'] = qa_category_navigation($categories, $question['categoryid']);
}
if (isset($jumptoanchor)) {
    $qa_content['script_onloads'][] = array('qa_scroll_page_to($("#"+' . qa_js($jumptoanchor) . ').offset().top);');
}
//	Determine whether this request should be counted for page view statistics
if (qa_opt('do_count_q_views') && !$formrequested && !qa_is_http_post() && qa_is_human_probably() && (!$question['views'] || ($question['lastviewip'] != qa_remote_ip_address() || !isset($question['lastviewip'])) && ($question['createip'] != qa_remote_ip_address() || !isset($question['createip'])) && ($question['userid'] != $userid || !isset($question['userid'])) && ($question['cookieid'] != $cookieid || !isset($question['cookieid'])))) {
    $qa_content['inc_views_postid'] = $questionid;
}
return $qa_content;
/*
	Omit PHP closing tag to help avoid accidental output
*/
Ejemplo n.º 8
0
function ra_installed_plugin()
{
    $tables = qa_db_list_tables_lc();
    $moduletypes = qa_list_module_types();
    $pluginfiles = glob(QA_PLUGIN_DIR . '*/qa-plugin.php');
    foreach ($moduletypes as $type) {
        $modules = qa_load_modules_with($type, 'init_queries');
        foreach ($modules as $name => $module) {
            $queries = $module->init_queries($tables);
            if (!empty($queries)) {
                if (qa_is_http_post()) {
                    qa_redirect('install');
                } else {
                    $qa_content['error'] = strtr(qa_lang_html('admin/module_x_database_init'), array('^1' => qa_html($name), '^2' => qa_html($type), '^3' => '<a href="' . qa_path_html('install') . '">', '^4' => '</a>'));
                }
            }
        }
    }
    if (qa_is_http_post() && !qa_check_form_security_code('admin/plugins', qa_post_text('qa_form_security_code'))) {
        $qa_content['error'] = qa_lang_html('misc/form_security_reload');
        $showpluginforms = false;
    } else {
        $showpluginforms = true;
    }
    $plugin = array();
    if (count($pluginfiles)) {
        foreach ($pluginfiles as $pluginindex => $pluginfile) {
            $plugindirectory = dirname($pluginfile) . '/';
            $hash = qa_admin_plugin_directory_hash($plugindirectory);
            $showthisform = $showpluginforms && qa_get('show') == $hash;
            $contents = file_get_contents($pluginfile);
            $metadata = qa_admin_addon_metadata($contents, array('name' => 'Plugin Name', 'uri' => 'Plugin URI', 'description' => 'Plugin Description', 'version' => 'Plugin Version', 'date' => 'Plugin Date', 'author' => 'Plugin Author', 'author_uri' => 'Plugin Author URI', 'license' => 'Plugin License', 'min_q2a' => 'Plugin Minimum Question2Answer Version', 'min_php' => 'Plugin Minimum PHP Version', 'update' => 'Plugin Update Check URI'));
            if (strlen(@$metadata['name'])) {
                $namehtml = qa_html($metadata['name']);
            } else {
                $namehtml = qa_lang_html('admin/unnamed_plugin');
            }
            $plugin_name = $namehtml;
            if (strlen(@$metadata['uri'])) {
                $plugin_uri = qa_html($metadata['uri']);
            }
            if (strlen(@$metadata['version'])) {
                $plugin_version = qa_html($metadata['version']);
            }
            if (strlen(@$metadata['author'])) {
                $plugin_author = qa_html($metadata['author']);
                if (strlen(@$metadata['author_uri'])) {
                    $plugin_author_url = qa_html($metadata['author_uri']);
                }
            }
            if (strlen(@$metadata['version']) && strlen(@$metadata['update'])) {
                $elementid = 'version_check_' . md5($plugindirectory);
                $plugin_update = '(<span id="' . $elementid . '"></span>)';
                $qa_content['script_onloads'][] = array("qa_version_check(" . qa_js($metadata['update']) . ", 'Plugin Version', " . qa_js($metadata['version'], true) . ", 'Plugin URI', " . qa_js($elementid) . ");");
            }
            if (strlen(@$metadata['description'])) {
                $plugin_description = qa_html($metadata['description']);
            }
            //if (isset($pluginoptionmodules[$plugindirectory]))
            $plugin_option = qa_admin_plugin_options_path($plugindirectory);
            if (qa_qa_version_below(@$metadata['min_q2a'])) {
                $plugin_error = qa_lang_html_sub('admin/requires_q2a_version', qa_html($metadata['min_q2a']));
            } elseif (qa_php_version_below(@$metadata['min_php'])) {
                $plugin_error = qa_lang_html_sub('admin/requires_php_version', qa_html($metadata['min_php']));
            }
            $plugin[] = array('tags' => 'id="' . qa_html($hash) . '"', 'name' => @$plugin_name, 'uri' => @$plugin_uri, 'version' => @$plugin_version, 'author' => @$plugin_author, 'author_url' => @$plugin_author_url, 'update' => @$plugin_update, 'description' => @$plugin_description, 'path' => @$plugindirectory, 'option' => @$plugin_option, 'error' => @$plugin_error, 'fields' => array(array('type' => 'custom')));
        }
    }
    return $plugin;
}
Ejemplo n.º 9
0
function qa_check_page_clicks()
{
    if (qa_to_override(__FUNCTION__)) {
        $args = func_get_args();
        return qa_call_override(__FUNCTION__, $args);
    }
    global $qa_page_error_html;
    if (qa_is_http_post()) {
        foreach ($_POST as $field => $value) {
            if (strpos($field, 'vote_') === 0) {
                // voting...
                @(list($dummy, $postid, $vote, $anchor) = explode('_', $field));
                if (isset($postid) && isset($vote)) {
                    if (!qa_check_form_security_code('vote', qa_post_text('code'))) {
                        $qa_page_error_html = qa_lang_html('misc/form_security_again');
                    } else {
                        require_once QA_INCLUDE_DIR . 'app/votes.php';
                        require_once QA_INCLUDE_DIR . 'db/selects.php';
                        $userid = qa_get_logged_in_userid();
                        $post = qa_db_select_with_pending(qa_db_full_post_selectspec($userid, $postid));
                        $qa_page_error_html = qa_vote_error_html($post, $vote, $userid, qa_request());
                        if (!$qa_page_error_html) {
                            qa_vote_set($post, $userid, qa_get_logged_in_handle(), qa_cookie_get(), $vote);
                            qa_redirect(qa_request(), $_GET, null, null, $anchor);
                        }
                        break;
                    }
                }
            } elseif (strpos($field, 'favorite_') === 0) {
                // favorites...
                @(list($dummy, $entitytype, $entityid, $favorite) = explode('_', $field));
                if (isset($entitytype) && isset($entityid) && isset($favorite)) {
                    if (!qa_check_form_security_code('favorite-' . $entitytype . '-' . $entityid, qa_post_text('code'))) {
                        $qa_page_error_html = qa_lang_html('misc/form_security_again');
                    } else {
                        require_once QA_INCLUDE_DIR . 'app/favorites.php';
                        qa_user_favorite_set(qa_get_logged_in_userid(), qa_get_logged_in_handle(), qa_cookie_get(), $entitytype, $entityid, $favorite);
                        qa_redirect(qa_request(), $_GET);
                    }
                }
            } elseif (strpos($field, 'notice_') === 0) {
                // notices...
                @(list($dummy, $noticeid) = explode('_', $field));
                if (isset($noticeid)) {
                    if (!qa_check_form_security_code('notice-' . $noticeid, qa_post_text('code'))) {
                        $qa_page_error_html = qa_lang_html('misc/form_security_again');
                    } else {
                        if ($noticeid == 'visitor') {
                            setcookie('qa_noticed', 1, time() + 86400 * 3650, '/', QA_COOKIE_DOMAIN);
                        } elseif ($noticeid == 'welcome') {
                            require_once QA_INCLUDE_DIR . 'db/users.php';
                            qa_db_user_set_flag(qa_get_logged_in_userid(), QA_USER_FLAGS_WELCOME_NOTICE, false);
                        } else {
                            require_once QA_INCLUDE_DIR . 'db/notices.php';
                            qa_db_usernotice_delete(qa_get_logged_in_userid(), $noticeid);
                        }
                        qa_redirect(qa_request(), $_GET);
                    }
                }
            }
        }
    }
}
Ejemplo n.º 10
0
        if (!isset($form['tags'])) {
            $form['tags'] = 'METHOD="POST" ACTION="' . qa_self_html() . '#' . $identifierhtml . '"';
        }
        if (!isset($form['style'])) {
            $form['style'] = 'tall';
        }
        $qa_content['form_' . $type . '_' . $name] = $form;
        $formadded = true;
    }
}
foreach ($moduletypes as $type) {
    $modules = qa_load_modules_with($type, 'init_queries');
    foreach ($modules as $name => $module) {
        $queries = $module->init_queries($tables);
        if (!empty($queries)) {
            if (qa_is_http_post()) {
                qa_redirect('install');
            } else {
                $qa_content['error'] = strtr(qa_lang_html('admin/module_x_database_init'), array('^1' => qa_html($name), '^2' => qa_html($type), '^3' => '<A HREF="' . qa_path_html('install') . '">', '^4' => '</A>'));
            }
        }
    }
}
if (!$formadded) {
    $qa_content['suggest_next'] = qa_lang_html('admin/no_plugin_options');
}
$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
return $qa_content;
/*
	Omit PHP closing tag to help avoid accidental output
*/
Ejemplo n.º 11
0
//	Check whether this is a follow-on question and get some info we need from the database
$infollow = qa_get('follow');
//$incategoryid=qa_get_category_field_value('category');
$incategoryid = qa_post_text('category');
if (!isset($incategoryid)) {
    $incategoryid = qa_get('cat');
}
@(list($categories, $followanswer, $completetags) = qa_db_select_with_pending(qa_db_category_nav_selectspec($incategoryid, true), isset($infollow) ? qa_db_full_post_selectspec($qa_login_userid, $infollow) : null, qa_db_popular_tags_selectspec(0, QA_DB_RETRIEVE_COMPLETE_TAGS)));
if (!isset($categories[$incategoryid])) {
    $incategoryid = null;
}
if (@$followanswer['basetype'] != 'A') {
    $followanswer = null;
}
//	Check for permission error
$permiterror = qa_user_permit_error('permit_post_q', qa_is_http_post() ? 'Q' : null);
// only check rate limit later on
if ($permiterror) {
    $qa_content = qa_content_prepare();
    switch ($permiterror) {
        case 'login':
            $qa_content['error'] = qa_insert_login_links(qa_lang_html('question/ask_must_login'), $qa_request, isset($infollow) ? array('follow' => $infollow) : null);
            break;
        case 'confirm':
            $qa_content['error'] = qa_insert_login_links(qa_lang_html('question/ask_must_confirm'), $qa_request, isset($infollow) ? array('follow' => $infollow) : null);
            break;
        case 'limit':
            $qa_content['error'] = qa_lang_html('question/ask_limit');
            break;
        default:
            $qa_content['error'] = qa_lang_html('users/no_permission');
Ejemplo n.º 12
0
 /**
  * Outputs cache to the user
  */
 private function get_cache()
 {
     global $qa_usage;
     qa_db_connect('qa_page_db_fail_handler');
     qa_page_queue_pending();
     qa_load_state();
     qa_check_login_modules();
     qa_check_page_clicks();
     $contents = @file_get_contents($this->cache_file);
     if (!$contents) {
         return;
     }
     //cache failure, graceful exit
     $qa_content = array();
     // Dummy contents
     $userid = qa_get_logged_in_userid();
     $questionid = qa_request_part(0);
     $cookieid = qa_cookie_get(true);
     if (is_numeric($questionid)) {
         $question = qa_db_select_with_pending(qa_db_full_post_selectspec($userid, $questionid));
         if (is_numeric($questionid) && qa_opt('do_count_q_views') && !$this->post_method && !qa_is_http_post() && qa_is_human_probably() && (!$question['views'] || ($question['lastviewip'] != qa_remote_ip_address() || !isset($question['lastviewip'])) && ($question['createip'] != qa_remote_ip_address() || !isset($question['createip'])) && ($question['userid'] != $userid || !isset($question['userid'])) && ($question['cookieid'] != $cookieid || !isset($question['cookieid'])))) {
             $qa_content['inc_views_postid'] = $questionid;
         } else {
             $qa_content['inc_views_postid'] = null;
         }
         qa_do_content_stats($qa_content);
     }
     if (QA_DEBUG_PERFORMANCE) {
         ob_start();
         $qa_usage->output();
         $contents .= ob_get_contents();
         ob_end_clean();
     }
     qa_db_disconnect();
     exit($contents);
 }