$captchareason = qa_user_captcha_reason(); $in['title'] = qa_post_text('title'); // allow title and tags to be posted by an external form $in['extra'] = qa_opt('extra_field_active') ? qa_post_text('extra') : null; if (qa_using_tags()) { $in['tags'] = qa_get_tags_field_value('tags'); } if (qa_clicked('doask')) { require_once QA_INCLUDE_DIR . 'qa-app-post-create.php'; require_once QA_INCLUDE_DIR . 'qa-util-string.php'; $categoryids = array_keys(qa_category_path($categories, @$in['categoryid'])); $userlevel = qa_user_level_for_categories($categoryids); $in['name'] = qa_post_text('name'); $in['notify'] = qa_post_text('notify') ? true : false; $in['email'] = qa_post_text('email'); $in['queued'] = qa_user_moderation_reason($userlevel) ? true : false; qa_get_post_content('editor', 'content', $in['editor'], $in['content'], $in['format'], $in['text']); $errors = array(); if (!qa_check_form_security_code('ask', qa_post_text('code'))) { $errors['page'] = qa_lang_html('misc/form_security_again'); } else { $filtermodules = qa_load_modules_with('filter', 'filter_question'); foreach ($filtermodules as $filtermodule) { $oldin = $in; $filtermodule->filter_question($in, $errors, null); qa_update_post_text($in, $oldin); } if (qa_using_categories() && count($categories) && !qa_opt('allow_no_category') && !isset($in['categoryid'])) { $errors['categoryid'] = qa_lang_html('question/category_required'); } elseif (qa_user_permit_error('permit_post_q', null, $userlevel)) { $errors['categoryid'] = qa_lang_html('question/category_ask_not_allowed');
function qa_page_q_edit_c_submit($comment, $question, $parent, &$in, &$errors) { $commentid = $comment['postid']; $prefix = 'c' . $commentid . '_'; $in = array(); if ($comment['isbyuser']) { $in['name'] = qa_post_text($prefix . 'name'); $in['notify'] = qa_post_text($prefix . 'notify') ? true : false; $in['email'] = qa_post_text($prefix . 'email'); } if (!qa_user_post_permit_error('permit_edit_silent', $comment)) { $in['silent'] = qa_post_text($prefix . 'silent'); } qa_get_post_content($prefix . 'editor', $prefix . 'content', $in['editor'], $in['content'], $in['format'], $in['text']); // here the $in array only contains values for parts of the form that were displayed, so those are only ones checked by filters $errors = array(); if (!qa_check_form_security_code('edit-' . $commentid, qa_post_text($prefix . 'code'))) { $errors['content'] = qa_lang_html('misc/form_security_again'); } else { $in['queued'] = qa_opt('moderate_edited_again') && qa_user_moderation_reason(qa_user_level_for_post($comment)); $filtermodules = qa_load_modules_with('filter', 'filter_comment'); foreach ($filtermodules as $filtermodule) { $oldin = $in; $filtermodule->filter_comment($in, $errors, $question, $parent, $comment); qa_update_post_text($in, $oldin); } if (empty($errors)) { $userid = qa_get_logged_in_userid(); $handle = qa_get_logged_in_handle(); $cookieid = qa_cookie_get(); if (!isset($in['silent'])) { $in['silent'] = false; } $setnotify = $comment['isbyuser'] ? qa_combine_notify_email($comment['userid'], $in['notify'], $in['email']) : $comment['notify']; qa_comment_set_content($comment, $in['content'], $in['format'], $in['text'], $setnotify, $userid, $handle, $cookieid, $question, $parent, @$in['name'], $in['queued'], $in['silent']); return true; } } return false; }
function qa_page_q_prepare_post_for_filters($post) { $in = array('content' => $post['content'], 'format' => $post['format'], 'text' => qa_viewer_text($post['content'], $post['format']), 'notify' => isset($post['notify']), 'email' => qa_email_validate($post['notify']) ? $post['notify'] : null, 'queued' => qa_user_moderation_reason(qa_user_level_for_post($post)) !== false); if ($post['basetype'] == 'Q') { $in['title'] = $post['title']; $in['tags'] = qa_tagstring_to_tags($post['tags']); $in['categoryid'] = $post['categoryid']; $in['extra'] = $post['extra']; } return $in; }
$captchareason = qa_user_captcha_reason(); $in['title'] = qa_post_text('title'); // allow title and tags to be posted by an external form $in['extra'] = qa_opt('extra_field_active') ? qa_post_text('extra') : null; if (qa_using_tags()) { $in['tags'] = qa_get_tags_field_value('tags'); } if (qa_clicked('doask')) { require_once QA_INCLUDE_DIR . 'app/post-create.php'; require_once QA_INCLUDE_DIR . 'util/string.php'; $categoryids = array_keys(qa_category_path($categories, @$in['categoryid'])); $userlevel = qa_user_level_for_categories($categoryids); $in['name'] = qa_post_text('name'); $in['notify'] = strlen(qa_post_text('notify')) > 0; $in['email'] = qa_post_text('email'); $in['queued'] = qa_user_moderation_reason($userlevel) !== false; qa_get_post_content('editor', 'content', $in['editor'], $in['content'], $in['format'], $in['text']); $errors = array(); if (!qa_check_form_security_code('ask', qa_post_text('code'))) { $errors['page'] = qa_lang_html('misc/form_security_again'); } else { $filtermodules = qa_load_modules_with('filter', 'filter_question'); foreach ($filtermodules as $filtermodule) { $oldin = $in; $filtermodule->filter_question($in, $errors, null); qa_update_post_text($in, $oldin); } if (qa_using_categories() && count($categories) && !qa_opt('allow_no_category') && !isset($in['categoryid'])) { $errors['categoryid'] = qa_lang_html('question/category_required'); } elseif (qa_user_permit_error('permit_post_q', null, $userlevel)) { $errors['categoryid'] = qa_lang_html('question/category_ask_not_allowed');
function qa_page_q_post_rules($post, $parentpost = null, $siblingposts = null, $childposts = null) { if (qa_to_override(__FUNCTION__)) { $args = func_get_args(); return qa_call_override(__FUNCTION__, $args); } $userid = qa_get_logged_in_userid(); $cookieid = qa_cookie_get(); $rules['isbyuser'] = qa_post_is_by_user($post, $userid, $cookieid); $rules['queued'] = substr($post['type'], 1) == '_QUEUED'; $rules['closed'] = $post['basetype'] == 'Q' && (isset($post['closedbyid']) || isset($post['selchildid']) && qa_opt('do_close_on_select')); // Cache some responses to the user permission checks $permiterror_post_q = qa_user_permit_error('permit_post_q'); $permiterror_post_a = qa_user_permit_error('permit_post_a'); $permiterror_post_c = qa_user_permit_error('permit_post_c'); $permiterror_edit = qa_user_permit_error($post['basetype'] == 'Q' ? 'permit_edit_q' : ($post['basetype'] == 'A' ? 'permit_edit_a' : 'permit_edit_c')); $permiterror_retagcat = qa_user_permit_error('permit_retag_cat'); $permiterror_hide_show = qa_user_permit_error($rules['isbyuser'] ? null : 'permit_hide_show'); $permiterror_close_open = qa_user_permit_error($rules['isbyuser'] ? null : 'permit_close_q'); $permiterror_moderate = qa_user_permit_error('permit_moderate'); // General permissions $rules['authorlast'] = !isset($post['lastuserid']) || $post['lastuserid'] === $post['userid']; $rules['viewable'] = $post['hidden'] ? !$permiterror_hide_show : ($rules['queued'] ? $rules['isbyuser'] || !$permiterror_moderate : true); // Answer, comment and edit might show the button even if the user still needs to do something (e.g. log in) $rules['answerbutton'] = $post['type'] == 'Q' && $permiterror_post_a != 'level' && !$rules['closed'] && (qa_opt('allow_self_answer') || !$rules['isbyuser']); $rules['commentbutton'] = ($post['type'] == 'Q' || $post['type'] == 'A') && $permiterror_post_c != 'level' && qa_opt($post['type'] == 'Q' ? 'comment_on_qs' : 'comment_on_as'); $rules['commentable'] = $rules['commentbutton'] && !$permiterror_post_c; $rules['editbutton'] = !$post['hidden'] && ($rules['isbyuser'] || $permiterror_edit != 'level' && !$rules['queued']) && !$rules['closed']; $rules['editable'] = $rules['editbutton'] && ($rules['isbyuser'] || !$permiterror_edit); $rules['retagcatbutton'] = $post['basetype'] == 'Q' && (qa_using_tags() || qa_using_categories()) && !$post['hidden'] && ($rules['isbyuser'] || $permiterror_retagcat != 'level'); $rules['retagcatable'] = $rules['retagcatbutton'] && ($rules['isbyuser'] || !$permiterror_retagcat); if ($rules['editbutton'] && $rules['retagcatbutton']) { // only show one button since they lead to the same form if ($rules['retagcatable'] && !$rules['editable']) { $rules['editbutton'] = false; } else { $rules['retagcatbutton'] = false; } } $rules['aselectable'] = $post['type'] == 'Q' && !qa_user_permit_error($rules['isbyuser'] ? null : 'permit_select_a'); $rules['flagbutton'] = qa_opt('flagging_of_posts') && !$rules['isbyuser'] && !$post['hidden'] && !$rules['queued'] && !@$post['userflag'] && qa_user_permit_error('permit_flag') != 'level'; $rules['flagtohide'] = $rules['flagbutton'] && !qa_user_permit_error('permit_flag') && $post['flagcount'] + 1 >= qa_opt('flagging_hide_after'); $rules['unflaggable'] = @$post['userflag'] && !$post['hidden']; $rules['clearflaggable'] = $post['flagcount'] >= (@$post['userflag'] ? 2 : 1) && !qa_user_permit_error('permit_hide_show'); // Other actions only show the button if it's immediately possible $notclosedbyother = !($rules['closed'] && isset($post['closedbyid']) && !$rules['authorlast']); $nothiddenbyother = !($post['hidden'] && !$rules['authorlast']); $rules['closeable'] = qa_opt('allow_close_questions') && $post['type'] == 'Q' && !$rules['closed'] && !$permiterror_close_open; $rules['reopenable'] = $rules['closed'] && isset($post['closedbyid']) && !$permiterror_close_open && !$post['hidden'] && ($notclosedbyother || !qa_user_permit_error('permit_close_q')); // cannot reopen a question if it's been hidden, or if it was closed by someone else and you don't have global closing permissions $rules['moderatable'] = $rules['queued'] && !$permiterror_moderate; $rules['hideable'] = !$post['hidden'] && ($rules['isbyuser'] || !$rules['queued']) && !$permiterror_hide_show && ($notclosedbyother || !qa_user_permit_error('permit_hide_show')); // cannot hide a question if it was closed by someone else and you don't have global hiding permissions $rules['reshowable'] = $post['hidden'] && !$permiterror_hide_show && !qa_user_moderation_reason() && ($nothiddenbyother && !$post['flagcount'] || !qa_user_permit_error('permit_hide_show')); // cannot reshow a question if it was hidden by someone else, or if it has flags - unless you have global hiding permissions $rules['deleteable'] = $post['hidden'] && !qa_user_permit_error('permit_delete_hidden'); $rules['claimable'] = !isset($post['userid']) && isset($userid) && strlen(@$post['cookieid']) && strcmp(@$post['cookieid'], $cookieid) == 0 && !($post['basetype'] == 'Q' ? $permiterror_post_q : ($post['basetype'] == 'A' ? $permiterror_post_a : $permiterror_post_c)); $rules['followable'] = $post['type'] == 'A' ? qa_opt('follow_on_as') : false; // Check for claims that could break rules about self answering and mulltiple answers if ($rules['claimable'] && $post['basetype'] == 'A') { if (!qa_opt('allow_self_answer') && isset($parentpost) && qa_post_is_by_user($parentpost, $userid, $cookieid)) { $rules['claimable'] = false; } if (isset($siblingposts) && !qa_opt('allow_multi_answers')) { foreach ($siblingposts as $siblingpost) { if ($siblingpost['parentid'] == $post['parentid'] && $siblingpost['basetype'] == 'A' && qa_post_is_by_user($siblingpost, $userid, $cookieid)) { $rules['claimable'] = false; } } } } // Now make any changes based on the child posts if (isset($childposts)) { foreach ($childposts as $childpost) { if ($childpost['parentid'] == $post['postid'] && ($childpost['basetype'] == 'A' || $childpost['basetype'] == 'C')) { $rules['deleteable'] = false; if ($childpost['basetype'] == 'A' && qa_post_is_by_user($childpost, $userid, $cookieid)) { if (!qa_opt('allow_multi_answers')) { $rules['answerbutton'] = false; } if (!qa_opt('allow_self_answer')) { $rules['claimable'] = false; } } } } } // Return the resulting rules return $rules; }
function qa_page_q_add_c_submit($question, $parent, $commentsfollows, $usecaptcha, &$in, &$errors) { $parentid = $parent['postid']; $prefix = 'c' . $parentid . '_'; $in = array('notify' => qa_post_text($prefix . 'notify') ? true : false, 'email' => qa_post_text($prefix . 'email'), 'queued' => qa_user_moderation_reason() ? true : false); qa_get_post_content($prefix . 'editor', $prefix . 'content', $in['editor'], $in['content'], $in['format'], $in['text']); $errors = array(); $filtermodules = qa_load_modules_with('filter', 'filter_comment'); foreach ($filtermodules as $filtermodule) { $oldin = $in; $filtermodule->filter_comment($in, $errors, $question, $parent, null); qa_update_post_text($in, $oldin); } if ($usecaptcha) { qa_captcha_validate_post($errors); } if (empty($errors)) { $testwords = implode(' ', qa_string_to_words($in['content'])); foreach ($commentsfollows as $comment) { if ($comment['basetype'] == 'C' && $comment['parentid'] == $parentid && !$comment['hidden']) { if (implode(' ', qa_string_to_words($comment['content'])) == $testwords) { $errors['content'] = qa_lang_html('question/duplicate_content'); } } } } if (empty($errors)) { $userid = qa_get_logged_in_userid(); $handle = qa_get_logged_in_handle(); $cookieid = isset($userid) ? qa_cookie_get() : qa_cookie_get_create(); // create a new cookie if necessary $commentid = qa_comment_create($userid, $handle, $cookieid, $in['content'], $in['format'], $in['text'], $in['notify'], $in['email'], $question, $parent, $commentsfollows, $in['queued']); return $commentid; } return null; }