public static function UpdateTopicAfterReply($topic_id)
{
validate_num($topic_id);
// Aggiorna:
// - Il conto dei posts
// - La data dell'ultimo post
exequery("UPDATE forum_posts SET replies = replies + 1, \n\t\t\t\t\t\t\t\t\t\t\tlast_post_date = " . time() . "\n\t\t\t\t\tWHERE id = {$topic_id}");
}
public function __construct($records_count, $records_for_each_page = 10, $current_page = 1)
{
//Controllo che i parametri siano numerici
validate_num($records_count);
validate_num($records_for_each_page);
//Controllo che i parametri siano positivi
if ($records_count < 0 || $records_for_each_page < 0) {
die("Errore, parametri negativi nel costruttore della classe Pagination");
}
//Calcolo il numero delle pagine
$this->pages_count = ceil($records_count / $records_for_each_page);
//Salvo i valori
$this->records_count = $records_count;
$this->records_for_each_page = $records_for_each_page;
$this->current_page = $current_page >= 1 && $current_page <= $this->pages_count ? $current_page : 1;
}
public static function Find($name, $num_records = 20)
{
//Controllo dei parametri
validate_num($num_records);
db_escape(trim($name));
// Se non c'e' niente da cercare
if ($name == "") {
return array();
}
$q = exequery("SELECT user FROM users WHERE user LIKE'{$name}%' LIMIT {$num_records}");
$array = array();
while ($u = mysqli_fetch_array($q, MYSQLI_ASSOC)) {
$array[] = $u['user'];
}
return $array;
}
function isModOfForum($id)
{
validate_num($id);
if ($this->isAdmin()) {
return true;
}
if ($this->isMod()) {
// Lazy loading
if (!isset($this['mod_of_forum'][$id])) {
$q = exequery("SELECT moderators FROM forum_arguments WHERE id = {$id}");
$res = mysqli_fetch_array($q, MYSQLI_ASSOC);
$this['mod_of_forum'][$id] = $res['moderators'] == $this['member_nickname'];
}
return $this['mod_of_forum'][$id];
} else {
return false;
}
}
<?php
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/** Si occupa di spostare un messaggio dal cestino alla posta in arrivo
method: GET
params:
id : id del messaggio da spostare
dataType : formato della risposta (vedere Restful::PrintResponse)
returns:
success: false => errore, true => OK
*/
require_once "__inc__.php";
$response = new RestfulResponse(isset($_POST['dataType']) ? $_POST['dataType'] : 'html');
validate_num($_POST['id']);
$ms = new MessageService($currentUser['id']);
$ms->restoreFromTrash($_POST['id']);
$response->setSuccess(true);
$response->send();
returns:
subject : oggetto del messaggio
from_or_to : stringa 'A' o 'Da'
date : data dell'invio del messaggio (formattata in maniera leggibile)
discursive_date: data dell'invio del messaggio (gg/mm/yy HH:mm)
important : true o false se il messaggio è importante o no
message_html : testo del messaggio (formattato in HTML)
message_plain : testo del messaggio (non formattato)
reply : true o false se bisonga mostrare il bottone rispondi o no
from_to_user : nome dell'utente che ha inviato o ricevuto il messaggio
*/
require_once "__inc__.php";
$response = new RestfulResponse("json");
$r = '';
$id = $_POST['id'];
validate_num($id);
$ms = new MessageService($currentUser['id']);
$m = $ms->getMessage($id);
if ($m['to_id'] == $currentUser['id']) {
$ms->viewed($id);
}
$from_to = 'A';
$user = '******';
$write = "";
if ($m['to_id'] == $currentUser['id']) {
$from_to = 'Da';
$user = '******';
}
$user = DB::FindOne("SELECT user FROM users WHERE id=" . $m[$user] . " LIMIT 1");
$array = array("subject" => $m->getRaw('subject'), "from_or_to" => $from_to, "date" => DateUtils::GetNice($m['date_tm']), "discursive_date" => DateUtils::GetDiscursive($m['date_tm']), "important" => $m->isImportant(), "multiple" => $m->isMultiple(), "message_html" => Text::MessageToHtml($m->getRaw('message')), "message_plain" => $m->getRaw('message'), "reply" => $m['to_id'] == $currentUser['id'], "from_to_user" => $user['user']);
$response->set('value', $array);
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/** Si occupa di aggiungere un voto ad un sondaggio
method: POST
params:
topic_id: id del topic (base) su cui votare
vote: id della scelta del sondaggio da votare
returns:
success: false => errore, true => OK
results_html: html contenente i risultati del sondaggio
*/
require_once "__inc__.php";
$response = new RestfulResponse("json");
if ($currentUser->isLogged()) {
// Valida i campi di input
validate_num($_POST['topic_id']);
validate_num($_POST['vote']);
$topic = new Topic($_POST['topic_id']);
if ($topic->isPoll() && $topic->isViewableBy($currentUser)) {
$poll_data = $topic->getPollData();
if (!$poll_data['user_has_voted']) {
// Voto valido?
$valid_vote = false;
foreach ($poll_data['choices'] as $choice) {
if ($choice['id'] == $_POST['vote']) {
$valid_vote = true;
break;
}
}
if ($valid_vote) {
// OK. Inseriamo il voto
exequery("INSERT INTO forum_poll (topic_id, user_id, vote)\n VALUES ({$topic['id']}, {$currentUser['id']}, {$_POST['vote']})");
/** Si occupa di aggiungere una risposta ad un topic
method: POST
params:
topic_id: id del topic (base) su cui aggiungere una risposta
message: messaggio
returns:
success: false => errore, true => OK
post_html: html contenente il post appena inserito
*/
require_once "__inc__.php";
$response = new RestfulResponse("json");
$av = new AutoValidator("frm-forum-reply", $_POST);
if ($av->validate()) {
if ($currentUser->isLogged()) {
// Valida i campi di input
validate_num($_POST['topic_id']);
$topic = new Topic($_POST['topic_id']);
$message = db_escape(Charset::Utf8ToDB($_POST['message']));
if (!Forum::IsUserFlooding($currentUser)) {
if (!$topic['locked']) {
// Trova il forum_id
$values = DB::FindOne("SELECT argument FROM forum_posts WHERE id = {$_POST['topic_id']}");
$forum_id = $values['argument'];
exequery(sprintf("INSERT INTO forum_posts (user_id, root_topic, argument, message, type, post_date, last_post_date, ip) \n VALUES(%d, %d, %d, '%s', %d, %d, %d, '%s')", $currentUser['id'], $_POST['topic_id'], $forum_id, $message, Forum::TYPE_POST, time(), time(), get_ip()));
$id = DB::LastId();
$post = new ForumPost($id);
Forum::UpdateTopicAfterReply($_POST['topic_id']);
Forum::IncPostCountForUser($currentUser);
Forum::AddReplyNotifications($post['id']);
$response->set("post_html", $post->render("forum/post.html"));
$response->setSuccess(true);
private function trashOperation($id_array, $option)
{
//Controllo che gli id dei messaggi siano numerici
foreach ($id_array as $id) {
validate_num($id);
}
//Controllo che i valori di $option siano corretti
if ($option != self::DELETE && $option != self::RESTORE) {
echo "Input invalido";
die;
}
//Scansiono l'array e aggiorno il campo di ogni messaggio
foreach ($id_array as $message_id) {
exequery("UPDATE messages SET deleted=" . ($option == self::DELETE ? 1 : 0) . " WHERE id={$message_id} AND to_id={$this->user_id}");
}
}
<?php
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/** Ricava il contenuto raw di un post (o topic) del forum
La richiesta dev'essere effettuata da un utente che ha i permessi per editare il post/topic
method: GET
params:
id: id del post/topic
returns:
informazioni del post/topic, inclusi:
- messaggio, username del postatore
*/
require_once "__inc__.php";
$response = new RestfulResponse("json");
validate_num($_GET['id']);
if ($currentUser->isLogged()) {
$post = new ForumPost($_GET['id']);
if ($post->isViewableBy($currentUser)) {
$response->set('message', $post['message']);
$response->set('username', $post['user']);
} else {
$response->setError("Non hai i permessi per leggere queste informazioni.");
}
} else {
$response->setError("Non loggato");
}
echo $response->send();
params:
forum_id: id del forum in cui inserire il topic
subject: oggetto del topic
message: messaggio
poll (facoltativo): lista di opzioni da inserire in un sondaggio (implica che il post e' un sondaggio)
returns:
success: false => errore, true => OK
topic_url: url (relativo) del topic appena inserito
*/
require_once "__inc__.php";
$response = new RestfulResponse("json");
$av = new AutoValidator("frm-forum-post", $_POST);
if ($av->validate()) {
if ($currentUser->isLogged()) {
// Valida i campi di input
validate_num($_POST['forum_id']);
$subject = db_escape(Charset::Utf8ToDB($_POST['subject']));
$message = db_escape(Charset::Utf8ToDB($_POST['message']));
$is_poll = isset($_POST['poll']);
// Le domande del sondaggio vengono memorizzate nel campo
// "poll" come array serializzato. Se "poll" e' null, allora
// vuol dire che il topic non e' un sondaggio
if ($is_poll) {
$poll_questions = explode("\n", trim(purify(Charset::Utf8ToDB($_POST['poll']))));
if (count($poll_questions) >= 2) {
$poll_data = db_escape(serialize($poll_questions));
} else {
// Numero di domande nel sondaggio non valido (< 2)
$poll_data = null;
}
}
public static function CreateFromId($id)
{
validate_num($id);
return new User("id = {$id}");
}
public function getChapter($num)
{
validate_num($num);
return new GuideChapter("guide_id={$this['id']} AND chapter={$num}", $this->link);
}
}
//$Expiry = array();
foreach ($vouchernames as $key => $name) {
// There are attributes set but no group name
if (\Grase\Clean::text($name) == '') {
if (isset($voucherprice[$key]) || isset($vouchermaxmb[$key]) || isset($vouchermaxtime[$key]) || isset($voucherinit[$key]) || isset($vouchertopup[$key]) || isset($voucherdesc[$key])) {
$warning[] = T_("Invalid voucher name or voucher name missing");
}
// Just loop as trying to process a group without a name is hard so they will just have to reenter those details
continue;
}
if (!isset($voucherprice[$key])) {
$error[] = T_("Vouchers need a price");
} else {
// Don't want to show both errors
$error[] = @validate_num($voucherprice[$key], T_('Invalid price'));
}
if (!(isset($vouchermaxmb[$key]) || isset($vouchermaxtime[$key]))) {
$warning[] = T_("It is not recommended having vouchers without a data or time limit");
}
// validate limits
//$error[] = validate_datalimit($groupdatalimit[$key]);
// Silence warnings (@) as we don't care if they are set or not'
if (!\Grase\Validate::numericLimit($vouchermaxtime[$key])) {
$error[] = sprintf(T_("Invalid value '%s' for Time Limit"), $vouchermaxtime[$key]);
}
if (!\Grase\Validate::numericLimit($vouchermaxmb[$key])) {
$error[] = sprintf(T_("Invalid value '%s' for Data Limit"), $vouchermaxmb[$key]);
}
// TODO validate groupname, it already comes in in the correct format though
$error = array_filter($error);
<?php
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
require_once "__inc__.php";
validate_num($_GET['guide_id']);
validate_num($_GET['chapter_id']);
?>
<?php
if (isset($_GET['guide_id']) && isset($_GET['chapter_id'])) {
// Creo un istanza di Guide e vedo se la guida è presente nel DB
$guide = new Guide($_GET['guide_id']);
if ($guide->exists()) {
$chapter = $guide->getChapter($_GET['chapter_id']);
if ($chapter->exists()) {
$backUrl = $guide->getLink();
$pagTitle = "{$guide['name']} - {$chapter['name']}";
require_once ROOT_PATH . "header.php";
echo "<div id='chapters-navigator' class='center'>";
$back_next_button = "<div style='overflow: auto;'>";
$prev_chapter = $chapter->getPrevious();
$next_chapter = $chapter->getNext();
if ($prev_chapter != NULL) {
$back_next_button .= '<div style="float:left;">
<button class="btn" onclick="location.href=\'' . $prev_chapter->getLink() . '\';">«<span class="hide-phone"> Precedente</span></button>
</div>';
}
if ($next_chapter != NULL) {
$back_next_button .= '<div style="float:right;">
<?php
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
require_once "__inc__.php";
validate_num($_GET['id']);
validate_num($_GET['p']);
$forum_info = Forum::GetForumInfo($_GET['id']);
$pagTitle = "Forum " . $forum_info['title'];
$backUrl = "/p/forum/";
require_once ROOT_PATH . "header.php";
if (!Forum::IsAccessGrantedTo($forum_info, $currentUser)) {
AlertMessage::Show("Non hai i permessi per visualizzare questo forum.", AlertMessage::WARN);
ndie();
}
// TODO: cerca topic
// argument e' l'id del canale del forum (Android, C++, Off-Topic, etc.)
$limit = DB::GetLimit($_GET['p'], Forum::TOPICS_PER_PAGE);
$q = exequery(DB::SelectCalcFoundRows(Topic::SELECT_SQL) . "\n\t\t\t\tWHERE p.argument = {$_GET['id']} AND p.type = " . Forum::TYPE_TOPIC . " \n\t\t\t\tORDER BY p.show_as DESC, p.last_post_date DESC\n\t\t\t\tLIMIT {$limit}");
$topics_count = DB::GetCalcFoundRows();
// TODO: aggiungi indice su show_as
?>
<div class="center" style="margin-bottom: 1em;"> <!-- nuovo post -->
<?php
$formBuilder = new FormBuilder("frm-forum-post", "/restful/forum/newtopic.php");
$fields = array();
$fields[] = array("id" => "subject", "type" => "textinput", "label" => "Oggetto:", "validation" => "required,Specifica un oggetto per il messaggio");
$fields[] = array("id" => "poll", "type" => "textarea", "label" => "Sondaggio:<br/><span class='small'>(1 domanda per linea)</span>", "attrs" => "style='height: 6em;'");
$fields[] = array("id" => "message", "type" => "textarea", "validation" => "required,Devi scrivere un messaggio");