Ejemplo n.º 1
0
 /**
  * Returns true, if the active user can edit or delete this post.
  * 
  * @param	Board		$board
  * @param	Thread		$thread
  * @return	boolean
  */
 public function canEditPost($board, $thread)
 {
     $isModerator = $board->getModeratorPermission('canEditPost') || $board->getModeratorPermission('canDeletePost');
     $isAuthor = $this->userID && $this->userID == WCF::getUser()->userID;
     $canEditPost = $board->getModeratorPermission('canEditPost') || $isAuthor && $board->getPermission('canEditOwnPost');
     $canDeletePost = $board->getModeratorPermission('canDeletePost') || $isAuthor && $board->getPermission('canDeleteOwnPost');
     if (!$canEditPost && !$canDeletePost || !$isModerator && ($board->isClosed || $thread->isClosed || $this->isClosed)) {
         return false;
     }
     // check post edit timeout
     if (!$isModerator && WCF::getUser()->getPermission('user.board.postEditTimeout') != -1 && TIME_NOW - $this->time > WCF::getUser()->getPermission('user.board.postEditTimeout') * 60) {
         return false;
     }
     return true;
 }
 /**
  * @see EventListener::execute()
  */
 public function execute($eventObj, $className, $eventName)
 {
     if ($eventObj->poll->messageType == 'post') {
         // check permissions
         require_once WBB_DIR . 'lib/data/post/Post.class.php';
         $post = new Post($eventObj->poll->messageID);
         if (!$post->postID) {
             throw new IllegalLinkException();
         }
         require_once WBB_DIR . 'lib/data/thread/Thread.class.php';
         $thread = new Thread($post->threadID);
         $thread->enter();
         require_once WBB_DIR . 'lib/data/board/Board.class.php';
         $board = new Board($thread->boardID);
         $eventObj->canVotePoll = $board->getPermission('canVotePoll');
         // plug in breadcrumbs
         WCF::getTPL()->assign(array('board' => $board, 'thread' => $thread, 'showThread' => true));
         WCF::getTPL()->append('specialBreadCrumbs', WCF::getTPL()->fetch('navigation'));
         // get other polls from this thread
         if ($thread->polls > 1) {
             require_once WCF_DIR . 'lib/data/message/poll/Poll.class.php';
             $polls = array();
             $sql = "SELECT \t\tpoll_vote.pollID AS voted,\n\t\t\t\t\t\t\tpoll_vote.isChangeable,\n\t\t\t\t\t\t\tpoll.*\n\t\t\t\t\tFROM \t\twcf" . WCF_N . "_poll poll\n\t\t\t\t\tLEFT JOIN \twcf" . WCF_N . "_poll_vote poll_vote\n\t\t\t\t\tON \t\t(poll_vote.pollID = poll.pollID\n\t\t\t\t\t\t\t" . (!WCF::getUser()->userID ? "AND poll_vote.ipAddress = '" . escapeString(WCF::getSession()->ipAddress) . "'" : '') . "\n\t\t\t\t\t\t\tAND poll_vote.userID = " . WCF::getUser()->userID . ")\n\t\t\t\t\tWHERE \t\tpoll.pollID IN (\n\t\t\t\t\t\t\t\tSELECT\tpollID\n\t\t\t\t\t\t\t\tFROM\twbb" . WBB_N . "_post\n\t\t\t\t\t\t\t\tWHERE\tthreadID = " . $thread->threadID . "\n\t\t\t\t\t\t\t\t\tAND isDeleted = 0\n\t\t\t\t\t\t\t\t\tAND isDisabled = 0\n\t\t\t\t\t\t\t\t\tAND pollID <> 0\n\t\t\t\t\t\t\t)\n\t\t\t\t\tORDER BY\tpoll.question";
             $result = WCF::getDB()->sendQuery($sql);
             while ($row = WCF::getDB()->fetchArray($result)) {
                 $polls[] = new Poll(null, $row, $eventObj->canVotePoll);
             }
             if (count($polls) > 1) {
                 WCF::getTPL()->assign(array('polls' => $polls, 'pollID' => $eventObj->pollID));
                 WCF::getTPL()->append('additionalSidebarContent', WCF::getTPL()->fetch('pollOverviewSidebar'));
             }
         }
     }
 }
 /**
  * Handles a rating request on this thread.
  */
 public function handleRating()
 {
     if (isset($_POST['rating'])) {
         $rating = intval($_POST['rating']);
         // rating is disabled
         if (!$this->enableRating) {
             throw new IllegalLinkException();
         }
         // user has already rated this thread and the rating is NOT changeable
         if ($this->thread->userRating !== null && !$this->thread->userRating) {
             throw new IllegalLinkException();
         }
         // user has no permission to rate this thread
         if (!$this->board->getPermission('canRateThread')) {
             throw new IllegalLinkException();
         }
         // illegal rating
         if ($rating < 1 || $rating > 5) {
             throw new IllegalLinkException();
         }
         // user has already rated this thread and the rating is changeable
         // change rating
         if ($this->thread->userRating) {
             $sql = "UPDATE \twbb" . WBB_N . "_thread_rating\n\t\t\t\t\tSET \trating = " . $rating . "\n\t\t\t\t\tWHERE \tthreadID = " . $this->threadID . "\n\t\t\t\t\t\tAND " . (WCF::getUser()->userID ? "userID = " . WCF::getUser()->userID : "ipAddress = '" . escapeString(WCF::getSession()->ipAddress) . "'");
             WCF::getDB()->registerShutdownUpdate($sql);
             $sql = "UPDATE \twbb" . WBB_N . "_thread\n\t\t\t\t\tSET \trating = (rating + " . $rating . ") - " . $this->thread->userRating . "\n\t\t\t\t\tWHERE \tthreadID = " . $this->threadID;
             WCF::getDB()->registerShutdownUpdate($sql);
         } else {
             $sql = "INSERT INTO\twbb" . WBB_N . "_thread_rating\n\t\t\t\t\t\t\t(threadID, rating, userID, ipAddress)\n\t\t\t\t\tVALUES\t\t(" . $this->threadID . ",\n\t\t\t\t\t\t\t" . $rating . ",\n\t\t\t\t\t\t\t" . WCF::getUser()->userID . ",\n\t\t\t\t\t\t\t'" . escapeString(WCF::getSession()->ipAddress) . "')";
             WCF::getDB()->registerShutdownUpdate($sql);
             $sql = "UPDATE \twbb" . WBB_N . "_thread\n\t\t\t\t\tSET \tratings = ratings + 1,\n\t\t\t\t\t\trating = rating + " . $rating . "\n\t\t\t\t\tWHERE \tthreadID = " . $this->threadID;
             WCF::getDB()->registerShutdownUpdate($sql);
         }
         HeaderUtil::redirect('index.php?page=Thread&threadID=' . $this->threadID . '&pageNo=' . $this->pageNo . SID_ARG_2ND_NOT_ENCODED);
         exit;
     }
 }