Ejemplo n.º 1
0
	/**
	 * Initialisation.
	 * Initialises the view, templaters and all other necessary objects for
	 * successfully creating the response.
	 */
	protected function initialize()
	{
		// Get current node info
		$this->node = new vBCms_Item_Content($this->node_segment);

		// Prenotify the node item of info we will require
		$info_flags = 	vBCms_Item_Content::INFO_NODE |
						vBCms_Item_Content::INFO_PARENTS |
						vBCms_Item_Content::INFO_CONFIG;
		$this->node->requireInfo($info_flags);

		if (!$this->node->isValid())
		{
			$this->node = new vBCms_Item_Content( vB::$vbulletin->options['default_page']);
			vBCms_NavBar::prepareNavBar($this->node);
			throw (new vB_Exception_404(new vB_Phrase('error', 'page_not_found')));
		}
		
		// Prepare navbar
		vBCms_NavBar::prepareNavBar($this->node);
	}
Ejemplo n.º 2
0
	/**
	 * Constructor.
	 *
	 * @param array mixed $parameters			- User requested parameters.
	 * @param string $action					- Optional action for the controller's getResponse()
	 */
	public function __construct(array $parameters = null, $action = false)
	{
		parent::__construct($parameters, $action);

		vBCms_NavBar::prepareNavBar();
	}
Ejemplo n.º 3
0
	/**
	 * Initialisation.
	 * Initialises the view, templaters and all other necessary objects for
	 * successfully creating the response.
	 */
	protected function initialize()
	{
		// Setup the templater.  Even XML output needs this for the html response
		//First we need a node from which we can get a style.

		//We need to set sectionid, style, and layout
		global $vbphrase;
		require_once DIR . '/includes/functions_databuild.php';
		fetch_phrase_group('vbcms');

		//we are going to use simple paging, so let' limit the number of records return.

		if (count($this->segments) < 2)
		{
			$value = 1;
		}
		else
		{
			$value = max(1, intval($this->segments['value']));
			}
			switch($this->segments['type'])
		{
			case 'author':
				//if we were passed a parameter for fromsection, we use that.
				//or it could be the fourth parameter.
				vB::$vbulletin->input->clean_array_gpc('r', array(
					'fromsection' => TYPE_INT,
					'sectionid' => TYPE_INT,
					));


				$this->query_filter = " AND node.userid = " . intval($value);

				if (vB::$vbulletin->GPC_exists['fromsection'] AND intval(vB::$vbulletin->GPC['fromsection']))
				{
					$displaysectionid = intval(vB::$vbulletin->GPC['fromsection']);
				}
				//we haven't got a section.
				else $displaysectionid = "SELECT MIN(nodeid) AS nodeid FROM " . TABLE_PREFIX . "cms_node WHERE
					parentnode IS NULL";
				;
				if ($record = vB::$vbulletin->db->query_first("SELECT username FROM " .TABLE_PREFIX .
					"user WHERE userid = $value" ))
				{
					$this->title = $record['username'];
					$this->urlstring = $this->title;
				}
				$this->result_type = $vbphrase['author'];
				break;
			case 'section':

				$this->query_filter = " AND node.parentnode = " . $value;
				$displaysectionid = $value;


				if ($record = vB::$vbulletin->db->query_first("SELECT title FROM " .TABLE_PREFIX .
					"cms_nodeinfo WHERE nodeid = $value" ))
				{
					$this->title = $record['title'];
					$this->urlstring = urlencode($this->title);
				}

				$this->result_type = $vbphrase['section'];
				break;

			case 'category':

				$record = vB::$vbulletin->db->query_first("SELECT category, parentnode FROM " .TABLE_PREFIX .
				"cms_category WHERE categoryid = $value") ;
				if (!$record)
				{
					$record = vB::$vbulletin->db->query_first("SELECT category, parentnode, categoryid FROM " .TABLE_PREFIX .
					"cms_category LIMIT 1") ;
					if ($record)
					{
						$this->segments['value'] = $value = $record['categoryid'];
					}

				}
				if (!$record)
				{
					throw (new vB_Exception_User(new vB_Phrase('error', 'no_categories_defined')));
				}
				$this->joins = " INNER JOIN " . TABLE_PREFIX . "cms_nodecategory AS nodecat ON nodecat.nodeid = node.nodeid
						 AND nodecat.categoryid = $value" ;

				$this->title = $record['category'];
				$this->urlstring = urlencode($record['category']);
				$displaysectionid = $record['parentnode'];

				$this->result_type = $vbphrase['category'];
				break;

			case 'day':
				//Here we displaying for a specific day. We need to get the date range for the
				//where clause. We have nothing to set the $displaysectionid, so set it to false
				$displaysectionid = false;

				//default date to today
				if (! (intval($value) > 1000000))
				{
					$value = TIMENOW;
				}

				$this->query_filter = " AND node.setpublish > 0 AND (node.publishdate BETWEEN $value  AND " .
					 ($value + 86399) . ") " ;
				$this->title = vbdate( vB::$vbulletin->options['dateformat'], $value);
				$this->urlstring = urlencode($value);

				$displaysectionid = "SELECT MIN(nodeid) AS nodeid FROM " . TABLE_PREFIX . "cms_node WHERE
					parentnode IS NULL";
				$this->result_type = $vbphrase['date'];
				break;

			default:
				//we haven't got a section.
				$displaysectionid = "SELECT MIN(nodeid) AS nodeid FROM " . TABLE_PREFIX . "cms_node WHERE
					parentnode IS NULL";
				;
				if ($record = vB::$vbulletin->db->query_first("SELECT title FROM " .TABLE_PREFIX .
					"cms_nodeinfo WHERE nodeid = ($displaysectionid)"))
				{
					$this->title = $record['title'];
					$this->result_type = $vbphrase['section'];
					$this->urlstring = urlencode($this->title );
				}
				$this->result_type = $vbphrase['section'];
			;
		} // switch

		if (! is_numeric($displaysectionid) )
		{

			$record = vB::$vbulletin->db->query_first($displaysectionid);
			$displaysectionid = $record['nodeid'];
		}

		$rst = vB::$vbulletin->db->query_read("SELECT parent.nodeid, parent.styleid, parent.layoutid from " .
			TABLE_PREFIX . "cms_node AS node	INNER JOIN " . TABLE_PREFIX .
			"cms_node AS parent ON (node.nodeleft >= parent.nodeleft AND node.nodeleft <= parent.noderight)
			   WHERE node.nodeid = " . $displaysectionid . "
			 ORDER BY parent.nodeleft DESC ;");

		$record = vB::$vbulletin->db->fetch_array($rst);

		$this->sectionid = $record['nodeid'];

		$node = vBCms_Item_Content::create('vBCms', 'Section', $displaysectionid);

		if (! $node->canView())
		{
			throw (new vB_Exception_AccessDenied());
		}
		$node->requireInfo(vBCms_Item_Content::INFO_NODE);
		vBCms_NavBar::prepareNavBar($node);

		while($record)
		{
			if (intval($record['layoutid']) AND !intval($this->layoutid))
			{
				$this->layoutid = $record['layoutid'];
			}
			if (intval($record['styleid']) AND !intval($this->styleid))
			{
				$this->styleid = $record['styleid'];
			}

			if (intval($this->layoutid))
			{
				$this->displaysectionid = $displaysectionid;
				return;
			}

			$record = vB::$vbulletin->db->fetch_array($rst);
		}

		if (!intval($this->styleid))
		{
			$this->styleid = vB::$vbulletin->options['styleid'];
		}

		if (!intval($this->layoutid))
		{
			$this->layoutid = 1;
		}

	}
Ejemplo n.º 4
0
	/**
	* Performs additional queries or tasks after saving.
	*
	* @param mixed								- The save result
	* @param bool $deferred						- Save was deferred
	* @param bool $replace						- Save used REPLACE
	* @param bool $ignore						- Save used IGNORE if inserting
	* @return bool								- Whether the save can be considered a success
	*/
	protected function postSave($result, $deferred, $replace, $ignore)
	{
		//First let's handle the configuration.
		if (isset($this->set_fields['config']))
		{
			if ($this->isUpdating())
			{
				$this->assertItem();
				$id = $this->item->getNodeId();
			}
			else
			{
				if (!$this->primary_id)
				{
					throw (new vB_Exception_DM('No primary id available for setting the node config in DM \'' . get_class($this) . '\''));
				}

				$id = $this->primary_id;
			}

			// delete the old config
			vB::$db->query_write(
				'DELETE FROM ' . TABLE_PREFIX . 'cms_nodeconfig
				 WHERE nodeid = ' . $id);

			// build the sql
			$sql = 'INSERT INTO ' . TABLE_PREFIX . 'cms_nodeconfig (nodeid, name, value, serialized) VALUES ';
			$values = array();

			// write the new config
			foreach ($this->set_fields['config'] AS $cvar => $value)
			{
				if (is_resource($value))
				{
					throw (new vB_Exception_DM('Trying to set a resource as a node config value'));
				}

				if (is_object($value) OR is_array($value))
				{
					$serialized = true;
					$value = serialize($value);
				}
				else
				{
					$serialized = false;
				}

				$values[] = '(' . $id . ', \'' . vB::$db->escape_string($cvar) . '\',\'' . vB::$db->escape_string($value) . '\',\'' . intval($serialized) . '\')';
			}
			// insert config
			vB::$db->insert_multiple($sql, $values, true);

		}

		//and set permissionsfrom the parent. Let's do this so we fix any close records.
		$nodeid = (isset($this->set_fields['nodeid']) ? $this->set_fields['nodeid'] : $this->primary_id);
		$parents = array();
		if (intval($this->set_fields['permissionsfrom']))
		{
			$permissionsfrom = $this->set_fields['permissionsfrom'];
		}
		else
		{
			//we'll pull from our parent.
			$rst = vB::$vbulletin->db->query_read("SELECT parent.nodeid, parent.parentnode,
				parent.permissionsfrom, parent.nodeleft, parent.noderight
				FROM " . TABLE_PREFIX . "cms_node AS node INNER JOIN " . TABLE_PREFIX .
				"cms_node AS parent ON (node.nodeleft >= parent.nodeleft AND node.nodeleft <=parent.noderight)
				WHERE node.nodeid = $nodeid
				ORDER BY parent.nodeleft DESC");
			while($record = vB::$vbulletin->db->fetch_array($rst))
			{
				$parents[] = $record;
				if (intval($record['permissionsfrom']))
				{
					$permissionsfrom = $record['permissionsfrom'];
					if (intval($record['permissionsfrom']) != intval($nodeid))
					{
						break;
					}
				}
			}
			//either we found a parent with a permissionsfrom, or we hit the top- which is
			// just as good.
			vB::$vbulletin->db->query_write("UPDATE " . TABLE_PREFIX . "cms_node SET permissionsfrom = " .
				$permissionsfrom . " WHERE nodeid = $nodeid" ) ;

		}
		foreach ($parents as $parent)
		{
			vB::$vbulletin->db->query_write("UPDATE " . TABLE_PREFIX . "cms_node SET permissionsfrom = " .
				$permissionsfrom . " WHERE parentnode = " . $parent['nodeid'] .

				" AND IFNULL(permissionsfrom, 0) = 0") ;
		}

		if (isset($this->set_fields['navigation']))
		{
			$nodeid = intval((isset($this->set_fields['nodeid']) ? $this->set_fields['nodeid'] : $this->item->getNodeId()));

			// if there is array for navigation menu, it means we are not inheriting from parent
			// so we must add/modify the record in the navigation table for this node
			if (is_array($this->set_fields['navigation']))
			{
				vB::$vbulletin->db->query_write("
					REPLACE INTO " . TABLE_PREFIX . "cms_navigation
					SET nodeid = $nodeid,
						nodelist = '" . implode(',', $this->set_fields['navigation']) . "'
				");
			}

			// if this is not an array, it means the drop-down was selected to inherit from parent
			// so delete any record in the navigation table for this node
			else
			{
				vB::$vbulletin->db->query_write("
					DELETE FROM " . TABLE_PREFIX . "cms_navigation
					WHERE nodeid = $nodeid
				");
			}

		}

		if (isset($this->set_fields['setpublish']) OR isset($this->set_fields['navigation']))
		{
				// clear the navbar cache
			vB_Cache::instance()->event(array(vBCms_NavBar::GLOBAL_CACHE_EVENT,
				vBCms_NavBar::getCacheEventId($this->item->getNodeId()),
				$this->item->getCacheEvents(), $this->item->getContentCacheEvent()));
			vB_Cache::instance()->cleanNow();
			$nav_node = new vBCms_Item_Content($this->item->getNodeId(), vBCms_Item_Content::INFO_NAVIGATION);
			// reload the navbar for the page
			vBCms_NavBar::prepareNavBar($nav_node, true);
			unset($nav_node);
		}
		else if ($this->item)
		{
			vB_Cache::instance()->event(array($this->item->getCacheEvents(),
				$this->item->getContentCacheEvent()));
		}

		//Let's set the thread status, if there is one.
		//If we get called from dm/rate.php or somewhere like that, we skip this section
		if ($this->isUpdating() AND in_array('comments_enabled', $this->set_fields) AND
			isset($this->set_fields['comments_enabled']))
		{
			$record = vB::$vbulletin->db->query_first("SELECT info.associatedthreadid, thread.forumid FROM " .
				TABLE_PREFIX . "cms_nodeinfo AS info INNER JOIN " .
				TABLE_PREFIX . "thread AS thread ON thread.threadid = info.associatedthreadid
				WHERE info.nodeid = ". $this->item->getNodeId() );

			if ($record['associatedthreadid'])
			{
				require_once DIR . '/includes/functions_databuild.php';
				$thread = vB_Legacy_Thread::create_from_id($record['associatedthreadid']);

				if ($thread)
				{
					if (intval($this->set_fields['comments_enabled']))
					{
						//We need to ensure comments are enabled.
						$visible = $thread->get_field('visible');
						if ( intval($visible) != 1)
						{
							undelete_thread($record['associatedthreadid']);
						}

						//If the title has been updated in the article, update the thread title.
						if (($thread->getField('title') != '') AND isset($this->set_fields['title'])
							AND ($thread->getField('title') != $this->set_fields['title']))
						{
							$sql = "UPDATE " . TABLE_PREFIX . "thread SET title = '" .
								vB::$db->escape_string($this->set_fields['title']) .
								"' WHERE threadid = " . $record['associatedthreadid'];
							vB::$db->query_write($sql);
						}
					}
					else
					{
						//We need to hide the thread.
						$thread->soft_delete(new vB_Legacy_CurrentUser(), '', true);
					}

				}
				build_thread_counters($record['associatedthreadid']);
				build_forum_counters($record['forumid']);
			}
		}

		parent::postSave($result, $deferred, $replace, $ignore);
		//we should never return false if we got here.
		$result = (intval($result) ? $result : true);

		return $result;
	}
Ejemplo n.º 5
0
}
$vbulletin->input->clean_array_gpc('r', array('return_node' => TYPE_UINT));
if ($vbulletin->GPC['return_node']) {
    $report_type = 'article_comment';
    $content = new vBCms_Item_Content_Article($vbulletin->GPC['return_node']);
    $reportobj = new vB_ReportItem_ArticleComment($vbulletin);
    $reportobj->set_extrainfo('node', $vbulletin->GPC['return_node']);
    $reportobj->set_extrainfo('forum', $foruminfo);
    $reportobj->set_extrainfo('thread', $threadinfo);
    // check cms permissions on the article
    if (!$content->canView()) {
        print_no_permission();
    }
    define('CMS_SCRIPT', true);
    vB_View::registerTemplater(vB_View::OT_XHTML, new vB_Templater_vB());
    vBCms_NavBar::prepareNavBar($content);
} else {
    $report_type = 'post';
    $reportobj = new vB_ReportItem_Post($vbulletin);
    $reportobj->set_extrainfo('forum', $foruminfo);
    $reportobj->set_extrainfo('thread', $threadinfo);
    $forumperms = fetch_permissions($threadinfo['forumid']);
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or $threadinfo['postuserid'] != $vbulletin->userinfo['userid'] and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) {
        print_no_permission();
    }
    // check if there is a forum password and if so, ensure the user has it set
    verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
}
$perform_floodcheck = $reportobj->need_floodcheck();
if ($perform_floodcheck) {
    $reportobj->perform_floodcheck_precommit();