function lxReport()
{
global $DB, $C, $L, $t;
$v = new Validator();
$v->Register($_REQUEST['message'], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$L['REPORT']}");
// Verify captcha code
if ($C['report_captcha']) {
VerifyCaptcha($v);
}
// Check dsbl.org for spam submissions
if ($C['dsbl_report'] && CheckDsbl($_SERVER['REMOTE_ADDR'])) {
$v->SetError($L['DSBL_MATCHED']);
}
if (!$v->Validate()) {
$errors = join('<br />', $v->GetErrors());
lxShReport($errors);
return;
}
$link = $DB->Row('SELECT * FROM lx_links JOIN lx_link_fields USING (link_id) WHERE lx_links.link_id=?', array($_REQUEST['id']));
if ($link) {
$DB->Update('INSERT INTO lx_reports VALUES (?,?,?,?,?)', array(null, $_REQUEST['id'], $_REQUEST['message'], MYSQL_NOW, $_SERVER['REMOTE_ADDR']));
$t->assign_by_ref('link', $link);
}
$t->display('report-submitted.tpl');
}
$blacklisted = CheckBlacklistComment($_REQUEST);
if ($blacklisted !== FALSE) {
$v->SetError(sprintf($L['BLACKLIST_MATCHED'], $blacklisted[0]['match'], $blacklisted[0]['reason']));
}
// See if this person has submitted a comment recently
$has_recent = FALSE;
if ($account !== FALSE) {
$has_recent = $DB->Count('SELECT COUNT(*) FROM lx_link_comments WHERE link_id=? AND (username=? OR email=? OR submit_ip=?) AND date_added >= DATE_ADD(?, INTERVAL ? SECOND)', array($_REQUEST['link_id'], $account['username'], $_REQUEST['email'], $_SERVER['REMOTE_ADDR'], MYSQL_NOW, -$C['comment_delay']));
} else {
$has_recent = $DB->Count('SELECT COUNT(*) FROM lx_link_comments WHERE link_id=? AND (email=? OR submit_ip=?) AND date_added >= DATE_ADD(?, INTERVAL ? SECOND)', array($_REQUEST['link_id'], $_REQUEST['email'], $_SERVER['REMOTE_ADDR'], MYSQL_NOW, -$C['comment_delay']));
}
if ($has_recent) {
$v->SetError(sprintf($L['COMMENT_LIMIT'], $C['comment_delay']));
}
// Check dsbl.org for spam submissions
if ($C['dsbl_comment'] && CheckDsbl($_SERVER['REMOTE_ADDR'])) {
$v->SetError($L['DSBL_MATCHED']);
}
if (!$v->Validate()) {
$errors = join('<br />', $v->GetErrors());
$t->assign('error', $errors);
$t->display('error-nice.tpl');
exit;
}
$link = $DB->Row('SELECT * FROM lx_links WHERE link_id=?', array($_REQUEST['link_id']));
if ($link) {
$status = $C['approve_comments'] ? 'pending' : 'approved';
$username = $account ? $account['username'] : '';
$DB->Update('INSERT INTO lx_link_comments VALUES (?,?,?,?,?,?,?,?,?)', array(null, $link['link_id'], $username, $_REQUEST['email'], $_REQUEST['name'], $_SERVER['REMOTE_ADDR'], MYSQL_NOW, $status, $_REQUEST['comment']));
if ($status == 'approved') {
$DB->Update('UPDATE lx_links SET comments=comments+1 WHERE link_id=?', array($link['link_id']));
function lxAddLink()
{
global $DB, $C, $L, $t;
$account = ValidUserLogin();
// Requiring user account to submit links
if ($C['user_for_links'] && !$account) {
$t->display('submit-info.tpl');
return;
}
if ($account) {
$_REQUEST['email'] = $account['email'];
$_REQUEST['name'] = $account['name'];
}
$_REQUEST['c'] = $_REQUEST['category_id'];
$v = new Validator();
$v->Register($_REQUEST['email'], V_EMAIL, $L['INVALID_EMAIL']);
$v->Register($_REQUEST['site_url'], V_URL, "{$L['INVALID_URL']}: {$L['SITE_URL']}");
$v->Register($_REQUEST['title'], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$L['TITLE']}");
$v->Register($_REQUEST['description'], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$L['DESCRIPTION']}");
$v->Register($_REQUEST['keywords'], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$L['KEYWORDS']}");
$v->Register($_REQUEST['name'], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$L['NAME']}");
$v->Register($_REQUEST['description'], V_LENGTH, sprintf($L['DESCRIPTION_LENGTH'], $C['min_desc_length'], $C['max_desc_length']), "{$C['min_desc_length']},{$C['max_desc_length']}");
$v->Register($_REQUEST['title'], V_LENGTH, sprintf($L['TITLE_LENGTH'], $C['min_title_length'], $C['max_title_length']), "{$C['min_title_length']},{$C['max_title_length']}");
// Format keywords and check number
$_REQUEST['keywords'] = FormatKeywords($_REQUEST['keywords']);
$keywords = explode(' ', $_REQUEST['keywords']);
$v->Register(count($keywords), V_LESS_EQ, sprintf($L['MAXIMUM_KEYWORDS'], $C['max_keywords']), $C['max_keywords']);
if (!empty($_REQUEST['password'])) {
$v->Register($_REQUEST['password'], V_EQUALS, $L['NO_PASSWORD_MATCH'], $_REQUEST['confirm_password']);
}
// See if URL already exists
if ($DB->Count('SELECT COUNT(*) FROM lx_links WHERE site_url=?', array($_REQUEST['site_url']))) {
$v->SetError($L['DUPLICATE_URL']);
}
// Validation of user defined fields
$fields =& GetUserLinkFields();
foreach ($fields as $field) {
if ($field['on_submit']) {
if ($field['required']) {
$v->Register($_REQUEST[$field['name']], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$field['label']}");
}
if ($field['validation']) {
$v->Register($_REQUEST[$field['name']], $field['validation'], $field['validation_message'], $field['validation_extras']);
}
}
}
// Verify captcha code
if ($C['link_captcha']) {
VerifyCaptcha($v);
}
$_REQUEST['allow_redirect'] = $account ? $account['allow_redirect'] : $C['allow_redirect'];
$_REQUEST['recip_required'] = $account ? $account['recip_required'] : $C['recip_required'];
// Scan link
$scan_result =& ScanLink($_REQUEST);
// Make sure site URL is working
if (!$scan_result['site_url']['working']) {
$v->SetError(sprintf($L['BROKEN_URL'], $L['SITE_URL'], $scan_result['site_url']['error']));
}
// Setup HTML code for blacklist check
$_REQUEST['html'] = $scan_result['site_url']['html'];
if (!empty($_REQUEST['recip_url'])) {
$_REQUEST['html'] .= ' ' . $scan_result['recip_url']['html'];
// Make sure recip URL is working
if (!$scan_result['recip_url']['working']) {
$v->SetError(sprintf($L['BROKEN_URL'], $L['RECIP_URL'], $scan_result['recip_url']['error']));
}
}
// Verify recip link was found
if ($_REQUEST['recip_required'] && !$scan_result['has_recip']) {
$v->SetError($L['NO_RECIP_FOUND']);
}
// Check blacklist
$blacklisted = CheckBlacklistLink($_REQUEST);
if ($blacklisted !== FALSE) {
$v->SetError(sprintf($L['BLACKLIST_MATCHED'], $blacklisted[0]['match'], $blacklisted[0]['reason']));
}
// Check dsbl.org for spam submissions
if ($C['dsbl_link'] && CheckDsbl($_SERVER['REMOTE_ADDR'])) {
$v->SetError($L['DSBL_MATCHED']);
}
// Get category information
$category = $DB->Row('SELECT * FROM lx_categories WHERE category_id=?', array($_REQUEST['category_id']));
if (!$category || $category['hidden']) {
$v->SetError($L['INVALID_CATEGORY']);
} else {
if ($category['status'] == 'locked') {
$v->SetError($L['CATEGORY_LOCKED']);
}
}
$category['path_parts'] = unserialize($category['path_parts']);
if (!$v->Validate()) {
$errors = join('<br />', $v->GetErrors());
lxShSubmit($errors);
return;
}
// Setup link status
$status = 'active';
if ($C['confirm_links'] && !$account) {
$status = 'unconfirmed';
} else {
if ($category['status'] == 'approval') {
$status = 'pending';
}
}
// Setup username and password values
$username = '';
$password = '';
if ($account) {
$username = $account['username'];
} else {
if ($_REQUEST['password']) {
$password = sha1($_REQUEST['password']);
}
}
$weight = $account ? $account['weight'] : $C['link_weight'];
// Insert link data
$DB->Update('INSERT INTO lx_links VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)', array(null, $_REQUEST['site_url'], $_REQUEST['recip_url'], $_REQUEST['title'], $_REQUEST['description'], $status, 'regular', DEF_EXPIRES, $_REQUEST['name'], $_REQUEST['email'], $_SERVER['REMOTE_ADDR'], $_REQUEST['keywords'], 0, 0, null, 0, 0, 0, $weight, MYSQL_NOW, 0, MYSQL_NOW, $_REQUEST['recip_required'], $_REQUEST['allow_redirect'], '', '', $username, $password, $scan_result['has_recip'], 0, ''));
$link_id = $DB->InsertID();
$sorter = $DB->Count('SELECT MAX(sorter) FROM lx_link_cats WHERE category_id=?', array($_REQUEST['category_id']));
$_REQUEST['link_id'] = $link_id;
$_REQUEST['status'] = $status;
// Insert category data
$DB->Update('INSERT INTO lx_link_cats VALUES (?,?,?)', array($link_id, $_REQUEST['category_id'], $sorter));
// Insert user defined fields
$query_data = CreateUserInsert('lx_link_fields', $_REQUEST);
$DB->Update('INSERT INTO lx_link_fields VALUES (' . $query_data['bind_list'] . ')', $query_data['binds']);
// Update category link count
if ($status == 'active') {
$DB->Update('UPDATE lx_categories SET links=links+1 WHERE category_id=?', array($_REQUEST['category_id']));
}
// Update account link count
if ($account) {
$DB->Update('UPDATE lx_users SET num_links=num_links+1 WHERE username=?', array($account['username']));
}
// Show confirmation page
$t->assign_by_ref('category', $category);
$t->assign_by_ref('user_fields', $fields);
$t->assign_by_ref('link', $_REQUEST);
$t->assign('status', $status);
// Send e-mail message
if ($status == 'unconfirmed') {
$confirm_id = sha1(uniqid(rand(), TRUE));
$DB->Update('INSERT INTO lx_link_confirms VALUES (?,?,?)', array($link_id, $confirm_id, time()));
$t->assign('confirm_id', $confirm_id);
SendMail($_REQUEST['email'], 'email-link-confirm.tpl', $t);
} else {
if ($C['email_links']) {
SendMail($_REQUEST['email'], 'email-link-added.tpl', $t);
}
}
$t->display('submit-added.tpl');
flush();
// Send e-mail to appropriate administrators
if ($status != 'unconfirmed') {
$result = $DB->Query('SELECT * FROM lx_administrators');
while ($admin = $DB->NextRow($result)) {
if ($admin['notifications'] & E_LINK_ADD) {
SendMail($admin['email'], 'email-admin-link-add.tpl', $t);
}
}
$DB->Free($result);
}
}
function lxCreateAccount()
{
global $DB, $C, $t, $L;
$v = new Validator();
$v->Register($_REQUEST['email'], V_EMAIL, $L['INVALID_EMAIL']);
$v->Register($_REQUEST['username'], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$L['USERNAME']}");
$v->Register($_REQUEST['password'], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$L['PASSWORD']}");
$v->Register($_REQUEST['username'], V_ALPHANUM, $L['INVALID_USERNAME']);
$v->Register($_REQUEST['username'], V_LENGTH, $L['USERNAME_LENGTH'], '3,32');
$v->Register($_REQUEST['password'], V_EQUALS, $L['NO_PASSWORD_MATCH'], $_REQUEST['confirm_password']);
$v->Register($_REQUEST['password'], V_LENGTH, $L['PASSWORD_LENGTH'], '4,9999');
$v->Register($_REQUEST['name'], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$L['NAME']}");
// Validation of user defined fields
$fields =& GetUserAccountFields();
foreach ($fields as $field) {
if ($field['on_create']) {
if ($field['required']) {
$v->Register($_REQUEST[$field['name']], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$field['label']}");
}
if ($field['validation']) {
$v->Register($_REQUEST[$field['name']], $field['validation'], $field['validation_message'], $field['validation_extras']);
}
}
}
// Username exists?
if ($DB->Count('SELECT COUNT(*) FROM lx_users WHERE username=?', array($_REQUEST['username']))) {
$v->SetError($L['DUPLICATE_USER']);
}
// E-mail exists?
if ($DB->Count('SELECT COUNT(*) FROM lx_users WHERE email=?', array($_REQUEST['email']))) {
$v->SetError($L['DUPLICATE_EMAIL']);
}
// Verify captcha code
if ($C['account_captcha']) {
VerifyCaptcha($v);
}
// Check dsbl.org for spam submissions
if ($C['dsbl_account'] && CheckDsbl($_SERVER['REMOTE_ADDR'])) {
$v->SetError($L['DSBL_MATCHED']);
}
// Check blacklist
$blacklisted = CheckBlacklistAccount($_REQUEST);
if ($blacklisted !== FALSE) {
$v->SetError(sprintf($L['BLACKLIST_MATCHED'], $blacklisted[0]['match'], $blacklisted[0]['reason']));
}
if (!$v->Validate()) {
$errors = join('<br />', $v->GetErrors());
lxShRegister($errors);
return;
}
$status = 'active';
$confirm_id = '';
// Confirm accounts by e-mail
if ($C['confirm_accounts']) {
$status = 'unconfirmed';
} else {
if ($C['approve_accounts']) {
$status = 'pending';
}
}
// Add pre-defined data
$DB->Update('INSERT INTO lx_users VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?)', array($_REQUEST['username'], sha1($_REQUEST['password']), $_REQUEST['name'], $_REQUEST['email'], MYSQL_NOW, null, $status, '', 0, 0, $C['recip_required'], $C['allow_redirect'], $C['link_weight']));
// Add user defined fields
$query_data = CreateUserInsert('lx_user_fields', $_REQUEST);
$DB->Update('INSERT INTO lx_user_fields VALUES (' . $query_data['bind_list'] . ')', $query_data['binds']);
// Setup template values
$t->assign_by_ref('user_fields', $fields);
$t->assign_by_ref('account', $_REQUEST);
$t->assign('status', $status);
// Send e-mail message
if ($status == 'unconfirmed') {
$confirm_id = sha1(uniqid(rand(), TRUE));
$DB->Update('INSERT INTO lx_user_confirms VALUES (?,?,?)', array($_REQUEST['username'], $confirm_id, time()));
$t->assign('confirm_id', $confirm_id);
SendMail($_REQUEST['email'], 'email-account-confirm.tpl', $t);
} else {
if ($C['email_accounts']) {
SendMail($_REQUEST['email'], 'email-account-added.tpl', $t);
}
}
// Display confirmation page
$t->display('account-created.tpl');
}
if ($C['user_for_rate']) {
$account = ValidUserLogin();
if ($account === FALSE || $account['status'] != 'active') {
if ($account === FALSE) {
$v->SetError($L['INVALID_LOGIN']);
} else {
if ($account['status'] == 'suspended') {
$v->SetError($L['SUSPENDED_ACCOUNT']);
} else {
$v->SetError($L['PENDING_ACCOUNT']);
}
}
}
}
// Check dsbl.org for spam submissions
if ($C['dsbl_rate'] && CheckDsbl($_SERVER['REMOTE_ADDR'])) {
$v->SetError($L['DSBL_MATCHED']);
}
if (!$v->Validate()) {
$errors = join('<br />', $v->GetErrors());
$t->assign('error', $errors);
$t->display('error-nice.tpl');
exit;
}
// See if this person has rated this link already
$has_rated = FALSE;
if ($account) {
$has_rated = $DB->Count('SELECT COUNT(*) FROM lx_link_ratings WHERE link_id=? AND (username=? OR submit_ip=?)', array($_REQUEST['link_id'], $account['username'], $_SERVER['REMOTE_ADDR']));
} else {
$has_rated = $DB->Count('SELECT COUNT(*) FROM lx_link_ratings WHERE link_id=? AND submit_ip=?', array($_REQUEST['link_id'], $_SERVER['REMOTE_ADDR']));
}
