function flattr_set_flattrID($user_id, $flattr_id)
{
//If the new ID is different from current
$current_id = flattr_get_flattrID($user_id);
if (strcmp($flattr_id, $current_id)) {
//set it
if ($current_id === NULL) {
$sql = "INSERT INTO " . PREFIX . "flattr SET flattrID='" . sql_safe($flattr_id) . "', user_id='" . sql_safe($user_id) . "';";
} else {
$sql = "UPDATE " . PREFIX . "flattr SET flattrID='" . sql_safe($flattr_id) . "' WHERE user_id='" . sql_safe($user_id) . "';";
}
message_try_mysql($sql, "214776", _("New Flattr ID set"));
}
}
function category_receive()
{
if (isset($_POST['save_category'])) {
$sql = "";
if (isset($_POST['category_id'])) {
//Check that user has ownership here
if (!category_get_user_privilege($_SESSION['user_id'], $_POST['category_id'])) {
add_error(sprintf(_("Access denied (%s)"), 341053));
} else {
$sql = "UPDATE task_category SET \n\t\t\t\t`name`='" . sql_safe($_POST['name']) . "',\n\t\t\t\t`description`='" . sql_safe($_POST['description']) . "'\n\t\t\t\tWHERE id=" . sql_safe($_POST['category_id']) . ";";
}
} else {
$sql = "INSERT INTO task_category SET \n\t\t\tcreator='" . sql_safe($_SESSION['user_id']) . "',\n\t\t\t`name`='" . sql_safe($_POST['name']) . "',\n\t\t\t`description`='" . sql_safe($_POST['description']) . "';";
}
if ($sql != "") {
message_try_mysql($sql, 531220, _("Category saved"));
// preprint($sql);
}
}
}
function task_receive()
{
if (isset($_REQUEST['task_delete'])) {
//Check the user is logged in and see if it is the owner
if (login_check_logged_in_mini() > 0) {
$task = task_get($_SESSION['user_id'], $_REQUEST['task_delete']);
if (!empty($task)) {
$sql = "DELETE FROM task WHERE id=" . $task[0]['id'] . ";";
message_try_mysql($sql, 152023, _("Task successfully removed"));
}
} else {
echo "no";
}
}
if (isset($_POST['save_task'])) {
if ($_POST['task_category_id'] == "NULL") {
$task_category_id = category_add_empty();
} else {
$task_category_id = $_POST['task_category_id'];
}
if ($task_category_id) {
$sql = "";
if (isset($_POST['task_id'])) {
//Check that user has ownership here
if (!task_get_user_privilege($_SESSION['user_id'], $_POST['task_id'])) {
add_error(sprintf(_("Access denied (%s)"), 341053));
} else {
$sql = "UPDATE task SET \n\t\t\t\t\t`task_category_id`='" . sql_safe($task_category_id) . "',\n\t\t\t\t\t`name`='" . sql_safe($_POST['name']) . "',\n\t\t\t\t\t`description`='" . sql_safe($_POST['description']) . "'\n\t\t\t\t\tWHERE id=" . sql_safe($_POST['task_id']) . ";";
}
} else {
$sql = "INSERT INTO task SET \n\t\t\t\tcreator='" . sql_safe($_SESSION['user_id']) . "',\n\t\t\t\t`task_category_id`='" . sql_safe($task_category_id) . "',\n\t\t\t\t`name`='" . sql_safe($_POST['name']) . "',\n\t\t\t\t`description`='" . sql_safe($_POST['description']) . "';";
}
if ($sql != "") {
message_try_mysql($sql, 531220, _("Task saved"));
}
}
}
}
function comment_receive()
{
$inloggad = login_check_logged_in_mini();
if (isset($_POST['addcomment'])) {
// echo preprint($_POST);
// echo "<br />DEBUG1832: isset(\$_POST['addcomment']))";
//Om man inte är inloggad måste man ange captcha
if ($inloggad < 1 && !isset($_POST['addcomment_captcha'])) {
//Kanske hämta det man kommenterar på här sen... ?
echo "<h2>Adding comment</h2><form method=\"post\">";
//Släng med postat data...
echo "<p>Name: " . $_POST['nick'] . "<input type=\"hidden\" name=\"nick\" value=\"" . $_POST['nick'] . "\">";
echo "<br />Email: " . $_POST['email'] . "<input type=\"hidden\" name=\"email\" value=\"" . $_POST['email'] . "\">";
echo "<br />Website: " . $_POST['url'] . "<input type=\"hidden\" name=\"url\" value=\"" . $_POST['url'] . "\">";
echo "<br />Flattr ID: " . $_POST['flattrID'] . "<input type=\"hidden\" name=\"flattrID\" value=\"" . $_POST['flattrID'] . "\"></p>";
echo "<p>Comment:<br />" . $_POST['comment'] . "<input type=\"hidden\" name=\"comment\" value=\"" . $_POST['comment'] . "\"></p>";
echo "<input type=\"hidden\" name=\"id\" value=\"" . $_POST['id'] . "\">";
echo "<input type=\"hidden\" name=\"type\" value=\"" . $_POST['type'] . "\">";
echo "<input type=\"hidden\" name=\"addcomment\" value=\"" . $_POST['addcomment'] . "\">";
//Visa captcha
require_once 'functions/recaptchalib.php';
echo recaptcha_get_html(ReCaptcha_publickey);
echo "<p>Log in to get rid of the need of captchas...</p>";
echo "<input type=\"submit\" name=\"addcomment_captcha\" value=\"" . _("Send") . "\">";
echo "</form>";
} else {
if ($inloggad < 1 && isset($_POST['addcomment_captcha'])) {
require_once 'functions/recaptchalib.php';
$resp = recaptcha_check_answer(ReCaptcha_privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
}
}
if ($inloggad < 1 && isset($_POST['addcomment_captcha']) && !$resp->is_valid) {
// What happens when the CAPTCHA was entered incorrectly
die("The reCAPTCHA wasn't entered correctly. Go back and try it again." . "(reCAPTCHA said: " . $resp->error . ")");
} else {
if ($inloggad > 0 || isset($_POST['addcomment_captcha']) && $resp->is_valid) {
if (login_check_logged_in_mini() > 0) {
$user = $_SESSION[PREFIX . "user_id"];
} else {
$user = '******';
}
$IP = $_SERVER['REMOTE_ADDR'];
//Lägg till en kommentar
$sql = "INSERT INTO " . PREFIX . "comment SET\n\t\t\tcomment_type='" . sql_safe($_POST['type']) . "',\n\t\t\tcomment_on=" . sql_safe($_POST['id']) . ",\n\t\t\tuser="******",\n\t\t\tcomment='" . sql_safe($_POST['comment']) . "',\n\t\t\tadded='" . date("YmdHis") . "',\n\t\t\tIP='" . sql_safe($IP) . "';";
// echo "<br />DEBUG 1225: $sql";
message_try_mysql($sql, "102472");
$id = mysql_insert_id();
if (isset($_POST['nick'])) {
$sql = "UPDATE " . PREFIX . "comment SET nick='" . sql_safe($_POST['nick']) . "'\n\t\t\t\tWHERE id={$id};";
mysql_query($sql);
}
if (isset($_POST['email'])) {
$sql = "UPDATE " . PREFIX . "comment SET email='" . sql_safe($_POST['email']) . "'\n\t\t\t\tWHERE id={$id};";
mysql_query($sql);
}
if (isset($_POST['url'])) {
$sql = "UPDATE " . PREFIX . "comment SET url='" . sql_safe($_POST['url']) . "'\n\t\t\t\tWHERE id={$id};";
mysql_query($sql);
}
if (isset($_POST['flattrID'])) {
$sql = "UPDATE " . PREFIX . "comment SET flattrID='" . sql_safe($_POST['flattrID']) . "'\n\t\t\t\tWHERE id={$id};";
mysql_query($sql);
}
}
}
} else {
// echo "<br />DEBUG1832: !isset(\$_POST['addcomment']))";
if ($inloggad > 1) {
if (isset($_POST['deletecomment'])) {
$sql = "DELETE FROM " . PREFIX . "comment WHERE id=" . sql_safe($_POST['id']) . ";";
// echo "<br />DEBUG 2020: $sql";
mysql_query($sql);
}
} else {
if ($inloggad > 0) {
if (isset($_POST['deletecomment'])) {
if ($aa = mysql_query("SELECT user from " . PREFIX . "comment WHERE id=" . sql_safe($_POST['id']) . ";")) {
if ($a = mysql_fetch_array($aa)) {
//Kolla om det är användarens kommentar.
if (!strcmp($a['user'], $_SESSION[PREFIX . "user_id"])) {
//Kolla så att det inte finns några svar
if ($dd = mysql_query("SELECT id from " . PREFIX . "comment WHERE comment_on=" . sql_safe($_POST['id']) . " AND comment_type='comment';")) {
if (mysql_affected_rows() < 1) {
$sql = "DELETE FROM " . PREFIX . "comment WHERE id=" . sql_safe($_POST['id']) . ";";
// echo "<br />DEBUG 2021: $sql";
mysql_query($sql);
}
}
}
}
}
}
}
}
}
}
function feedback_set_all_checked_in_as_resolved()
{
$sql = "UPDATE " . PREFIX . "feedback SET resolved=NOW() WHERE resolved IS NULL AND checked_in IS NOT NULL;";
message_try_mysql($sql, "18361419", _("All feedbacks that was checked in are now set to live"));
}
