function qa_create_new_user($email, $password, $handle, $level = QA_USER_LEVEL_BASIC, $confirmed = false) { require_once QA_INCLUDE_DIR . 'qa-db-users.php'; require_once QA_INCLUDE_DIR . 'qa-db-points.php'; require_once QA_INCLUDE_DIR . 'qa-app-options.php'; require_once QA_INCLUDE_DIR . 'qa-app-emails.php'; require_once QA_INCLUDE_DIR . 'qa-app-cookies.php'; $userid = qa_db_user_create($email, $password, $handle, $level, qa_remote_ip_address()); qa_db_points_update_ifuser($userid, null); qa_db_uapprovecount_update(); if ($confirmed) { qa_db_user_set_flag($userid, QA_USER_FLAGS_EMAIL_CONFIRMED, true); } if (qa_opt('show_notice_welcome')) { qa_db_user_set_flag($userid, QA_USER_FLAGS_WELCOME_NOTICE, true); } $custom = qa_opt('show_custom_welcome') ? trim(qa_opt('custom_welcome')) : ''; if (qa_opt('confirm_user_emails') && $level < QA_USER_LEVEL_EXPERT && !$confirmed) { $confirm = strtr(qa_lang('emails/welcome_confirm'), array('^url' => qa_get_new_confirm_url($userid, $handle))); if (qa_opt('confirm_user_required')) { qa_db_user_set_flag($userid, QA_USER_FLAGS_MUST_CONFIRM, true); } } else { $confirm = ''; } if (qa_opt('moderate_users') && qa_opt('approve_user_required') && $level < QA_USER_LEVEL_EXPERT) { qa_db_user_set_flag($userid, QA_USER_FLAGS_MUST_APPROVE, true); } qw_send_notification($userid, $email, $handle, qa_lang('emails/welcome_subject'), nl2br(qa_lang('emails/welcome_body')), array('^password' => isset($password) ? qa_lang('main/hidden') : qa_lang('users/password_to_set'), '^url' => qa_opt('site_url'), '^custom' => strlen($custom) ? $custom . "\n\n" : '', '^confirm' => $confirm)); qa_report_event('u_register', $userid, $handle, qa_cookie_get(), array('email' => $email, 'level' => $level)); return $userid; }
function mp_announcement_create($userid, $handle, $cookieid, $title, $content, $format, $text, $notify, $categoryid) { /* * Proceeds to create an announcement * */ require_once QA_INCLUDE_DIR . 'qa-db-post-create.php'; require_once QA_INCLUDE_DIR . 'qa-app-emails.php'; require_once QA_INCLUDE_DIR . 'mp-app-users.php'; // persist data to database $postid = qa_db_post_create('AN', null, $userid, $cookieid, qa_remote_ip_address(), $title, $content, $format, null, $notify, $categoryid); qa_user_report_action(qa_get_logged_in_userid(), null, null, null, null); // update new post with category path hierarchy qa_db_posts_calc_category_path($postid); // send notifications if ($notify && isset($postid)) { $category = mp_get_categoryinfo($categoryid); $recipients = mp_get_category_userids($categoryid); foreach ($recipients as $recipient) { // retrieve the user flags $userflags = mp_get_user_flags($recipient['userid']); // check user flags to determine whether user should be notified or not // of the new answer post if (!($userflags & QA_USER_FLAGS_NOTIFY_ANNOUNCEMENTS)) { qa_send_notification($recipient['userid'], null, null, qa_lang('emails/an_posted_subject'), qa_lang('emails/an_posted_body'), array('^an_handle' => $handle, '^category_title' => $category['title'], '^an_title' => $title, '^an_url' => qa_path('mp-announcements-page', null, qa_opt('site_url'), null, null))); } } } // report announcement create event qa_report_event('an_post', $userid, $handle, $cookieid, array('postid' => $postid, 'title' => $title, 'content' => $content, 'format' => $format, 'text' => $text, 'categoryid' => $categoryid, 'notify' => $notify)); return $postid; }
function process_event($event, $userid, $handle, $cookieid, $params) { qw_do_action('qw_event_' . $event, $event, $userid, $handle, $cookieid, $params); if (qa_opt('event_logger_to_database')) { $paramstring = ''; foreach ($params as $key => $value) { $value_to_text = $this->value_to_text($value, $key); $value = is_array($value) ? 'array(' . count($value) . ')' . "\t" . $value_to_text : $value_to_text; $paramstring .= (strlen($paramstring) ? "\t" : '') . $key . '=' . $value; } $paramstring = strtr($paramstring, "\n\r", ' '); qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $userid, $handle, $cookieid, $event, $paramstring); } if (qa_opt('event_logger_to_files')) { // Substitute some placeholders if certain information is missing if (!strlen($userid)) { $userid = 'no_userid'; } if (!strlen($handle)) { $handle = 'no_handle'; } if (!strlen($cookieid)) { $cookieid = 'no_cookieid'; } $ip = qa_remote_ip_address(); if (!strlen($ip)) { $ip = 'no_ipaddress'; } // Build the log file line to be written $fixedfields = array('Date' => date('Y\\-m\\-d'), 'Time' => date('H\\:i\\:s'), 'IPaddress' => $ip, 'UserID' => $userid, 'Username' => $handle, 'CookieID' => $cookieid, 'Event' => $event); $fields = $fixedfields; foreach ($params as $key => $value) { $fields['param_' . $key] = $key . '=' . $this->value_to_text($value, $key); } $string = implode("\t", $fields); // Build the full path and file name $directory = qa_opt('event_logger_directory'); if (substr($directory, -1) != '/') { $directory .= '/'; } $filename = $directory . 'q2a-log-' . date('Y\\-m\\-d') . '.txt'; // Open, lock, write, unlock, close (to prevent interference between multiple writes) $exists = file_exists($filename); $file = @fopen($filename, 'a'); if (is_resource($file)) { if (flock($file, LOCK_EX)) { if (!$exists && filesize($filename) === 0 && !qa_opt('event_logger_hide_header')) { $string = "Question2Answer " . QA_VERSION . " log file generated by Event Logger plugin.\n" . "This file is formatted as tab-delimited text with UTF-8 encoding.\n\n" . implode("\t", array_keys($fixedfields)) . "\textras...\n\n" . $string; } fwrite($file, $string . "\n"); flock($file, LOCK_UN); } fclose($file); } } }
function validate_post(&$error) { if (!empty($_POST['recaptcha_challenge_field']) && !empty($_POST['recaptcha_response_field'])) { require_once $this->directory . 'recaptchalib.php'; $answer = recaptcha_check_answer(qa_opt('recaptcha_private_key'), qa_remote_ip_address(), $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']); if ($answer->is_valid) { return true; } $error = @$answer->error; } return false; }
/** * Check that the CAPTCHA was entered correctly. reCAPTCHA sets a long string in 'g-recaptcha-response' * when the CAPTCHA is completed; we check that with the reCAPTCHA API. */ public function validate_post(&$error) { require_once $this->directory . 'recaptchalib.php'; $recaptcha = new ReCaptcha(qa_opt('recaptcha_private_key')); $remoteIp = qa_remote_ip_address(); $userResponse = qa_post_text('g-recaptcha-response'); $recResponse = $recaptcha->verifyResponse($remoteIp, $userResponse); foreach ($recResponse->errorCodes as $code) { if (isset($this->errorCodeMessages[$code])) { $error .= $this->errorCodeMessages[$code] . "\n"; } } return $recResponse->success; }
function qa_db_hotness_update($firstpostid, $lastpostid = null, $viewincrement = false) { if (qa_should_update_counts()) { if (!isset($lastpostid)) { $lastpostid = $firstpostid; } $query = 'UPDATE ^posts AS x, (SELECT parents.postid, parents.created AS qcreated, COALESCE(MAX(children.created), parents.created) as acreated, COUNT(children.postid) AS acount, parents.netvotes, parents.views FROM ^posts AS parents LEFT JOIN ^posts AS children ON parents.postid=children.parentid AND children.type=\'A\' WHERE parents.postid>=# AND parents.postid<=# AND parents.type=\'Q\' GROUP BY postid) AS a SET x.hotness=(' . '((TO_DAYS(a.qcreated)-734138)*86400.0+TIME_TO_SEC(a.qcreated))*# + ' . '((TO_DAYS(a.acreated)-734138)*86400.0+TIME_TO_SEC(a.acreated))*# + ' . '(a.acount+0.0)*# + ' . '(a.netvotes+0.0)*# + ' . '(a.views+0.0+#)*#' . ')' . ($viewincrement ? ', x.views=x.views+1, x.lastviewip=INET_ATON($)' : '') . ' WHERE x.postid=a.postid'; // Additional multiples based on empirical analysis of activity on Q2A meta site to give approx equal influence for all factors $arguments = array($firstpostid, $lastpostid, qa_opt('hot_weight_q_age'), qa_opt('hot_weight_a_age'), qa_opt('hot_weight_answers') * 160000, qa_opt('hot_weight_votes') * 160000, $viewincrement ? 1 : 0, qa_opt('hot_weight_views') * 4000); if ($viewincrement) { $arguments[] = qa_remote_ip_address(); } qa_db_query_raw(qa_db_apply_sub($query, $arguments)); } }
function qa_captcha_validate($form, &$errors) { if (qa_captcha_possible()) { require_once QA_INCLUDE_DIR . 'qa-recaptchalib.php'; if (!empty($form['recaptcha_challenge_field']) && !empty($form['recaptcha_response_field'])) { $answer = recaptcha_check_answer(qa_opt('recaptcha_private_key'), qa_remote_ip_address(), @$form['recaptcha_challenge_field'], @$form['recaptcha_response_field']); if (!$answer->is_valid) { $errors['captcha'] = @$answer->error; } } else { $errors['captcha'] = true; } // empty error but still set it } }
function process_event($event, $userid, $handle, $cookieid, $params) { if (!qa_opt('event_logger_to_database')) { return; } $twoway = array('a_select', 'a_unselect', 'q_vote_up', 'a_vote_up', 'q_vote_down', 'a_vote_down', 'q_vote_nil', 'a_vote_nil', 'q_flag', 'a_flag', 'c_flag', 'q_unflag', 'a_unflag', 'c_unflag', 'u_edit', 'u_level', 'u_block', 'u_unblock'); $special = array('a_post', 'c_post'); if (in_array($event, $twoway)) { if (strpos($event, 'u_') === 0) { $uid = $params['userid']; } else { $uid = qa_db_read_one_value(qa_db_query_sub('SELECT userid FROM ^posts WHERE postid=#', $params['postid']), true); } if ($uid != $userid) { $ohandle = $this->getHandleFromId($uid); $oevent = 'in_' . $event; $paramstring = ''; foreach ($params as $key => $value) { $paramstring .= (strlen($paramstring) ? "\t" : '') . $key . '=' . $this->value_to_text($value); } qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $uid, $ohandle, $cookieid, $oevent, $paramstring); } } // comments and answers if (in_array($event, $special)) { $pid = qa_db_read_one_value(qa_db_query_sub('SELECT userid FROM ^posts WHERE postid=#', $params['parentid']), true); if ($pid != $userid) { $ohandle = $this->getHandleFromId($pid); switch ($event) { case 'a_post': $oevent = 'in_a_question'; break; case 'c_post': if ($params['parenttype'] == 'Q') { $oevent = 'in_c_question'; } else { $oevent = 'in_c_answer'; } break; } $paramstring = ''; foreach ($params as $key => $value) { $paramstring .= (strlen($paramstring) ? "\t" : '') . $key . '=' . $this->value_to_text($value); } qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $pid, $ohandle, $cookieid, $oevent, $paramstring); } } }
function qa_page_queue_pending() { if (qa_to_override(__FUNCTION__)) { $args = func_get_args(); return qa_call_override(__FUNCTION__, $args); } qa_preload_options(); $loginuserid = qa_get_logged_in_userid(); if (isset($loginuserid)) { if (!QA_FINAL_EXTERNAL_USERS) { qa_db_queue_pending_select('loggedinuser', qa_db_user_account_selectspec($loginuserid, true)); } qa_db_queue_pending_select('notices', qa_db_user_notices_selectspec($loginuserid)); qa_db_queue_pending_select('favoritenonqs', qa_db_user_favorite_non_qs_selectspec($loginuserid)); qa_db_queue_pending_select('userlimits', qa_db_user_limits_selectspec($loginuserid)); qa_db_queue_pending_select('userlevels', qa_db_user_levels_selectspec($loginuserid, true)); } qa_db_queue_pending_select('iplimits', qa_db_ip_limits_selectspec(qa_remote_ip_address())); qa_db_queue_pending_select('navpages', qa_db_pages_selectspec(array('B', 'M', 'O', 'F'))); qa_db_queue_pending_select('widgets', qa_db_widgets_selectspec()); }
function process_event($event, $userid, $handle, $cookieid, $params) { if (!qa_opt('event_logger_to_database')) { return; } // needed for function qa_post_userid_to_handle() require_once QA_INCLUDE_DIR . 'qa-app-posts.php'; $twoway = array('a_select', 'q_vote_up', 'a_vote_up', 'q_vote_down', 'a_vote_down'); $special = array('a_post', 'c_post'); if (in_array($event, $twoway)) { if (strpos($event, 'u_') === 0) { $uid = $params['userid']; } else { $uid = qa_db_read_one_value(qa_db_query_sub('SELECT userid FROM ^posts WHERE postid=#', $params['postid']), true); } if ($uid != $userid) { $ohandle = qa_post_userid_to_handle($uid); $oevent = 'in_' . $event; $paramstring = ''; foreach ($params as $key => $value) { $paramstring .= (strlen($paramstring) ? "\t" : '') . $key . '=' . $this->value_to_text($value); } // write in_ events to qa_eventlog qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $uid, $ohandle, $cookieid, $oevent, $paramstring); } } // comments and answers if (in_array($event, $special)) { // userid (recent C) $uid = qa_db_read_one_value(qa_db_query_sub('SELECT userid FROM ^posts WHERE postid=#', $params['postid']), true); // userid (QA) $pid = qa_db_read_one_value(qa_db_query_sub('SELECT userid FROM ^posts WHERE postid=#', $params['parentid']), true); // if QA poster is not the same as commenter if ($pid != $userid) { $ohandle = qa_post_userid_to_handle($pid); switch ($event) { case 'a_post': $oevent = 'in_a_question'; break; case 'c_post': if ($params['parenttype'] == 'Q') { $oevent = 'in_c_question'; } else { $oevent = 'in_c_answer'; } break; } $paramstring = ''; foreach ($params as $key => $value) { $paramstring .= (strlen($paramstring) ? "\t" : '') . $key . '=' . $this->value_to_text($value); } qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $pid, $ohandle, $cookieid, $oevent, $paramstring); } // q2apro: added logging for comments in thread if ($event == 'c_post') { $oevent = 'in_c_comment'; // check if we have more comments to the parent // DISTINCT: if a user has more than 1 comment just select him unique to inform him only once $precCommentsQuery = qa_db_query_sub('SELECT DISTINCT userid FROM `^posts` WHERE `parentid` = # AND `type` = "C" AND `userid` IS NOT NULL ', $params['parentid']); while (($comment = qa_db_read_one_assoc($precCommentsQuery, true)) !== null) { $userid_CommThr = $comment['userid']; // unique // don't inform user that comments, and don't inform user that comments on his own question/answer if ($userid_CommThr != $uid && $userid_CommThr != $pid) { $ohandle = qa_post_userid_to_handle($userid_CommThr); $paramstring = ''; foreach ($params as $key => $value) { $paramstring .= (strlen($paramstring) ? "\t" : '') . $key . '=' . $this->value_to_text($value); } qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $userid_CommThr, $ohandle, $cookieid, $oevent, $paramstring); } } } // end in_c_comment } // end in_array }
function qa_user_report_action($userid, $action, $questionid, $answerid, $commentid) { require_once QA_INCLUDE_DIR . 'qa-db-users.php'; qa_db_user_written($userid, qa_remote_ip_address()); }
function qa_limits_increment($userid, $action) { if (qa_to_override(__FUNCTION__)) { $args = func_get_args(); return qa_call_override(__FUNCTION__, $args); } require_once QA_INCLUDE_DIR . 'qa-db-limits.php'; $period = (int) (qa_opt('db_time') / 3600); if (isset($userid)) { qa_db_limits_user_add($userid, $action, $period, 1); } qa_db_limits_ip_add(qa_remote_ip_address(), $action, $period, 1); }
function award_badge($object_id, $user_id, $badge_slug, $badge_badge = false) { if (!$user_id) { return; } // add badge to userbadges qa_db_query_sub('INSERT INTO ^userbadges (awarded_at, notify, object_id, user_id, badge_slug, id) ' . 'VALUES (NOW(), 1, #, #, $, 0)', $object_id, $user_id, $badge_slug); if (qa_opt('event_logger_to_database')) { // add event $handle = qa_getHandleFromId($user_id); qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $user_id, $handle, qa_cookie_get_create(), 'badge_awarded', 'badge_slug=' . $badge_slug . ($object_id ? "\t" . 'postid=' . $object_id : '')); } if (qa_opt('badge_email_notify')) { qa_badge_notification($user_id, $object_id, $badge_slug); } // check for sheer number of badges, unless this badge was for number of badges (avoid recursion!) if (!$badge_badge) { $this->check_badges($user_id); } }
function qa_cookie_report_action($cookieid, $action) { require_once QA_INCLUDE_DIR . 'qa-db-cookies.php'; qa_db_cookie_written($cookieid, qa_remote_ip_address()); }
function qa_comment_set_hidden($oldcomment, $hidden, $userid, $handle, $cookieid, $question, $answer) { qa_post_unindex($oldcomment['postid']); qa_db_post_set_type($oldcomment['postid'], $hidden ? 'C_HIDDEN' : 'C', $userid, qa_remote_ip_address()); qa_db_points_update_ifuser($oldcomment['userid'], array('cposts')); qa_db_ccount_update(); if (!($hidden || $question['hidden'] || @$answer['hidden'])) { // only index if none of the things it depends on are hidden require_once QA_INCLUDE_DIR . 'qa-app-format.php'; qa_post_index($oldcomment['postid'], 'C', $question['postid'], null, qa_viewer_text($oldcomment['content'], $oldcomment['format']), null); } qa_report_event($hidden ? 'c_hide' : 'c_reshow', $userid, $handle, $cookieid, array('postid' => $oldcomment['postid'], 'parentid' => $oldcomment['parentid'], 'parenttype' => isset($answer) ? $answer['basetype'] : $question['basetype'], 'questionid' => $question['postid'])); }
function qa_badge_award_check($badges, $var, $uid, $oid = NULL, $notify = 1) { // oid is the postid (if), notify = 1 for email and popup, 2 for just popup. if (!$uid) { return; } $awarded = array(); foreach ($badges as $badge_slug) { if (($var === false || (int) $var >= (int) qa_opt('badge_' . $badge_slug . '_var')) && qa_opt('badge_' . $badge_slug . '_enabled') !== '0') { if ($oid) { $result = @qa_db_read_one_value(qa_db_query_sub('SELECT badge_slug FROM ^userbadges WHERE user_id=# AND badge_slug=$ AND object_id=#', $uid, $badge_slug, $oid), true); } else { $result = @qa_db_read_one_value(qa_db_query_sub('SELECT badge_slug FROM ^userbadges WHERE user_id=# AND badge_slug=$', $uid, $badge_slug), true); } if ($result == null) { // not already awarded this badge qa_db_query_sub('INSERT INTO ^userbadges (awarded_at, notify, object_id, user_id, badge_slug, id) ' . 'VALUES (NOW(), #, #, #, #, 0)', $notify, $oid, $uid, $badge_slug); if ($notify > 0) { //qa_db_usernotice_create($uid, $content, 'html'); if (qa_opt('badge_email_notify') && $notify == 1) { qa_badge_notification($uid, $oid, $badge_slug); } if (qa_opt('event_logger_to_database')) { // add event $handle = qa_getHandleFromId($uid); qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $uid, $handle, qa_cookie_get_create(), 'badge_awarded', 'badge_slug=' . $badge_slug . ($oid ? "\t" . 'postid=' . $oid : '')); } } array_push($awarded, $badge_slug); } } } return $awarded; }
} if ($question['basetype'] == 'Q') { $qa_content['a_list']['title_tags'] = 'id="a_list_title"'; if ($countfortitle > 0) { $split = $countfortitle == 1 ? qa_lang_html_sub_split('question/1_answer_title', '1', '1') : qa_lang_html_sub_split('question/x_answers_title', $countfortitle); if ($microdata) { $split['data'] = '<span itemprop="answerCount">' . $split['data'] . '</span>'; } $qa_content['a_list']['title'] = $split['prefix'] . $split['data'] . $split['suffix']; } else { $qa_content['a_list']['title_tags'] .= ' style="display:none;" '; } } if (!$formrequested) { $qa_content['page_links'] = qa_html_page_links(qa_request(), $pagestart, $pagesize, $countforpages, qa_opt('pages_prev_next'), array(), false, 'a_list_title'); } // Some generally useful stuff if (qa_using_categories() && count($categories)) { $qa_content['navigation']['cat'] = qa_category_navigation($categories, $question['categoryid']); } if (isset($jumptoanchor)) { $qa_content['script_onloads'][] = array('qa_scroll_page_to($("#"+' . qa_js($jumptoanchor) . ').offset().top);'); } // Determine whether this request should be counted for page view statistics if (qa_opt('do_count_q_views') && !$formrequested && !qa_is_http_post() && qa_is_human_probably() && (!$question['views'] || ($question['lastviewip'] != qa_remote_ip_address() || !isset($question['lastviewip'])) && ($question['createip'] != qa_remote_ip_address() || !isset($question['createip'])) && ($question['userid'] != $userid || !isset($question['userid'])) && ($question['cookieid'] != $cookieid || !isset($question['cookieid'])))) { $qa_content['inc_views_postid'] = $questionid; } return $qa_content; /* Omit PHP closing tag to help avoid accidental output */
/** * Outputs cache to the user */ private function get_cache() { global $qa_usage; qa_db_connect('qa_page_db_fail_handler'); qa_page_queue_pending(); qa_load_state(); qa_check_login_modules(); qa_check_page_clicks(); $contents = @file_get_contents($this->cache_file); if (!$contents) { return; } //cache failure, graceful exit $qa_content = array(); // Dummy contents $userid = qa_get_logged_in_userid(); $questionid = qa_request_part(0); $cookieid = qa_cookie_get(true); if (is_numeric($questionid)) { $question = qa_db_select_with_pending(qa_db_full_post_selectspec($userid, $questionid)); if (is_numeric($questionid) && qa_opt('do_count_q_views') && !$this->post_method && !qa_is_http_post() && qa_is_human_probably() && (!$question['views'] || ($question['lastviewip'] != qa_remote_ip_address() || !isset($question['lastviewip'])) && ($question['createip'] != qa_remote_ip_address() || !isset($question['createip'])) && ($question['userid'] != $userid || !isset($question['userid'])) && ($question['cookieid'] != $cookieid || !isset($question['cookieid'])))) { $qa_content['inc_views_postid'] = $questionid; } else { $qa_content['inc_views_postid'] = null; } qa_do_content_stats($qa_content); } if (QA_DEBUG_PERFORMANCE) { ob_start(); $qa_usage->output(); $contents .= ob_get_contents(); ob_end_clean(); } qa_db_disconnect(); exit($contents); }
function qa_comment_set_hidden($oldcomment, $hidden, $userid, $handle, $cookieid, $question, $parent) { require_once QA_INCLUDE_DIR . 'qa-app-format.php'; if (!isset($parent)) { $parent = $question; } // for backwards compatibility with old answer parameter $wasqueued = $oldcomment['type'] == 'C_QUEUED'; qa_post_unindex($oldcomment['postid']); $setupdated = $hidden || !$wasqueued; // don't record approval of a post as an update action... qa_db_post_set_type($oldcomment['postid'], $hidden ? 'C_HIDDEN' : 'C', $setupdated ? $userid : null, $setupdated ? qa_remote_ip_address() : null, QA_UPDATE_VISIBLE); if (!$setupdated) { // ... for approval of a post, set created time to now instead qa_db_post_set_created($oldcomment['postid'], null); } qa_db_points_update_ifuser($oldcomment['userid'], array('cposts')); qa_db_ccount_update(); if ($question['type'] == 'Q' && ($parent['type'] == 'Q' || $parent['type'] == 'A') && !$hidden) { // only index if none of the things it depends on are hidden or queued qa_post_index($oldcomment['postid'], 'C', $question['postid'], $oldcomment['parentid'], null, $oldcomment['content'], $oldcomment['format'], qa_viewer_text($oldcomment['content'], $oldcomment['format']), null, $oldcomment['categoryid']); } qa_report_event($wasqueued ? $hidden ? 'c_reject' : 'c_approve' : ($hidden ? 'c_hide' : 'c_reshow'), $userid, $handle, $cookieid, array('postid' => $oldcomment['postid'], 'parentid' => $oldcomment['parentid'], 'oldcomment' => $oldcomment, 'parenttype' => $parent['basetype'], 'questionid' => $question['postid'])); if ($wasqueued && !$hidden) { require_once QA_INCLUDE_DIR . 'qa-db-selects.php'; require_once QA_INCLUDE_DIR . 'qa-util-string.php'; $commentsfollows = qa_db_single_select(qa_db_full_child_posts_selectspec(null, $oldcomment['parentid'])); $thread = array(); foreach ($commentsfollows as $comment) { if ($comment['type'] == 'C' && $comment['parentid'] == $parent['postid']) { $thread[] = $comment; } } qa_report_event('c_post', $oldcomment['userid'], $oldcomment['handle'], $oldcomment['cookieid'], array('postid' => $oldcomment['postid'], 'parentid' => $oldcomment['parentid'], 'parenttype' => $parent['basetype'], 'parent' => $parent, 'questionid' => $question['postid'], 'question' => $question, 'thread' => $thread, 'content' => $oldcomment['content'], 'format' => $oldcomment['format'], 'text' => qa_viewer_text($oldcomment['content'], $oldcomment['format']), 'categoryid' => $oldcomment['categoryid'], 'notify' => isset($oldcomment['notify']), 'email' => qa_email_validate($oldcomment['notify']) ? $oldcomment['notify'] : null, 'delayed' => $oldcomment['created'])); } }
$feedbacksent = false; if (qa_clicked('dofeedback')) { require_once QA_INCLUDE_DIR . 'qa-util-emailer.php'; require_once QA_INCLUDE_DIR . 'qa-util-string.php'; $inmessage = qa_post_text('message'); $inname = qa_post_text('name'); $inemail = qa_post_text('email'); $inreferer = qa_post_text('referer'); if (empty($inmessage)) { $errors['message'] = qa_lang('misc/feedback_empty'); } if ($usecaptcha) { qa_captcha_validate($_POST, $errors); } if (empty($errors)) { $subs = array('^message' => $inmessage, '^name' => empty($inname) ? '-' : $inname, '^email' => empty($inemail) ? '-' : $inemail, '^previous' => empty($inreferer) ? '-' : $inreferer, '^url' => isset($qa_login_userid) ? qa_path('user/' . qa_get_logged_in_handle(), null, qa_opt('site_url')) : '-', '^ip' => qa_remote_ip_address(), '^browser' => @$_SERVER['HTTP_USER_AGENT']); if (qa_send_email(array('fromemail' => qa_email_validate(@$inemail) ? $inemail : qa_opt('from_email'), 'fromname' => $inname, 'toemail' => qa_opt('feedback_email'), 'toname' => qa_opt('site_title'), 'subject' => qa_lang_sub('emails/feedback_subject', qa_opt('site_title')), 'body' => strtr(qa_lang('emails/feedback_body'), $subs), 'html' => false))) { $feedbacksent = true; } else { $page_error = qa_lang_html('main/general_error'); } qa_report_event('feedback', $qa_login_userid, qa_get_logged_in_handle(), $qa_cookieid, array('email' => $inemail, 'name' => $inname, 'message' => $inmessage, 'previous' => $inreferer, 'browser' => @$_SERVER['HTTP_USER_AGENT'])); } } // Prepare content for theme $qa_content = qa_content_prepare(); $qa_content['title'] = qa_lang_html('misc/feedback_title'); $qa_content['error'] = @$page_error; $qa_content['form'] = array('tags' => 'METHOD="POST" ACTION="' . qa_self_html() . '"', 'style' => 'tall', 'fields' => array('message' => array('type' => $feedbacksent ? 'static' : '', 'label' => qa_lang_html_sub('misc/feedback_message', qa_opt('site_title')), 'tags' => 'NAME="message" ID="message"', 'value' => qa_html(@$inmessage), 'rows' => 8, 'error' => qa_html(@$errors['message'])), 'name' => array('type' => $feedbacksent ? 'static' : '', 'label' => qa_lang_html('misc/feedback_name'), 'tags' => 'NAME="name"', 'value' => qa_html(isset($inname) ? $inname : @$userprofile['name'])), 'email' => array('type' => $feedbacksent ? 'static' : '', 'label' => qa_lang_html('misc/feedback_email'), 'tags' => 'NAME="email"', 'value' => qa_html(isset($inemail) ? $inemail : qa_get_logged_in_email()), 'note' => $feedbacksent ? null : qa_opt('email_privacy'))), 'buttons' => array('send' => array('label' => qa_lang_html('main/send_button'))), 'hidden' => array('dofeedback' => '1', 'referer' => qa_html(isset($inreferer) ? $inreferer : @$_SERVER['HTTP_REFERER']))); if ($usecaptcha && !$feedbacksent) { qa_set_up_captcha_field($qa_content, $qa_content['form']['fields'], @$errors);
/** * Outputs cache to the user */ private function get_cache() { qa_report_process_stage('init_page'); qa_db_connect('qa_page_db_fail_handler'); qa_page_queue_pending(); qa_load_state(); qa_check_login_modules(); if (QA_DEBUG_PERFORMANCE) { if (qa_qa_version_below('1.7')) { qa_usage_mark('setup'); } else { //global $qa_usage; //$qa_usage->mark('setup'); null; } } qa_check_page_clicks(); qa_set_form_security_key(); if (!QA_CACHING_FILE) { $contents = $this->get_cache_db(); } else { $contents = $this->get_cache_file(); } $qa_content = array(); // Dummy contents $userid = qa_get_logged_in_userid(); $questionid = qa_request_part(0); $cookieid = qa_cookie_get(true); if (is_numeric($questionid)) { $question = qa_db_select_with_pending(qa_db_full_post_selectspec($userid, $questionid)); if (is_numeric($questionid) && qa_opt('do_count_q_views') && !preg_match("/^(?:POST|PUT)\$/i", $_SERVER["REQUEST_METHOD"]) && !qa_is_http_post() && qa_is_human_probably() && (!$question['views'] || ($question['lastviewip'] != qa_remote_ip_address() || !isset($question['lastviewip'])) && ($question['createip'] != qa_remote_ip_address() || !isset($question['createip'])) && ($question['userid'] != $userid || !isset($question['userid'])) && ($question['cookieid'] != $cookieid || !isset($question['cookieid'])))) { $qa_content['inc_views_postid'] = $questionid; } else { $qa_content['inc_views_postid'] = null; } qa_do_content_stats($qa_content); } if (QA_DEBUG_PERFORMANCE) { ob_start(); if (qa_qa_version_below('1.7')) { qa_usage_output(); } else { global $qa_usage; $qa_usage->output(); } $contents .= ob_get_contents(); ob_end_clean(); } qa_db_disconnect(); header('Content-type: ' . strtr('^type/^format; charset=utf-8', array('^type' => 'text', '^format' => $this->get_cache_file_extension()))); exit($contents); }
function qa_comment_create($userid, $handle, $cookieid, $content, $format, $text, $notify, $email, $question, $parent, $commentsfollows, $queued = false) { require_once QA_INCLUDE_DIR . 'qa-app-emails.php'; require_once QA_INCLUDE_DIR . 'qa-app-options.php'; require_once QA_INCLUDE_DIR . 'qa-app-format.php'; require_once QA_INCLUDE_DIR . 'qa-util-string.php'; if (!isset($parent)) { $parent = $question; } // for backwards compatibility with old answer parameter $postid = qa_db_post_create($queued ? 'C_QUEUED' : 'C', $parent['postid'], $userid, isset($userid) ? null : $cookieid, qa_remote_ip_address(), null, $content, $format, null, qa_combine_notify_email($userid, $notify, $email), $question['categoryid']); qa_db_posts_calc_category_path($postid); if (!$queued) { if ($question['type'] == 'Q' && ($parent['type'] == 'Q' || $parent['type'] == 'A')) { // only index if antecedents fully visible qa_post_index($postid, 'C', $question['postid'], $parent['postid'], null, $content, $format, $text, null, $question['categoryid']); } qa_db_points_update_ifuser($userid, 'cposts'); qa_db_ccount_update(); } $thread = array(); foreach ($commentsfollows as $comment) { if ($comment['type'] == 'C' && $comment['parentid'] == $parent['postid']) { // find just those for this parent, fully visible $thread[] = $comment; } } qa_report_event($queued ? 'c_queue' : 'c_post', $userid, $handle, $cookieid, array('postid' => $postid, 'parentid' => $parent['postid'], 'parenttype' => $parent['basetype'], 'parent' => $parent, 'questionid' => $question['postid'], 'question' => $question, 'thread' => $thread, 'content' => $content, 'format' => $format, 'text' => $text, 'categoryid' => $question['categoryid'], 'notify' => $notify, 'email' => $email)); return $postid; }
function qa_comment_create($userid, $handle, $cookieid, $content, $format, $text, $notify, $email, $question, $answer, $commentsfollows) { require_once QA_INCLUDE_DIR . 'qa-app-emails.php'; require_once QA_INCLUDE_DIR . 'qa-app-options.php'; require_once QA_INCLUDE_DIR . 'qa-app-format.php'; require_once QA_INCLUDE_DIR . 'qa-util-string.php'; $parent = isset($answer) ? $answer : $question; $postid = qa_db_post_create('C', $parent['postid'], $userid, isset($userid) ? null : $cookieid, qa_remote_ip_address(), null, $content, $format, null, qa_combine_notify_email($userid, $notify, $email), $question['categoryid']); qa_db_posts_calc_category_path($postid); if (!($question['hidden'] || @$answer['hidden'])) { // don't index comment if parent or parent of parent is hidden qa_post_index($postid, 'C', $question['postid'], null, $text, null); } qa_db_points_update_ifuser($userid, 'cposts'); qa_db_ccount_update(); // $senttoemail and $senttouserid ensure each user or email gets only one notification about an added comment, // even if they have several previous comments in the same thread and asked for notifications for the parent. // Still, if a person posted some comments as a registered user and some others anonymously, // they could get two emails about a subsequent comment. Shouldn't be much of a problem in practice. $senttoemail = array(); $senttouserid = array(); switch ($parent['basetype']) { case 'Q': $subject = qa_lang('emails/q_commented_subject'); $body = qa_lang('emails/q_commented_body'); $context = $parent['title']; break; case 'A': $subject = qa_lang('emails/a_commented_subject'); $body = qa_lang('emails/a_commented_body'); $context = qa_viewer_text($parent['content'], $parent['format']); break; } $blockwordspreg = qa_get_block_words_preg(); $sendhandle = isset($handle) ? $handle : qa_lang('main/anonymous'); $sendcontext = qa_block_words_replace($context, $blockwordspreg); $sendtext = qa_block_words_replace($text, $blockwordspreg); $sendtitle = qa_block_words_replace($question['title'], $blockwordspreg); $sendurl = qa_path(qa_q_request($question['postid'], $sendtitle), null, qa_opt('site_url'), null, qa_anchor($parent['basetype'], $parent['postid'])); if (isset($parent['notify']) && !qa_post_is_by_user($parent, $userid, $cookieid)) { $senduserid = $parent['userid']; $sendemail = @$parent['notify']; if (qa_email_validate($sendemail)) { $senttoemail[$sendemail] = true; } elseif (isset($senduserid)) { $senttouserid[$senduserid] = true; } qa_send_notification($senduserid, $sendemail, @$parent['handle'], $subject, $body, array('^c_handle' => $sendhandle, '^c_context' => $sendcontext, '^c_content' => $sendtext, '^url' => $sendurl)); } foreach ($commentsfollows as $comment) { if ($comment['basetype'] == 'C' && $comment['parentid'] == $parent['postid'] && !$comment['hidden']) { // find just those for this parent if (isset($comment['notify']) && !qa_post_is_by_user($comment, $userid, $cookieid)) { $senduserid = $comment['userid']; $sendemail = @$comment['notify']; if (qa_email_validate($sendemail)) { if (@$senttoemail[$sendemail]) { continue; } $senttoemail[$sendemail] = true; } elseif (isset($senduserid)) { if (@$senttouserid[$senduserid]) { continue; } $senttouserid[$senduserid] = true; } qa_send_notification($senduserid, $sendemail, @$comment['handle'], qa_lang('emails/c_commented_subject'), qa_lang('emails/c_commented_body'), array('^c_handle' => $sendhandle, '^c_context' => $sendcontext, '^c_content' => $sendtext, '^url' => $sendurl)); } } } qa_report_event('c_post', $userid, $handle, $cookieid, array('postid' => $postid, 'parentid' => $parent['postid'], 'parenttype' => $parent['basetype'], 'questionid' => $question['postid'], 'content' => $content, 'format' => $format, 'text' => $text, 'categoryid' => $question['categoryid'], 'notify' => $notify, 'email' => $email)); return $postid; }
function qa_limits_increment($userid, $actioncode) { require_once QA_INCLUDE_DIR . 'qa-db-limits.php'; $period = (int) (qa_opt('db_time') / 3600); if (isset($userid)) { qa_db_limits_user_add($userid, $actioncode, $period, 1); } qa_db_limits_ip_add(qa_remote_ip_address(), $actioncode, $period, 1); }
function qa_set_user_avatar($userid, $imagedata, $oldblobid = null) { if (qa_to_override(__FUNCTION__)) { $args = func_get_args(); return qa_call_override(__FUNCTION__, $args); } require_once QA_INCLUDE_DIR . 'qa-util-image.php'; $imagedata = qa_image_constrain_data($imagedata, $width, $height, qa_opt('avatar_store_size')); if (isset($imagedata)) { require_once QA_INCLUDE_DIR . 'qa-db-blobs.php'; $newblobid = qa_db_blob_create($imagedata, 'jpeg', null, $userid, null, qa_remote_ip_address()); if (isset($newblobid)) { qa_db_user_set($userid, 'avatarblobid', $newblobid); qa_db_user_set($userid, 'avatarwidth', $width); qa_db_user_set($userid, 'avatarheight', $height); qa_db_user_set_flag($userid, QA_USER_FLAGS_SHOW_AVATAR, true); qa_db_user_set_flag($userid, QA_USER_FLAGS_SHOW_GRAVATAR, false); if (isset($oldblobid)) { qa_db_blob_delete($oldblobid); } return true; } } return false; }
function qa_comment_set_status($oldcomment, $status, $userid, $handle, $cookieid, $question, $parent) { require_once QA_INCLUDE_DIR . 'qa-app-format.php'; if (!isset($parent)) { $parent = $question; } // for backwards compatibility with old answer parameter $washidden = $oldcomment['type'] == 'C_HIDDEN'; $wasqueued = $oldcomment['type'] == 'C_QUEUED'; $wasrequeued = $wasqueued && isset($oldcomment['updated']); qa_post_unindex($oldcomment['postid']); $setupdated = false; $event = null; if ($status == QA_POST_STATUS_QUEUED) { $newtype = 'C_QUEUED'; if (!$wasqueued) { $event = 'c_requeue'; } // same event whether it was hidden or shown before } elseif ($status == QA_POST_STATUS_HIDDEN) { $newtype = 'C_HIDDEN'; if (!$washidden) { $event = $wasqueued ? 'c_reject' : 'c_hide'; if (!$wasqueued) { $setupdated = true; } } } elseif ($status == QA_POST_STATUS_NORMAL) { $newtype = 'C'; if ($wasqueued) { $event = 'c_approve'; } elseif ($washidden) { $event = 'c_reshow'; $setupdated = true; } } else { qa_fatal_error('Unknown status in qa_comment_set_status(): ' . $status); } qa_db_post_set_type($oldcomment['postid'], $newtype, $setupdated ? $userid : null, $setupdated ? qa_remote_ip_address() : null, QA_UPDATE_VISIBLE); if ($wasqueued && $status == QA_POST_STATUS_NORMAL && qa_opt('moderate_update_time')) { // ... for approval of a post, can set time to now instead if ($wasrequeued) { qa_db_post_set_updated($oldcomment['postid'], null); } else { qa_db_post_set_created($oldcomment['postid'], null); } } qa_db_ccount_update(); qa_db_points_update_ifuser($oldcomment['userid'], array('cposts')); if ($wasqueued || $status == QA_POST_STATUS_QUEUED) { qa_db_queuedcount_update(); } if ($oldcomment['flagcount']) { qa_db_flaggedcount_update(); } if ($question['type'] == 'Q' && ($parent['type'] == 'Q' || $parent['type'] == 'A') && $status == QA_POST_STATUS_NORMAL) { // only index if none of the things it depends on are hidden or queued qa_post_index($oldcomment['postid'], 'C', $question['postid'], $oldcomment['parentid'], null, $oldcomment['content'], $oldcomment['format'], qa_viewer_text($oldcomment['content'], $oldcomment['format']), null, $oldcomment['categoryid']); } $eventparams = array('postid' => $oldcomment['postid'], 'parentid' => $oldcomment['parentid'], 'parenttype' => $parent['basetype'], 'parent' => $parent, 'questionid' => $question['postid'], 'question' => $question, 'content' => $oldcomment['content'], 'format' => $oldcomment['format'], 'text' => qa_viewer_text($oldcomment['content'], $oldcomment['format']), 'categoryid' => $oldcomment['categoryid'], 'name' => $oldcomment['name']); if (isset($event)) { qa_report_event($event, $userid, $handle, $cookieid, $eventparams + array('oldcomment' => $oldcomment)); } if ($wasqueued && $status == QA_POST_STATUS_NORMAL && !$wasrequeued) { require_once QA_INCLUDE_DIR . 'qa-db-selects.php'; require_once QA_INCLUDE_DIR . 'qa-util-string.php'; $commentsfollows = qa_db_single_select(qa_db_full_child_posts_selectspec(null, $oldcomment['parentid'])); $thread = array(); foreach ($commentsfollows as $comment) { if ($comment['type'] == 'C' && $comment['parentid'] == $parent['postid']) { $thread[] = $comment; } } qa_report_event('c_post', $oldcomment['userid'], $oldcomment['handle'], $oldcomment['cookieid'], $eventparams + array('thread' => $thread, 'notify' => isset($oldcomment['notify']), 'email' => qa_email_validate($oldcomment['notify']) ? $oldcomment['notify'] : null, 'delayed' => $oldcomment['created'])); } }
function process_request($request) { $message = ''; $url = ''; if (is_array($_FILES) && count($_FILES)) { // Check that we're allowed to upload images (if not, no other uploads are allowed either) if (!qa_opt('wysiwyg_editor_upload_images')) { $message = qa_lang('users/no_permission'); } // Check that we haven't reached the upload limit and are not blocked if (empty($message)) { require_once QA_INCLUDE_DIR . 'qa-app-users.php'; require_once QA_INCLUDE_DIR . 'qa-app-limits.php'; switch (qa_user_permit_error(null, QA_LIMIT_UPLOADS)) { case 'limit': $message = qa_lang('main/upload_limit'); break; case false: qa_limits_increment(qa_get_logged_in_userid(), QA_LIMIT_UPLOADS); break; default: $message = qa_lang('users/no_permission'); break; } } // Find out some information about the uploaded file and check it's not too large if (empty($message)) { require_once QA_INCLUDE_DIR . 'qa-app-blobs.php'; $file = reset($_FILES); $pathinfo = pathinfo($file['name']); $extension = strtolower(@$pathinfo['extension']); $filesize = $file['size']; $maxsize = min(qa_opt('wysiwyg_editor_upload_max_size'), qa_get_max_upload_size()); if ($filesize <= 0 || $filesize > $maxsize) { // if file was too big for PHP, $filesize will be zero $message = qa_lang_sub('main/max_upload_size_x', number_format($maxsize / 1048576, 1) . 'MB'); } } // If it's only allowed to be an image, check it's an image if (empty($message)) { if (qa_get('qa_only_image') || !qa_opt('wysiwyg_editor_upload_all')) { // check if we need to confirm it's an image switch ($extension) { case 'png': // these are allowed image extensions // these are allowed image extensions case 'gif': case 'jpeg': case 'jpg': if (function_exists('getimagesize')) { // getimagesize() does not require GD library if (!is_array(@getimagesize($file['tmp_name']))) { $message = qa_lang_sub('main/image_not_read', 'GIF, JPG, PNG'); } } break; default: $message = qa_lang_sub('main/image_not_read', 'GIF, JPG, PNG'); break; } } } // If there have been no errors, looks like we're all set... if (empty($message)) { require_once QA_INCLUDE_DIR . 'qa-db-blobs.php'; $userid = qa_get_logged_in_userid(); $cookieid = isset($userid) ? qa_cookie_get() : qa_cookie_get_create(); $blobid = qa_db_blob_create(file_get_contents($file['tmp_name']), $extension, @$file['name'], $userid, $cookieid, qa_remote_ip_address()); if (isset($blobid)) { $url = qa_get_blob_url($blobid, true); } else { $message = 'Failed to create object in database - please try again'; } } } echo "<script type='text/javascript'>window.parent.CKEDITOR.tools.callFunction(" . qa_js(qa_get('CKEditorFuncNum')) . ", " . qa_js($url) . ", " . qa_js($message) . ");</script>"; return null; }
function qa_user_report_action($userid, $action) { if (qa_to_override(__FUNCTION__)) { $args = func_get_args(); return qa_call_override(__FUNCTION__, $args); } require_once QA_INCLUDE_DIR . 'db/users.php'; qa_db_user_written($userid, qa_remote_ip_address()); }
function qa_upload_file($localfilename, $sourcefilename, $maxfilesize = null, $onlyimage = false, $imagemaxwidth = null, $imagemaxheight = null) { if (qa_to_override(__FUNCTION__)) { $args = func_get_args(); return qa_call_override(__FUNCTION__, $args); } $result = array(); // Check per-user upload limits require_once QA_INCLUDE_DIR . 'qa-app-users.php'; require_once QA_INCLUDE_DIR . 'qa-app-limits.php'; switch (qa_user_permit_error(null, QA_LIMIT_UPLOADS)) { case 'limit': $result['error'] = qa_lang('main/upload_limit'); return $result; case false: qa_limits_increment(qa_get_logged_in_userid(), QA_LIMIT_UPLOADS); break; default: $result['error'] = qa_lang('users/no_permission'); return $result; } // Check the uploaded file is not too large $filesize = filesize($localfilename); if (isset($maxfilesize)) { $maxfilesize = min($maxfilesize, qa_get_max_upload_size()); } else { $maxfilesize = qa_get_max_upload_size(); } if ($filesize <= 0 || $filesize > $maxfilesize) { // if file was too big for PHP, $filesize will be zero $result['error'] = qa_lang_sub('main/max_upload_size_x', number_format($maxfilesize / 1048576, 1) . 'MB'); return $result; } // Find out what type of source file was uploaded and if appropriate, check it's an image and get preliminary size measure $pathinfo = pathinfo($sourcefilename); $format = strtolower(@$pathinfo['extension']); $isimage = $format == 'png' || $format == 'gif' || $format == 'jpeg' || $format == 'jpg'; // allowed image extensions if ($isimage) { $imagesize = @getimagesize($localfilename); if (is_array($imagesize)) { $result['width'] = $imagesize[0]; $result['height'] = $imagesize[1]; switch ($imagesize['2']) { // reassign format based on actual content, if we can case IMAGETYPE_GIF: $format = 'gif'; break; case IMAGETYPE_JPEG: $format = 'jpeg'; break; case IMAGETYPE_PNG: $format = 'png'; break; } } } $result['format'] = $format; if ($onlyimage) { if (!$isimage || !is_array($imagesize)) { $result['error'] = qa_lang_sub('main/image_not_read', 'GIF, JPG, PNG'); return $result; } } // Read in the raw file contents $content = file_get_contents($localfilename); // If appropriate, get more accurate image size and apply constraints to it require_once QA_INCLUDE_DIR . 'qa-util-image.php'; if ($isimage && qa_has_gd_image()) { $image = @imagecreatefromstring($content); if (is_resource($image)) { $result['width'] = $width = imagesx($image); $result['height'] = $height = imagesy($image); if (isset($imagemaxwidth) || isset($imagemaxheight)) { if (qa_image_constrain($width, $height, isset($imagemaxwidth) ? $imagemaxwidth : $width, isset($imagemaxheight) ? $imagemaxheight : $height)) { qa_gd_image_resize($image, $width, $height); if (is_resource($image)) { $content = qa_gd_image_jpeg($image); $result['format'] = $format = 'jpeg'; $result['width'] = $width; $result['height'] = $height; } } } if (is_resource($image)) { // might have been lost imagedestroy($image); } } } // Create the blob and return require_once QA_INCLUDE_DIR . 'qa-app-blobs.php'; $userid = qa_get_logged_in_userid(); $cookieid = isset($userid) ? qa_cookie_get() : qa_cookie_get_create(); $result['blobid'] = qa_create_blob($content, $format, $sourcefilename, $userid, $cookieid, qa_remote_ip_address()); if (!isset($result['blobid'])) { $result['error'] = qa_lang('main/general_error'); return $result; } $result['bloburl'] = qa_get_blob_url($result['blobid'], true); return $result; }