function post_in_forum($forum_info, &$params, &$feedbacks, &$errors) { global $smarty, $tiki_p_admin_forum, $tiki_p_forum_post_topic; global $tiki_p_forum_post, $prefs, $user, $tiki_p_forum_autoapp, $captchalib; if (!empty($params['comments_grandParentId'])) { $parent_id = $params['comments_grandParentId']; } elseif (!empty($params['comments_parentId'])) { $parent_id = $params['comments_parentId']; } else { $parent_id = 0; } if (!($tiki_p_admin_forum == 'y' || $parent_id == 0 && $tiki_p_forum_post_topic == 'y' || $parent_id > 0 && $tiki_p_forum_post == 'y')) { $errors[] = tra('Permission denied'); return 0; } if ($forum_info['is_locked'] == 'y') { $smarty->assign('msg', tra("This forum is locked")); $smarty->display("error.tpl"); die; } $parent_comment_info = $this->get_comment($parent_id); if ($parent_comment_info['locked'] == 'y') { $smarty->assign('msg', tra("This thread is locked")); $smarty->display("error.tpl"); die; } if (empty($user) && $prefs['feature_antibot'] == 'y' && !$captchalib->validate()) { $errors[] = $captchalib->getErrors(); } if ($forum_info['controlFlood'] == 'y' && !$this->user_can_post_to_forum($user, $forum_info['forumId'])) { $errors[] = tr('Please wait %0 seconds between posts', $forum_info['floodInterval']); } if ($tiki_p_admin_forum != 'y' && $forum_info['forum_use_password'] != 'n' && $params['password'] != $forum_info['forum_password']) { $errors[] = tra('Wrong password. Cannot post comment'); } if ($parent_id > 0 && $forum_info['is_flat'] == 'y' && $params['comments_grandParentId'] > 0) { $errors[] = tra("This forum is flat and doesn't allow replies to other replies"); } if ($prefs['feature_contribution'] == 'y' && $prefs['feature_contribution_mandatory_forum'] == 'y' && empty($params['contributions'])) { $errors[] = tra('A contribution is mandatory'); } if ($prefs['comments_notitle'] != 'y' && empty($params['comments_title']) || empty($params['comments_data']) && $prefs['feature_forums_allow_thread_titles'] != 'y') { $errors[] = tra('You have to enter a title and text'); } if (!empty($params['anonymous_email']) && !validate_email($params['anonymous_email'], $prefs['validateEmail'])) { $errors[] = tra('Invalid Email'); } // what do we do??? if (!empty($errors)) { return 0; } // Remove HTML tags and empty lines at the end of the posted comment $params['comments_data'] = rtrim(strip_tags($params['comments_data'])); if ($tiki_p_admin_forum != 'y') { // non admin can only post normal $params['comment_topictype'] = 'n'; if ($forum_info['topic_summary'] != 'y') { $params['comment_topicsummary'] = ''; } if ($forum_info['topic_smileys'] != 'y') { $params['comment_topicsmiley'] = ''; } } if (isset($params['comments_postComment_anonymous']) && !empty($user) && $prefs['feature_comments_post_as_anonymous'] == 'y') { $params['comments_postComment'] = $params['comments_postComment_anonymous']; $user = ''; } if (!isset($params['comment_topicsummary'])) { $params['comment_topicsummary'] = ''; } if (!isset($params['comment_topicsmiley'])) { $params['comment_topicsmiley'] = ''; } if (isset($params['anonymous_name'])) { $params['anonymous_name'] = trim(strip_tags($params['anonymous_name'])); } else { $params['anonymous_name'] = ''; } if (!isset($params['freetag_string'])) { $params['freetag_string'] = ''; } if (!isset($params['anonymous_email'])) { $params['anonymous_email'] = ''; } if (isset($params['comments_reply_threadId']) && !empty($params['comments_reply_threadId'])) { $reply_info = $this->get_comment($params['comments_reply_threadId']); $in_reply_to = $reply_info['message_id']; } else { $in_reply_to = ''; } $comments_objectId = 'forum:' . $params['forumId']; if ($tiki_p_forum_autoapp != 'y' && ($forum_info['approval_type'] == 'queue_all' || !$user && $forum_info['approval_type'] == 'queue_anon')) { $threadId = 0; $feedbacks[] = tra('Your message has been queued for approval and will be posted after a moderator approves it.'); $qId = $this->replace_queue(0, $forum_info['forumId'], $comments_objectId, $parent_id, $user, $params['comments_title'], $params['comments_data'], $params['comment_topictype'], $params['comment_topicsmiley'], $params['comment_topicsummary'], $params['comments_title'], $in_reply_to, $params['anonymous_name'], $params['freetag_string'], $params['anonymous_email']); } else { // not in queue mode $qId = 0; if ($params['comments_threadId'] == 0) { // new post $message_id = ''; // The thread/topic does not already exist if (!$params['comments_threadId']) { $threadId = $this->post_new_comment($comments_objectId, $parent_id, $user, $params['comments_title'], $params['comments_data'], $message_id, $in_reply_to, $params['comment_topictype'], $params['comment_topicsummary'], $params['comment_topicsmiley'], isset($params['contributions']) ? $params['contributions'] : '', $params['anonymous_name']); // The thread *WAS* successfully created. if ($threadId) { // Deal with mail notifications. include_once 'lib/notifications/notificationemaillib.php'; sendForumEmailNotification(empty($params['comments_reply_threadId']) ? 'forum_post_topic' : 'forum_post_thread', $params['forumId'], $forum_info, $params['comments_title'], $params['comments_data'], $user, $params['comments_title'], $message_id, $in_reply_to, isset($params['comments_parentId']) ? $params['comments_parentId'] : $threadId, isset($params['comments_parentId']) ? $params['comments_parentId'] : 0, isset($params['contributions']) ? $params['contributions'] : '', $threadId); // Set watch if requested if ($prefs['feature_user_watches'] == 'y') { if ($user && isset($params['set_thread_watch']) && $params['set_thread_watch'] == 'y') { $this->add_user_watch($user, 'forum_post_thread', $threadId, 'forum topic', $forum_info['name'] . ':' . $params['comments_title'], 'tiki-view_forum_thread.php?forumId=' . $forum_info['forumId'] . '&comments_parentId=' . $threadId); } elseif (!empty($params['anonymous_email'])) { // Add an anonymous watch, if email address supplied. $this->add_user_watch($params['anonymous_name'] . ' ' . tra('(not registered)'), $prefs['site_language'], 'forum_post_thread', $threadId, 'forum topic', $forum_info['name'] . ':' . $params['comments_title'], 'tiki-view_forum_thread.php?forumId=' . $forum_info['forumId'] . '&comments_parentId=' . $threadId, $params['anonymous_email'], isset($prefs['language']) ? $prefs['language'] : ''); } } // TAG Stuff $cat_type = 'forum post'; $cat_objid = $threadId; $cat_desc = substr($params['comments_data'], 0, 200); $cat_name = $params['comments_title']; $cat_href = 'tiki-view_forum_thread.php?comments_parentId=' . $threadId . '&forumId=' . $params['forumId']; include 'freetag_apply.php'; } } $this->register_forum_post($forum_info['forumId'], 0); } elseif ($tiki_p_admin_forum == 'y' || $this->user_can_edit_post($user, $params['comments_threadId'])) { $threadId = $params['comments_threadId']; $this->update_comment($threadId, $params['comments_title'], '', $params['comments_data'], $params['comment_topictype'], $params['comment_topicsummary'], $params['comment_topicsmiley'], $comments_objectId, isset($params['contributions']) ? $params['contributions'] : ''); } } if (!empty($threadId) || !empty($qId)) { // PROCESS ATTACHMENT HERE if (isset($_FILES['userfile1']) && !empty($_FILES['userfile1']['name'])) { if (is_uploaded_file($_FILES['userfile1']['tmp_name'])) { $fp = fopen($_FILES['userfile1']['tmp_name'], 'rb'); $ret = $this->add_thread_attachment($forum_info, $threadId, $errors, $_FILES['userfile1']['name'], $_FILES['userfile1']['type'], $_FILES['userfile1']['size'], 0, $qId, $fp, ''); fclose($fp); } else { $errors[] = $this->uploaded_file_error($_FILES['userfile1']['error']); } } //END ATTACHMENT PROCESSING } if (!empty($errors)) { return 0; } elseif ($qId) { return $qId; } else { return $threadId; } }
fclose($fw); $data = ''; } $size = $_FILES['userfile1']['size']; $name = $_FILES['userfile1']['name']; $type = $_FILES['userfile1']['type']; if ($size > $forum_info['att_max_size']) { $msg = tra('Cannot upload this file maximum upload size exceeded'); $access->display_error(basename(__FILE__), $msg); } $commentslib->attach_file($qId, 0, $name, $type, $size, $data, $fhash, $forum_info['att_store_dir'], $_REQUEST['forumId']); } /* attachment */ // Deal with mail notifications. include_once 'lib/notifications/notificationemaillib.php'; sendForumEmailNotification('forum_post_thread', $qId, $forum_info, $_REQUEST["comments_title"], $_REQUEST["comments_data"], $user, $thread_info['title'], $message_id, $in_reply_to, $_REQUEST['comments_parentId'], $_REQUEST['comments_grandParentId']); $commentslib->register_forum_post($_REQUEST["forumId"], $_REQUEST["comments_parentId"]); } if ($prefs['feature_user_watches'] == 'y' && $prefs['wiki_watch_comments'] == 'y' && isset($_REQUEST["page"])) { include_once 'lib/webmail/tikimaillib.php'; $nots = $commentslib->get_event_watches('wiki_page_changed', $_REQUEST["page"]); $isBuilt = false; global $notificationlib; include_once "lib/notifications/notificationlib.php"; $emails = $notificationlib->get_mail_events('wiki_comment_changes', $_REQUEST["page"]); foreach ($emails as $email) { $already = false; foreach ($nots as $not) { if ($not['email'] == $email) { $already = true; break;
$_REQUEST['comment_topicsummary'] = ''; } if (!isset($_REQUEST['comment_topicsmiley'])) { $_REQUEST['comment_topicsmiley'] = ''; } $message_id = ''; // Check if the thread/topic already exist $threadId = $commentslib->check_for_topic($_REQUEST["comments_title"], $_REQUEST["comments_data"]); // The thread/topic does not already exist if (!$threadId) { $threadId = $commentslib->post_new_comment($comments_objectId, 0, $user, $_REQUEST["comments_title"], $_REQUEST["comments_data"], $message_id, '', $_REQUEST["comment_topictype"], $_REQUEST["comment_topicsummary"], $_REQUEST['comment_topicsmiley']); // The thread *WAS* successfully created. if ($threadId) { // Deal with mail notifications. include_once 'lib/notifications/notificationemaillib.php'; sendForumEmailNotification('forum_post_topic', $_REQUEST['forumId'], $forum_info, $_REQUEST["comments_title"], $_REQUEST["comments_data"], $user, $_REQUEST["comments_title"], $message_id, '', $threadId); } } // PROCESS ATTACHMENT HERE if ($threadId && isset($_FILES['userfile1']) && is_uploaded_file($_FILES['userfile1']['tmp_name'])) { check_ticket('view-forum'); $fp = fopen($_FILES['userfile1']['tmp_name'], "rb"); $commentslib->add_thread_attachment($forum_info, $threadId, $fp, '', $_FILES['userfile1']['name'], $_FILES['userfile1']['type'], $_FILES['userfile1']['size']); } //END ATTACHMENT PROCESSING $commentslib->register_forum_post($_REQUEST["forumId"], 0); } elseif ($tiki_p_admin_forum == 'y' || $commentslib->user_can_edit_post($user, $_REQUEST["comments_threadId"])) { $commentslib->update_comment($_REQUEST["comments_threadId"], $_REQUEST["comments_title"], '', $_REQUEST["comments_data"], $_REQUEST["comment_topictype"], $_REQUEST['comment_topicsummary'], $_REQUEST['comment_topicsmiley']); // PROCESS ATTACHMENT HERE if ($threadId && isset($_FILES['userfile1']) && is_uploaded_file($_FILES['userfile1']['tmp_name'])) { check_ticket('view-forum');
function process_inbound_mail($forumId) { // require_once ("lib/webmail/pop3.php"); require_once "lib/webmail/net_pop3.php"; require_once "lib/mail/mimelib.php"; //require_once ("lib/webmail/mimeDecode.php"); include_once "lib/webmail/class.rc4crypt.php"; include_once "lib/webmail/htmlMimeMail.php"; $info = $this->get_forum($forumId); // for any reason my sybase test machine adds a space to // the inbound_pop_server field in the table. $info["inbound_pop_server"] = trim($info["inbound_pop_server"]); if (!$info["inbound_pop_server"] || empty($info["inbound_pop_server"])) { return; } $pop3 = new Net_POP3(); $pop3->connect($info["inbound_pop_server"]); $pop3->login($info["inbound_pop_user"], $info["inbound_pop_password"]); if (!$pop3) { return; } $mailsum = $pop3->numMsg(); $pop3->disconnect(); for ($i = 1; $i <= $mailsum; $i++) { // Just changed the code to close and re-open the POP3 session for // each message; it used to try to retrieve everything in one // session. // // We close and re-open for each message because POP3 won't // delete mail until the client quits (so you can back out of // accidental deletions in a real user client). This doesn't apply // here, and as it stands if the mailbox gets very full, we end up // hitting the mailbox over and over without changing anything, // because eventually the session times out. // // As a side effect, $i doesn't really get used (we're always // retrieving the first message). // // -Robin Powell, 8 Nov 2004 $pop3->connect($info["inbound_pop_server"]); $pop3->login($info["inbound_pop_user"], $info["inbound_pop_password"]); $aux = $pop3->getParsedHeaders(1); // If the connection is done, or the mail has an error, or whatever, // we try to delete the current mail (because something is wrong with it) // and continue on. --rlpowell if ($aux == FALSE) { $pop3->deleteMsg(1); continue; } if (!isset($aux["From"])) { $aux['From'] = $aux['Return-path']; } preg_match('/<?([-!#$%&\'*+\\.\\/0-9=?A-Z^_`a-z{|}~]+@[-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\\.[-!#$%&\'*+\\.\\/0-9=?A-Z^_`a-z{|}~]+)>?/', $aux["From"], $mail); $email = $mail[1]; $full = $pop3->getMsg(1); $message = $pop3->getBody(1); // print( "<pre>" ); // print_r( $full ); // print( "</pre>" ); $output = mime::decode($full); //unset ($parts); //$this->parse_output($output, $parts, 0); // print( "<pre>" ); // print_r( $output ); // print( "</pre>" ); if (isset($output["text"][0])) { $body = $output["text"][0]; } elseif (isset($output['parts'][0]["text"][0])) { $body = $output['parts'][0]["text"][0]; } elseif (isset($output['body'])) { $body = $output['body']; } else { $body = ""; } // print( "<pre>" ); // print_r( $body ); // print( "</pre>" ); // Remove 're:' and [forum]. -rlpowell $title = trim(preg_replace("/[rR][eE]:/", "", preg_replace("/\\[[-A-Za-z _:]*\\]/", "", $output['header']['subject']))); if (stristr($aux['Subject'], "=?iso-8859-1?") == $aux['Subject']) { $title = utf8_encode($title); } //Todo: check permissions $message_id = substr($output['header']["message-id"], 1, strlen($output['header']["message-id"]) - 2); if (isset($output['header']["in-reply-to"])) { $in_reply_to = substr($output['header']["in-reply-to"], 1, strlen($output['header']["in-reply-to"]) - 2); } else { $in_reply_to = ''; } // Determine user from email $userName = $this->getOne("select `login` from `users_users` where `email`=?", array($email)); if (!$userName) { $user = ''; } // Determine if the thread already exists. $parentId = $this->getOne("select `threadId` from `tiki_comments` where\n\t\t `object`=? and `objectType` = 'forum' and\n\t\t `parentId`=0 and `title`=?", array($forumId, $title)); // print( "<pre>parentid:" ); // print_r( $parentId ); // print( "</pre>" ); if (!$parentId) { // No thread already; create it. $temp_msid = ''; $parentId = $this->post_new_comment('forum:' . $forumId, 0, $userName, $title, sprintf(tra("Use this thread to discuss the %s page."), "[tiki-index.php?page={$title}|{$title}]"), $temp_msid, $in_reply_to); $this->register_forum_post($forumId, 0); // First post is in reply to this one $in_reply_to = $temp_msid; } // post $threadid = $this->post_new_comment('forum:' . $forumId, $parentId, $userName, $title, $body, $message_id, $in_reply_to); $this->register_forum_post($forumId, $parentId); // Process attachments if (array_key_exists('parts', $output) && count($output['parts']) > 1) { foreach ($output['parts'] as $part) { if (array_key_exists('disposition', $part) && $part['disposition'] == "attachment") { if (strlen($part['d_parameters']['filename']) > 0) { $part_name = $part['d_parameters']['filename']; } else { $part_name = "Unnamed File"; } $forum_info = $this->get_forum($forumId); $this->add_thread_attachment($forum_info, $threadid, '', $part['body'], $part_name, $part['type'], strlen($part['body']), 1); } } } // Deal with mail notifications. if (array_key_exists('outbound_mails_reply_link', $info) && $info['outbound_mails_for_inbound_mails'] == 'y') { //phpinfo(); include_once 'lib/notifications/notificationemaillib.php'; sendForumEmailNotification('forum_post_thread', $threadid, $info, $title, $body, $userName, $title, $message_id, $in_reply_to, $threadid, $parentId); } $pop3->deleteMsg(1); $pop3->disconnect(); } }
if ($threadId && isset($_FILES['userfile1']) && !empty($_FILES['userfile1']['name'])) { if (is_uploaded_file($_FILES['userfile1']['tmp_name'])) { check_ticket('view-forum'); $fp = fopen($_FILES['userfile1']['tmp_name'], "rb"); $commentslib->add_thread_attachment($forum_info, $threadId, $fp, '', $_FILES['userfile1']['name'], $_FILES['userfile1']['type'], $_FILES['userfile1']['size']); } else { $smarty->assign('msg', $tikilib->uploaded_file_error($_FILES['userfile1']['error'])); $smarty->display("error.tpl"); die; } } //END ATTACHMENT PROCESSING if ($threadId) { // Deal with mail notifications. include_once 'lib/notifications/notificationemaillib.php'; sendForumEmailNotification('forum_post_topic', $_REQUEST['forumId'], $forum_info, $_REQUEST['comments_title'], $_REQUEST['comments_data'], $user, $_REQUEST['comments_title'], $message_id, '', $threadId, isset($_REQUEST['comments_parentId']) ? $_REQUEST['comments_parentId'] : 0, isset($_REQUEST['contributions']) ? $_REQUEST['contributions'] : ''); // Set watch if requested if ($prefs['feature_user_watches'] == 'y' && $user && isset($_REQUEST['set_thread_watch']) && $_REQUEST['set_thread_watch'] == 'y') { $tikilib->add_user_watch($user, 'forum_post_thread', $threadId, 'forum topic', $forum_info['name'] . ':' . $_REQUEST["comments_title"], "tiki-view_forum_thread.php?forumId=" . $forum_info['forumId'] . "&comments_parentId=" . $threadId); } } } elseif ($_REQUEST['forumId'] != $prefs['wiki_forum_id']) { // the threadId already exists $smarty->assign('duplic', 'y'); unset($_REQUEST['comments_postComment']); // not to go in the topic redirection } $commentslib->register_forum_post($_REQUEST["forumId"], 0); } elseif ($tiki_p_admin_forum == 'y' || $commentslib->user_can_edit_post($user, $_REQUEST["comments_threadId"])) { $commentslib->update_comment($_REQUEST["comments_threadId"], $_REQUEST["comments_title"], '', $_REQUEST["comments_data"], $_REQUEST["comment_topictype"], $_REQUEST['comment_topicsummary'], $_REQUEST['comment_topicsmiley'], 'forum:' . $_REQUEST["forumId"], isset($_REQUEST['contributions']) ? $_REQUEST['contributions'] : ''); // TAG Stuff