function testRegistrationWithHoneyPot()
{
$origHoneypot = ForumHolder::$use_honeypot_on_register;
$origSpamprotection = ForumHolder::$use_spamprotection_on_register;
ForumHolder::$use_spamprotection_on_register = false;
ForumHolder::$use_honeypot_on_register = false;
$response = $this->get('ForumMemberProfile/register');
$this->assertNotContains('RegistrationForm_username', $response->getBody(), 'Honeypot is disabled by default');
ForumHolder::$use_honeypot_on_register = true;
$response = $this->get('ForumMemberProfile/register');
$this->assertContains('RegistrationForm_username', $response->getBody(), 'Honeypot can be enabled');
// TODO Will fail if Member is decorated with further *required* fields,
// through updateForumFields() or updateForumValidator()
$baseData = array('Password' => array('_Password' => 'text', '_ConfirmPassword' => 'text'), "Nickname" => 'test', "Email" => '*****@*****.**');
$invalidData = array_merge($baseData, array('action_doregister' => 1, 'username' => 'spamtastic'));
$response = $this->post('ForumMemberProfile/RegistrationForm', $invalidData);
$this->assertEquals(403, $response->getStatusCode());
$validData = array_merge($baseData, array('action_doregister' => 1));
$response = $this->post('ForumMemberProfile/RegistrationForm', $validData);
// Weak check (registration might still fail), but good enough to know if the honeypot is working
$this->assertEquals(200, $response->getStatusCode());
ForumHolder::$use_honeypot_on_register = $origHoneypot;
ForumHolder::$use_spamprotection_on_register = $origSpamprotection;
}
/**
* Return the url of the avatar or gravatar of the selected user.
* Checks to see if the current user has an avatar, if they do use it
* otherwise query gravatar.com
*
* @return String
*/
function getFormattedAvatar()
{
$default = "forum/images/forummember_holder.gif";
$currentTheme = Config::inst()->get('SSViewer', 'theme');
if (file_exists('themes/' . $currentTheme . '_forum/images/forummember_holder.gif')) {
$default = 'themes/' . $currentTheme . '_forum/images/forummember_holder.gif';
}
// if they have uploaded an image
if ($this->owner->AvatarID) {
$avatar = Image::get()->byID($this->owner->AvatarID);
if (!$avatar) {
return $default;
}
$resizedAvatar = $avatar->SetWidth(80);
if (!$resizedAvatar) {
return $default;
}
return $resizedAvatar->URL;
}
//If Gravatar is enabled, allow the selection of the type of default Gravatar.
if ($holder = ForumHolder::get()->filter('AllowGravatars', 1)->first()) {
// If the GravatarType is one of the special types, then set it otherwise use the
//default image from above forummember_holder.gif
if ($holder->GravatarType) {
$default = $holder->GravatarType;
} else {
// we need to get the absolute path for the default forum image
return $default;
}
// ok. no image but can we find a gravatar. Will return the default image as defined above if not.
return "http://www.gravatar.com/avatar/" . md5($this->owner->Email) . "?default=" . urlencode($default) . "&size=80";
}
return $default;
}
/**
* Return the GlobalAnnouncements from the individual forums
*
* @return DataObjectSet
*/
function GlobalAnnouncements()
{
/*return DataObject::get(
"ForumThread",
"\"ForumThread\".\"IsGlobalSticky\" = 1 AND \"ForumPage\".\"ParentID\"={$this->ID}",
"MAX(\"PostList\".\"Created\") DESC",
"INNER JOIN \"Post\" AS \"PostList\" ON \"PostList\".\"ThreadID\" = \"ForumThread\".\"ID\"
INNER JOIN \"" . ForumHolder::baseForumTable() . "\" \"ForumPage\" ON \"ForumThread\".\"ForumID\"=\"ForumPage\".\"ID\"");
*/
//Get all the forums with global sticky threads, and then get the most recent post for each of these
$threads = DataObject::get('ForumThread', "\"ForumThread\".\"IsGlobalSticky\"=1 AND \"ForumPage\".\"ParentID\"={$this->ID}", '', "INNER JOIN \"" . ForumHolder::baseForumTable() . "\" AS \"ForumPage\" ON \"ForumThread\".\"ForumID\"=\"ForumPage\".\"ID\"");
//Now go and get the most recent post for each of these forum threads
$trimmed = new DataObjectSet();
if ($threads) {
foreach ($threads as $thread) {
if ($thread->canView()) {
$post = DataObject::get_one('Post', "\"Post\".\"ThreadID\"={$thread->ID}", "\"Created\" DESC");
$thread->Post = $post;
$trimmed->Push($thread);
}
}
}
return $trimmed;
}
public function ListForums()
{
$forum_holders = ForumHolder::get();
return $forum_holders;
}
/**
* Get the results from the database
*
* @param Int $forumHolderID ForumHolderID to limit it too
* @param String $query
* @param String $order
* @param Int Offset
* @param Int Limit
*
* @return DataObjectSet
*/
public function getResults($forumHolderID, $query, $order, $offset = 0, $limit = 10)
{
// Search for authors
$SQL_queryParts = split(' +', trim($query));
foreach ($SQL_queryParts as $SQL_queryPart) {
$SQL_clauses[] = "\"FirstName\" LIKE '%{$SQL_queryPart}%' OR \"Surname\" LIKE '%{$SQL_queryPart}' OR \"Nickname\" LIKE '%{$SQL_queryPart}'";
}
$potentialAuthors = DataObject::get('Member', implode(" OR ", $SQL_clauses), '"ID" ASC');
$SQL_authorClause = '';
$SQL_potentialAuthorIDs = array();
if ($potentialAuthors) {
foreach ($potentialAuthors as $potentialAuthor) {
$SQL_potentialAuthorIDs[] = $potentialAuthor->ID;
}
$SQL_authorList = implode(", ", $SQL_potentialAuthorIDs);
$SQL_authorClause = "OR \"Post\".\"AuthorID\" IN ({$SQL_authorList})";
}
// Work out what sorting method
switch ($order) {
case 'date':
$sort = "\"Post\".\"Created\" DESC";
break;
case 'title':
$sort = "\"ForumThread\".\"Title\" ASC";
break;
default:
$sort = "\"RelevancyScore\" DESC";
break;
}
$baseSelect = "SELECT \"Post\".\"ID\", \"Post\".\"Created\", \"Post\".\"LastEdited\", \"Post\".\"ClassName\", \"ForumThread\".\"Title\", \"Post\".\"Content\", \"Post\".\"ThreadID\", \"Post\".\"AuthorID\", \"ForumThread\".\"ForumID\"";
$baseFrom = "FROM \"Post\"\n\t\t\tJOIN \"ForumThread\" ON \"Post\".\"ThreadID\" = \"ForumThread\".\"ID\"\n\t\t\tJOIN \"" . ForumHolder::baseForumTable() . "\" \"ForumPage\" ON \"ForumThread\".\"ForumID\"=\"ForumPage\".\"ID\"";
// each database engine does its own thing
switch (DB::getConn()->getDatabaseServer()) {
case 'postgresql':
$queryString = "\n\t\t\t\t\t{$baseSelect}\n\t\t\t\t\t{$baseFrom}\t\n\t\t\t\t\t, to_tsquery('english', '{$query}') AS q";
$limitString = "LIMIT {$limit} OFFSET {$offset};";
break;
case 'mssql':
$queryString = "\n\t\t\t\t\t{$baseSelect}\n\t\t\t\t\t{$baseFrom}\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t(CONTAINS(\"ForumThread\".\"Title\", '{$query}') OR CONTAINS(\"Post\".\"Content\", '{$query}')\n\t\t\t\t\t\tAND \"ForumPage\".\"ParentID\"='{$forumHolderID}'";
// @todo fix this to use MSSQL's version of limit/offsetB
$limitString = false;
break;
default:
$queryString = "\n\t\t\t\t\t{$baseSelect},\n\t\t\t\t\tMATCH (\"Post\".\"Content\") AGAINST ('{$query}') AS RelevancyScore\n\t\t\t\t\t{$baseFrom}\n\t\t\t\t\tWHERE\n\t\t\t\t\t\tMATCH (\"ForumThread\".\"Title\", \"Post\".\"Content\") AGAINST ('{$query}' IN BOOLEAN MODE)\n\t\t\t\t\t\t{$SQL_authorClause}\n\t\t\t\t\t\tAND \"ForumPage\".\"ParentID\"='{$forumHolderID}'\n\t\t\t\t\tORDER BY {$sort}";
$limitString = " LIMIT {$offset}, {$limit};";
}
// Find out how many posts that match with no limit
$allPosts = DB::query($queryString);
// Get the 10 posts from the starting record
if ($limitString) {
$query = DB::query("\n\t\t\t\t{$queryString}\n\t\t\t\t{$limitString}\n\t\t\t");
} else {
$query = $allPosts;
}
$allPostsCount = $allPosts ? $allPosts->numRecords() : 0;
$baseClass = new Post();
$postsSet = $baseClass->buildDataObjectSet($query);
if ($postsSet) {
$postsSet->setPageLimits($offset, $limit, $allPostsCount);
}
return $postsSet ? $postsSet : new DataObjectSet();
}
/**
* Register a new member
*
* @param array $data User submitted data
* @param Form $form The used form
*/
function doregister($data, $form)
{
// Check if the honeypot has been filled out
if (ForumHolder::$use_honeypot_on_register) {
if (@$data['username']) {
SS_Log::log(sprintf('Forum honeypot triggered (data: %s)', http_build_query($data)), SS_Log::NOTICE);
return $this->httpError(403);
}
}
$forumGroup = Group::get()->filter('Code', 'forum-members')->first();
if ($member = Member::get()->filter('Email', $data['Email'])->first()) {
if ($member) {
$form->addErrorMessage("Blurb", _t('ForumMemberProfile.EMAILEXISTS', 'Sorry, that email address already exists. Please choose another.'), "bad");
// Load errors into session and post back
Session::set("FormInfo.Form_RegistrationForm.data", $data);
return $this->redirectBack();
}
} elseif ($this->getForumHolder()->OpenIDAvailable() && isset($data['IdentityURL']) && ($member = Member::get()->filter('IdentityURL', $data['IdentityURL'])->first())) {
$errorMessage = _t('ForumMemberProfile.OPENIDEXISTS', 'Sorry, that OpenID is already registered. Please choose another or register without OpenID.');
$form->addErrorMessage("Blurb", $errorMessage, "bad");
// Load errors into session and post back
Session::set("FormInfo.Form_RegistrationForm.data", $data);
return $this->redirectBack();
} elseif ($member = Member::get()->filter('Nickname', $data['Nickname'])->first()) {
$errorMessage = _t('ForumMemberProfile.NICKNAMEEXISTS', 'Sorry, that nickname already exists. Please choose another.');
$form->addErrorMessage("Blurb", $errorMessage, "bad");
// Load errors into session and post back
Session::set("FormInfo.Form_RegistrationForm.data", $data);
return $this->redirectBack();
}
// create the new member
$member = Object::create('Member');
$form->saveInto($member);
$member->write();
$member->login();
$member->Groups()->add($forumGroup);
$member->extend('onForumRegister', $this->request);
if (isset($data['BackURL']) && $data['BackURL']) {
return $this->redirect($data['BackURL']);
}
return array("Form" => ForumHolder::get()->first()->ProfileAdd);
}
/**
* Add default records to database
*
* This function is called whenever the database is built, after the
* database tables have all been created.
*/
public function requireDefaultRecords()
{
parent::requireDefaultRecords();
$code = "ACCESS_FORUM";
if (!($forumGroup = DataObject::get_one("Group", "\"Group\".\"Code\" = 'forum-members'"))) {
$group = new Group();
$group->Code = 'forum-members';
$group->Title = "Forum Members";
$group->write();
Permission::grant($group->ID, $code);
DB::alteration_message(_t('Forum.GROUPCREATED', 'Forum Members group created'), "created");
} else {
if (DB::query("SELECT * FROM \"Permission\" WHERE \"GroupID\" = '{$forumGroup->ID}' AND \"Code\" LIKE '{$code}'")->numRecords() == 0) {
Permission::grant($forumGroup->ID, $code);
}
}
if (!($category = DataObject::get_one("ForumCategory"))) {
$category = new ForumCategory();
$category->Title = _t('Forum.DEFAULTCATEGORY', 'General');
$category->write();
}
if (!DataObject::get_one("ForumHolder")) {
$forumholder = new ForumHolder();
$forumholder->Title = "Forums";
$forumholder->URLSegment = "forums";
$forumholder->Content = "<p>" . _t('Forum.WELCOMEFORUMHOLDER', 'Welcome to SilverStripe Forum Module! This is the default ForumHolder page. You can now add forums.') . "</p>";
$forumholder->Status = "Published";
$forumholder->write();
$forumholder->publish("Stage", "Live");
DB::alteration_message(_t('Forum.FORUMHOLDERCREATED', 'ForumHolder page created'), "created");
$forum = new Forum();
$forum->Title = _t('Forum.TITLE', 'General Discussion');
$forum->URLSegment = "general-discussion";
$forum->ParentID = $forumholder->ID;
$forum->Content = "<p>" . _t('Forum.WELCOMEFORUM', 'Welcome to SilverStripe Forum Module! This is the default Forum page. You can now add topics.') . "</p>";
$forum->Status = "Published";
$forum->CategoryID = $category->ID;
$forum->write();
$forum->publish("Stage", "Live");
DB::alteration_message(_t('Forum.FORUMCREATED', 'Forum page created'), "created");
}
}
/**
* Return the GlobalAnnouncements from the individual forums
*
* @return DataObjectSet
*/
function GlobalAnnouncements()
{
//dump(ForumHolder::baseForumTable());
// Get all the forums with global sticky threads
return ForumThread::get()->filter('IsGlobalSticky', 1)->innerJoin(ForumHolder::baseForumTable(), '"ForumThread"."ForumID"="ForumPage"."ID"', "ForumPage")->where('"ForumPage"."ParentID" = ' . $this->ID)->filterByCallback(function ($thread) {
if ($thread->canView()) {
$post = Post::get()->filter('ThreadID', $thread->ID)->sort('Post.Created DESC');
$thread->Post = $post;
return true;
}
});
}
/**
* Add default records to database
*
* This function is called whenever the database is built, after the
* database tables have all been created.
*/
public function requireDefaultRecords()
{
parent::requireDefaultRecords();
$code = "ACCESS_FORUM";
if (!($forumGroup = Group::get()->filter('Code', 'forum-members')->first())) {
$group = new Group();
$group->Code = 'forum-members';
$group->Title = "Forum Members";
$group->write();
Permission::grant($group->ID, $code);
DB::alteration_message(_t('Forum.GROUPCREATED', 'Forum Members group created'), 'created');
} else {
if (!Permission::get()->filter(array('GroupID' => $forumGroup->ID, 'Code' => $code))->exists()) {
Permission::grant($forumGroup->ID, $code);
}
}
if (!($category = ForumCategory::get()->first())) {
$category = new ForumCategory();
$category->Title = _t('Forum.DEFAULTCATEGORY', 'General');
$category->write();
}
if (!ForumHolder::get()->exists()) {
$forumholder = new ForumHolder();
$forumholder->Title = "Forums";
$forumholder->URLSegment = "forums";
$forumholder->Content = "<p>" . _t('Forum.WELCOMEFORUMHOLDER', 'Welcome to SilverStripe Forum Module! This is the default ForumHolder page. You can now add forums.') . "</p>";
$forumholder->Status = "Published";
$forumholder->write();
$forumholder->publish("Stage", "Live");
DB::alteration_message(_t('Forum.FORUMHOLDERCREATED', 'ForumHolder page created'), "created");
$forum = new Forum();
$forum->Title = _t('Forum.TITLE', 'General Discussion');
$forum->URLSegment = "general-discussion";
$forum->ParentID = $forumholder->ID;
$forum->Content = "<p>" . _t('Forum.WELCOMEFORUM', 'Welcome to SilverStripe Forum Module! This is the default Forum page. You can now add topics.') . "</p>";
$forum->Status = "Published";
$forum->CategoryID = $category->ID;
$forum->write();
$forum->publish("Stage", "Live");
DB::alteration_message(_t('Forum.FORUMCREATED', 'Forum page created'), "created");
}
}
function testGetNewPostsAvailable()
{
$fh = $this->objFromFixture("ForumHolder", "fh");
// test last visit. we can assume that these tests have been reloaded in the past 24 hours
$data = array();
$this->assertTrue(ForumHolder::new_posts_available($fh->ID, $data, date('Y-m-d H:i:s', mktime(0, 0, 0, date('m'), date('d') - 1, date('Y')))));
// set the last post ID (test the first post - so there should be a post, last post (false))
$fixtureIDs = $this->allFixtureIDs('Post');
$lastPostID = end($fixtureIDs);
$this->assertTrue(ForumHolder::new_posts_available($fh->ID, $data, null, 1));
$this->assertFalse(ForumHolder::new_posts_available($fh->ID, $data, null, $lastPostID));
// limit to a specific forum
$forum = $this->objFromFixture("Forum", "general");
$this->assertTrue(ForumHolder::new_posts_available($fh->ID, $data, null, null, $forum->ID));
$this->assertFalse(ForumHolder::new_posts_available($fh->ID, $data, null, $lastPostID, $forum->ID));
// limit to a specific thread
$thread = $this->objFromFixture("ForumThread", "Thread1");
$this->assertTrue(ForumHolder::new_posts_available($fh->ID, $data, null, null, null, $thread->ID));
$this->assertFalse(ForumHolder::new_posts_available($fh->ID, $data, null, $lastPostID, null, $thread->ID));
}
