/**
* Check if the given message and/or user is banned from posting.
*
* NOTE: This function could probably be optimized by doing most of the
* work in the MySQL database instead of in PHP. In other words,
* do the work that isBanned() is doing in a database query, something
* like:
*
* $sql = "SELECT type FROM {$PHORUM['banlist_table']} "
* ." WHERE pcre=0 "
* ." AND (type=".PHORUM_BAD_IPS." AND string='$p_ip')"
* ." OR (type=".PHORUM_BAD_EMAILS." AND string='".$p_email"')"
* ." OR (type=".PHORUM_BAD_NAMES." AND string='$p_name')";
*
* @param Phorum_message $p_phorumMessage
* @param Phorum_user $p_phorumUser
* @param int $p_forumId
* @return boolean
*/
public static function IsPostBanned($p_phorumMessage, $p_phorumUser = null, $p_forumId = null)
{
global $PHORUM;
static $bans;
// Fetch the settings and pretend they were returned to
// us instead of setting a global variable.
phorum_db_load_settings();
$settings = $PHORUM['SETTINGS'];
// Cache the ban list.
if (!isset($bans)) {
// get the bans
$bans = Phorum_ban_item::GetBanItems($p_forumId);
}
// Check if any of them match
$banned = array();
foreach ($bans as $ban) {
switch ($ban->getType()) {
case PHORUM_BAD_NAMES:
if ($ban->isBanned($p_phorumMessage->getAuthor())) {
$banned[PHORUM_BAD_NAMES] = PHORUM_BAD_NAMES;
}
if (!is_null($p_phorumUser) && $ban->isBanned($p_phorumUser->getUserName())) {
$banned[PHORUM_BAD_NAMES] = PHORUM_BAD_NAMES;
}
break;
case PHORUM_BAD_EMAILS:
if ($ban->isBanned($p_phorumMessage->getEmail())) {
$banned[PHORUM_BAD_EMAILS] = PHORUM_BAD_EMAILS;
}
if (!is_null($p_phorumUser) && $ban->isBanned($p_phorumUser->getEmail())) {
$banned[PHORUM_BAD_EMAILS] = PHORUM_BAD_EMAILS;
}
break;
case PHORUM_BAD_USERID:
if (!is_null($p_phorumUser) && $ban->isBanned($p_phorumUser->getUserId())) {
$banned[PHORUM_BAD_USERID] = PHORUM_BAD_USERID;
}
break;
case PHORUM_BAD_IPS:
if ($ban->isBanned($p_phorumMessage->getIpAddress())) {
$banned[PHORUM_BAD_IPS] = PHORUM_BAD_IPS;
}
break;
case PHORUM_BAD_SPAM_WORDS:
if ($ban->isBanned($p_phorumMessage->getSubject())
|| $ban->isBanned($p_phorumMessage->getBody())){
$banned[PHORUM_BAD_SPAM_WORDS] = PHORUM_BAD_SPAM_WORDS;
}
break;
}
}
if (count($banned) > 0) {
return $banned;
} else {
return false;
}
} // fn IsPostBanned
function testUpdateThreadInfo()
{
// Create thread start.
$message = new Phorum_message();
$message->create(1, 'delete me');
$messageId = $message->getMessageId();
// add message to the thread.
$message2 = new Phorum_message();
$message2->create(1, "delete me", "wow", $messageId, $messageId);
$message->fetch();
$threadCount = $message->getNumMessagesInThread();
$message2->delete();
$message->fetch();
$threadCount2 = $message->getNumMessagesInThread();
if ($threadCount != ($threadCount2 + 1)) {
$this->fail("Thread stats not updated correctly.");
}
}
/**
* Create the first message for an article, which is a blank message
* with the title of the article as the subject.
*
* @param Article $p_article
* @param int $p_forumId
* @return mixed
* The comment created (or the one that already exists) on success,
* or false on error.
*/
private function CreateFirstComment($p_article, $p_forumId)
{
// Check if the first post already exists.
$articleNumber = $p_article->getArticleNumber();
$languageId = $p_article->getLanguageId();
$firstPost = ArticleComment::GetCommentThreadId($articleNumber, $languageId);
if ($firstPost) {
return new Phorum_message($firstPost);
}
// Get article creator
$user = new User($p_article->getCreatorId());
if ($user->exists()) {
$userId = $user->getUserId();
$userEmail = $user->getEmail();
$userPasswd = $user->getPassword();
$userName = $user->getUserName();
$userRealName = $user->getRealName();
// Create phorum user if necessary
$phorumUser = Phorum_user::GetByUserName($userName);
if (!is_object($phorumUser)) {
$phorumUser = new Phorum_user();
}
if (!$phorumUser->CampUserExists($userId)
&& !$phorumUser->create($userName, $userPasswd, $userEmail, $userId)) {
return null;
}
} else {
$userId = null;
$userEmail = '';
$userRealName = '';
}
// Create the comment.
$title = $p_article->getTitle();
$commentObj = new Phorum_message();
if ($commentObj->create($p_forumId, $title, '', 0, 0, $userRealName,
$userEmail, is_null($userId) ? 0 : $userId)) {
// Link the message to the current article.
ArticleComment::Link($articleNumber, $languageId, $commentObj->getMessageId(), true);
return $commentObj;
} else {
return null;
}
} // method CreateFirstComment
?>
<script type="text/javascript">
window.close();
window.opener.location.reload();
</script>
<?php
exit;
}
}
if (!isset($connectedToOnlineServer)
|| $connectedToOnlineServer == true) {
$f_comment_id = Input::Get("f_comment_id", "int");
$banned = false;
$comment = new Phorum_message($f_comment_id);
if ($comment->exists()) {
$banIp = Input::Get("f_ban_ip", 'checkbox');
if ($banIp) {
$banItem = new Phorum_ban_item();
$banItem->create(PHORUM_BAD_IPS, false, $comment->getIpAddress());
$banned = true;
} else {
Phorum_ban_item::DeleteMatching(PHORUM_BAD_IPS, false, $comment->getIpAddress());
}
$banEmail = Input::Get("f_ban_email", 'checkbox');
if ($banEmail) {
$banItem = new Phorum_ban_item();
$banItem->create(PHORUM_BAD_EMAILS, false, $comment->getEmail());
$banned = true;
} else {
$languageObj = new Language($articleObj->getLanguageId());
$topArray = array('Pub' => $publicationObj, 'Issue' => $issueObj,
'Section' => $sectionObj, 'Article'=>$articleObj);
camp_html_content_top(getGS("Reply to comment"), $topArray);
if (SystemPref::Get("UseDBReplication") == 'Y') {
$dbReplicationObj = new DbReplication();
$connectedToOnlineServer = $dbReplicationObj->connect();
if ($connectedToOnlineServer == false) {
camp_html_add_msg(getGS("Comments Disabled: you are either offline or not able to reach the Online server"));
} else {
$comment = new Phorum_message($f_comment_id);
}
} else {
$comment = new Phorum_message($f_comment_id);
}
?>
<table cellpadding="1" cellspacing="0" class="action_buttons" style="padding-top: 10px;">
<tr>
<td><img src="<?php echo $Campsite["ADMIN_IMAGE_BASE_URL"]; ?>/left_arrow.png" border="0" /></td>
<td><a href="<?php echo camp_html_article_url($articleObj, $f_language_id, "edit.php"); ?>"><b><?php putGS('Back to Edit Article'); ?></b></a></td>
</tr>
</table>
<p>
<table cellspacing="0" cellpadding="0" border="0" class="box_table">
<tr>
<td colspan="2" style="padding-top: 5px; padding-bottom: 5px; border-bottom: 1px solid black;"">
<b><?php putGS('Comment'); ?></b>
</td>
if ($articleObj->isLocked() && ($g_user->getUserId() != $articleObj->getLockedByUser())) {
$diffSeconds = time() - strtotime($articleObj->getLockTime());
$hours = floor($diffSeconds/3600);
$diffSeconds -= $hours * 3600;
$minutes = floor($diffSeconds/60);
$lockUser = new User($articleObj->getLockedByUser());
camp_html_add_msg(getGS('Could not save the article. It has been locked by $1 $2 hours and $3 minutes ago.', $lockUser->getRealName(), $hours, $minutes));
camp_html_goto_page($BackLink);
exit;
}
// Update the first comment if the article title has changed
if ($f_article_title != $articleObj->getTitle()) {
$firstPostId = ArticleComment::GetCommentThreadId($articleObj->getArticleNumber(), $articleObj->getLanguageId());
if ($firstPostId) {
$firstPost = new Phorum_message($firstPostId);
$firstPost->setSubject($f_article_title);
}
}
// Update the article author
if (!empty($f_article_author)) {
ArticleAuthor::OnArticleLanguageDelete($articleObj->getArticleNumber(), $articleObj->getLanguageId());
$i = 0;
foreach ($f_article_author as $author) {
$authorObj = new Author($author);
if (!$authorObj->exists() && strlen(trim($author)) > 0) {
$authorData = Author::ReadName($author);
$authorObj->create($authorData);
}
// Sets the author type selected
if (SystemPref::Get("UseDBReplication") == 'Y') {
$dbReplicationObj = new DbReplication();
$connectedToOnlineServer = $dbReplicationObj->connect();
if ($connectedToOnlineServer == false) {
camp_html_add_msg(getGS("Comments Disabled: you are either offline or not able to reach the Online server"));
camp_html_goto_page(camp_html_article_url($articleObj, $f_language_selected, "edit.php"));
}
}
// process all comments
foreach ($_REQUEST as $name => $value) {
if (strstr($name, "comment_action_")) {
$parts = explode("_", $name);
$messageId = $parts[2];
$comment = new Phorum_message($messageId);
if (!$comment->exists()) {
continue;
}
switch ($value) {
case "inbox":
$comment->setStatus(PHORUM_STATUS_HOLD);
break;
case "hide":
$comment->setStatus(PHORUM_STATUS_HIDDEN);
break;
case "delete":
// Not allowed to delete first post.
if ($comment->getMessageId() != $comment->getThreadId()) {
$comment->delete();
ArticleComment::Unlink(null, null, $messageId);
/**
* Get the messages that match the given conditions.
* The conditions are AND'ed together.
*
* @param array $p_match
* An array of (column name => value to match)
* @param string $p_method
* The way to combine the statements: can be
* "AND", "OR", or "RAW". RAW is for cases when
* you want to type an SQL condition directly in
* $p_match, for example:
* Phorum_message::GetMessages("status > 0 AND author LIKE %foo%", "RAW");
*
* @return array
*/
public static function GetMessages($p_match, $p_method = "AND")
{
global $PHORUM;
global $g_ado_db;
if (!is_array($p_match)) {
return null;
}
$p_method = strtoupper(trim($p_method));
if (!in_array($p_method, array("AND", "OR", "RAW"))) {
return null;
}
if ($p_method != "RAW") {
foreach ($p_match as $columnName => $value) {
$parts[] = '`'.$columnName."`='".mysql_real_escape_string($value)."'";
}
$whereClause = implode(" $p_method ", $parts);
} else {
$whereClause = $p_match;
}
$sql = "SELECT * FROM ".$PHORUM['message_table']
." WHERE $whereClause"
." ORDER BY message_id";
$result = $g_ado_db->GetAll($sql);
$returnArray = array();
if (count($result) > 0){
foreach ($result as $row) {
$tmpMessage = new Phorum_message();
$tmpMessage->fetch($row);
$returnArray[$row['message_id']] = $tmpMessage;
}
}
return $returnArray;
} // fn GetMessages
/**
* Returns an article comments list based on the given parameters.
*
* @param array $p_parameters
* An array of ComparisonOperation objects
* @param string $p_order
* An array of columns and directions to order by
* @param integer $p_start
* The record number to start the list
* @param integer $p_limit
* The offset. How many records from $p_start will be retrieved.
* @param integer $p_count
* The total count of the elements; this count is computed without
* applying the start ($p_start) and limit parameters ($p_limit)
*
* @return array $articleCommentsList
* An array of Comment objects
*/
public static function GetList(array $p_parameters, $p_order = null,
$p_start = 0, $p_limit = 0, &$p_count, $p_skipCache = false)
{
global $g_ado_db, $PHORUM;
if (!$p_skipCache && CampCache::IsEnabled()) {
$paramsArray['parameters'] = serialize($p_parameters);
$paramsArray['order'] = (is_null($p_order)) ? 'null' : $p_order;
$paramsArray['start'] = $p_start;
$paramsArray['limit'] = $p_limit;
$cacheListObj = new CampCacheList($paramsArray, __METHOD__, self::DEFAULT_TTL);
$articleCommentsList = $cacheListObj->fetchFromCache();
if ($articleCommentsList !== false && is_array($articleCommentsList)) {
return $articleCommentsList;
}
}
$selectClauseObj = new SQLSelectClause();
$countClauseObj = new SQLSelectClause();
$messageTable = $PHORUM['message_table'];
$selectClauseObj->setTable($messageTable);
$countClauseObj->setTable($messageTable);
$articleNumber = null;
$languageId = null;
// sets the where conditions
foreach ($p_parameters as $param) {
$comparisonOperation = self::ProcessListParameters($param);
if (strtolower($comparisonOperation->getLeftOperand()) == 'fk_article_number') {
$articleNumber = $comparisonOperation->getRightOperand();
}
if (strtolower($comparisonOperation->getLeftOperand()) == 'fk_language_id') {
$languageId = $comparisonOperation->getRightOperand();
}
$parameters[] = $comparisonOperation;
}
if (!is_null($articleNumber) && !is_null($languageId)) {
// gets the thread id for the article
$threadId = ArticleComment::GetCommentThreadId($articleNumber, $languageId);
$selectClauseObj->addWhere('thread = '.$threadId);
$countClauseObj->addWhere('thread = '.$threadId);
}
$selectClauseObj->addWhere('message_id != thread');
$selectClauseObj->addWhere('status = '.PHORUM_STATUS_APPROVED);
$countClauseObj->addWhere('message_id != thread');
$countClauseObj->addWhere('status = '.PHORUM_STATUS_APPROVED);
if (!is_array($p_order) || count($p_order) == 0) {
$p_order = array('default'=>'asc');
}
// sets the order condition if any
if (is_array($p_order)) {
$order = ArticleComment::ProcessListOrder($p_order);
// sets the order condition if any
foreach ($order as $orderDesc) {
$orderField = $orderDesc['field'];
$orderDirection = $orderDesc['dir'];
$selectClauseObj->addOrderBy($orderField . ' ' . $orderDirection);
}
}
// sets the limit
$selectClauseObj->setLimit($p_start, $p_limit);
// builds the query and executes it
$selectQuery = $selectClauseObj->buildQuery();
$comments = $g_ado_db->GetAll($selectQuery);
if (is_array($comments)) {
$countClauseObj->addColumn('COUNT(*)');
$countQuery = $countClauseObj->buildQuery();
$p_count = $g_ado_db->GetOne($countQuery);
// builds the array of comment objects
$articleCommentsList = array();
foreach ($comments as $comment) {
$pmObj = new Phorum_message($comment['message_id']);
if ($pmObj->exists()) {
$articleCommentsList[] = $pmObj;
}
}
} else {
$articleCommentsList = array();
$p_count = 0;
}
if (!$p_skipCache && CampCache::IsEnabled()) {
$cacheListObj->storeInCache($articleCommentsList);
}
return $articleCommentsList;
} // fn GetList