/**
* constructor
*
* @param $h Hotaru object
* @param $user_id
* @param $size avatar size in pixels
* @param $rating avatar rating (g, pg, r or x in Gravatar)
*/
public function __construct($h, $user_id = 0, $size = 32, $rating = 'g')
{
if (!$user_id) {
return false;
}
$this->user_id = $user_id;
$user = new UserBase();
$user->getUserBasic($h, $this->user_id);
$this->user_email = $user->email;
$this->user_name = $user->name;
$this->size = $size;
$this->rating = $rating;
$this->setVars($h);
}
function __construct()
{
parent::__construct();
//TODO: Anope does not keep offline users
$this->online = true;
// Oper mode
if (!Protocol::oper_hidden_mode || !$this->hasMode(Protocol::oper_hidden_mode)) {
$levels = Protocol::$oper_levels;
if (!empty($levels)) {
foreach ($levels as $mode => $level) {
if (strpos($this->umodes, $mode) !== false) {
$this->operator_level = $level;
break;
}
}
} elseif (strpos($this->umodes, 'o') !== false) {
$this->operator_level = "Operator";
}
if ($this->operator_level) {
$this->operator = true;
}
}
}
/**
* Get all users with permission to access admin
*/
public function getMods($h, $permission = 'can_access_admin', $value = 'yes')
{
$sql = "SELECT user_id FROM " . TABLE_USERS . " WHERE (user_role = %s) || (user_role = %s) || (user_role = %s)";
$users = $h->db->get_results($h->db->prepare($sql, 'admin', 'supermod', 'moderator'));
if (!$users) {
return false;
}
$mods = array();
foreach ($users as $user) {
$details = new UserBase();
$details->getUser($h, $user->user_id);
if ($details->getPermission($permission) == $value) {
$mods[$details->id]['id'] = $details->id;
$mods[$details->id]['role'] = $details->role;
$mods[$details->id]['name'] = $details->name;
$mods[$details->id]['email'] = $details->email;
}
}
return $mods;
}
public function __construct()
{
parent::__construct();
$this->remove('email');
$this->add(['type' => 'submit', 'name' => 'submit', 'attributes' => ['value' => 'login']]);
}
* Hotaru CMS is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE.
*
* You should have received a copy of the GNU General Public License along
* with Hotaru CMS. If not, see http://www.gnu.org/licenses/.
*
* @category Content Management System
* @package HotaruCMS
* @author Nick Ramsay <*****@*****.**>
* @copyright Copyright (c) 2009, Hotaru CMS
* @license http://www.gnu.org/copyleft/gpl.html GNU General Public License
* @link http://www.hotarucms.org/
*/
// get the user for this post:
$user = new UserBase($h);
$user->getUserBasic($h, $h->post->author);
?>
<?php
$h->pluginHook('sb_base_pre_show_post');
?>
<!-- POST -->
<div class="show_post vote_button_space" id="show_post_<?php
echo $h->post->id;
?>
" >
<?php
$h->pluginHook('sb_base_show_post_pre_title');
/**
* Send an email to admins/supermods chosen to receive emails about new user signups
*
* @param string $type - notification type, e.g. 'post', 'user', 'comment'
* @param string $status - role or status new user, post or comment
* @param string $id - post or user id
* @param string $commentid - comment id
*/
public function notifyMods($h, $type, $status, $id = 0, $commentid = 0)
{
$h->includeLanguage('users');
// in some cases, we don't already have the language file so need to include it.
$line_break = "\r\n\r\n";
$next_line = "\r\n";
$user = new UserBase();
switch ($type) {
case 'user':
$user->getUserBasic($h, $id);
$user_signin_settings = $h->getSerializedSettings('user_signin');
$email_mods = $user_signin_settings['email_notify_mods'];
$subject = $h->lang['userfunctions_notifymods_subject_user'];
$about = $h->lang['userfunctions_notifymods_body_about_user'];
break;
case 'post':
$user->getUserBasic($h, $h->post->author);
$submit_settings = $h->getSerializedSettings('submit');
$email_mods = $submit_settings['email_notify_mods'];
$subject = $h->lang['userfunctions_notifymods_subject_post'];
$about = $h->lang['userfunctions_notifymods_body_about_post'];
$h->readPost($id);
// If you're having problems, the caching used in an earlier readPost might be the cause
// emails were still saying new posts were "pending" and sending notification, so let's forcefully get the status:
$sql = "SELECT post_status FROM " . TABLE_POSTS . " WHERE post_id = %d";
$status = $h->db->get_var($h->db->prepare($sql, $id));
$h->post->status = $status;
break;
case 'comment':
$user->getUserBasic($h, $h->comment->author);
$comments_settings = $h->getSerializedSettings('comments');
$email_mods = $comments_settings['comment_email_notify_mods'];
$subject = $h->lang['userfunctions_notifymods_subject_comment'];
$about = $h->lang['userfunctions_notifymods_body_about_comment'];
$h->readPost($id);
// If you're having problems, the caching used in an earlier readPost might be the cause
$comment_array = $h->getComment($commentid);
$comment = $h->readComment($comment_array);
break;
default:
}
// send email
foreach ($email_mods as $mod) {
if ($mod['type'] == 'none') {
continue;
}
// skip rest of this iteration
if ($mod['type'] == 'pending' && $status != 'pending') {
continue;
}
// skip rest of this iteration
$body = $h->lang['userfunctions_notifymods_hello'] . $h->getUserNameFromId($mod['id']);
$body .= $line_break;
$body .= $about;
if ($type == 'post') {
$body .= $line_break;
$body .= $h->lang['userfunctions_notifymods_body_post_status'] . $h->post->status . $next_line;
$body .= $h->lang['userfunctions_notifymods_body_post_title'] . stripslashes(html_entity_decode(urldecode($h->post->title), ENT_QUOTES, 'UTF-8')) . $next_line;
$body .= $h->lang['userfunctions_notifymods_body_post_content'] . stripslashes(html_entity_decode(urldecode($h->post->content), ENT_QUOTES, 'UTF-8')) . $next_line;
$body .= $h->lang['userfunctions_notifymods_body_post_page'] . $h->url(array('page' => $h->post->id)) . $next_line;
// edit post page
$body .= $h->lang['userfunctions_notifymods_body_post_orig'] . $h->post->origUrl . $next_line;
// edit post page
$body .= $h->lang['userfunctions_notifymods_body_post_edit'] . BASEURL . "index.php?page=edit_post&post_id=" . $id . $next_line;
// edit post page
$body .= $h->lang['userfunctions_notifymods_body_post_management'] . BASEURL . "admin_index.php?post_status_filter=" . $h->post->status . "&plugin=post_manager&page=plugin_settings&type=filter";
}
if ($type == 'comment') {
$body .= $line_break;
$body .= $h->lang['userfunctions_notifymods_body_post_title'] . stripslashes(html_entity_decode(urldecode($h->post->title), ENT_QUOTES, 'UTF-8')) . $next_line;
$body .= $h->lang['userfunctions_notifymods_body_comment_status'] . $comment->status . $next_line;
$body .= $h->lang['userfunctions_notifymods_body_comment_content'] . stripslashes(html_entity_decode(urldecode($h->comment->content), ENT_QUOTES, 'UTF-8')) . $next_line;
$body .= $h->lang['userfunctions_notifymods_body_post_page'] . $h->url(array('page' => $h->post->id)) . $next_line;
// edit post page
$body .= $h->lang['userfunctions_notifymods_body_comment_management'] . BASEURL . "admin_index.php?comment_status_filter=" . $comment->status . "&plugin=comment_manager&page=plugin_settings&type=filter";
}
$body .= $line_break;
$body .= $h->lang['userfunctions_notifymods_body_user_name'] . $user->name . $next_line;
$body .= $h->lang['userfunctions_notifymods_body_user_role'] . $user->role . $next_line;
$body .= $h->lang['userfunctions_notifymods_body_user_email'] . $user->email . $next_line;
$body .= $h->lang['userfunctions_notifymods_body_user_account'] . BASEURL . "index.php?page=account&user="******"admin_index.php?search_value=" . $user->name . "&plugin=user_manager&page=plugin_settings&type=search";
$body .= $line_break;
$body .= $h->lang['userfunctions_notifymods_body_regards'];
$body .= $next_line;
$body .= $h->lang['userfunctions_notifymods_body_sign'];
$to = $mod['email'];
$h->email($to, $subject, $body);
}
return true;
}
function __construct($id, $email, $firstname, $lastname, $isadmin = FALSE, $hasimage = FALSE)
{
parent::__construct($id, $email, $firstname, $lastname, TRUE, $isadmin, $hasimage);
}
/**
* Main function that calls others
*
* @return bool
*/
public function settings($h)
{
if ($h->cage->get->testPage('subpage') == 'default_perms' || $h->cage->post->testPage('subpage') == 'default_perms') {
$this->defaultPerms($h);
return true;
}
if ($h->cage->get->testPage('subpage') == 'default_settings' || $h->cage->post->testPage('subpage') == 'default_settings') {
$this->defaultSettings($h);
return true;
}
if ($h->cage->get->testPage('subpage') == 'add_user' || $h->cage->post->testPage('subpage') == 'add_user') {
$this->addUserPage($h);
return true;
}
// grab the number of pending users:
$sql = "SELECT COUNT(user_id) FROM " . TABLE_USERS . " WHERE user_role = %s";
$num_pending = $h->db->get_var($h->db->prepare($sql, 'pending'));
if (!$num_pending) {
$num_pending = "0";
}
$h->vars['num_pending'] = $num_pending;
// check if all new users are automatically set to pending or not
$user_signin_settings = $h->getSerializedSettings('user_signin');
$h->vars['regStatus'] = $user_signin_settings['registration_status'];
$h->vars['useEmailConf'] = $user_signin_settings['emailconf_enabled'];
// clear variables:
$h->vars['search_term'] = '';
if ($h->vars['regStatus'] == 'pending') {
$h->vars['user_filter'] = 'pending';
} else {
$h->vars['user_filter'] = 'all';
}
// Get unique statuses for Filter form:
$h->vars['roles'] = $h->getUniqueRoles();
$u = new UserBase();
// if checkboxes
if ($h->cage->get->getAlpha('type') == 'checkboxes' && $h->cage->get->keyExists('user_man')) {
foreach ($h->cage->get->keyExists('user_man') as $id => $checked) {
$h->message = $h->lang["user_man_checkboxes_role_changed"];
// default "Changed role" message
$u->id = $id;
$u->getUserBasic($h, $id);
$new_role = $h->cage->get->testAlnumLines('checkbox_action');
if ($new_role != $u->role) {
// change role:
$u->role = $new_role;
$new_perms = $u->getDefaultPermissions($h, $new_role);
$u->setAllPermissions($new_perms);
$u->updatePermissions($h);
$u->updateUserBasic($h, $id);
$h->message = $h->lang["user_man_checkboxes_role_changed"];
if ($new_role == 'killspammed' || $new_role == 'deleted') {
$h->deleteComments($u->id);
// includes child comments from *other* users
$h->deletePosts($u->id);
// includes tags and votes for self-submitted posts
if ($h->cage->get->keyExists('addblockedlist')) {
$h->addToBlockedList($type = 'user', $value = $u->name, false);
$h->addToBlockedList($type = 'email', $value = $u->email, false);
}
$h->pluginHook('user_man_killspam_delete', '', array($u));
if ($new_role == 'deleted') {
$u->deleteUser($h);
$h->clearCache('db_cache', false);
// clears them from User Manager list
}
}
}
}
}
// if search
$search_term = '';
if ($h->cage->get->getAlpha('type') == 'search') {
$search_term = $h->cage->get->sanitizeTags('search_value');
if (strlen($search_term) < 3) {
$h->message = $h->lang["user_man_search_too_short"];
$h->messageType = 'red';
} else {
$h->vars['search_term'] = $search_term;
// used to refill the search box after a search
$where_clause = " WHERE user_username LIKE %s OR user_email LIKE %s";
$sort_clause = ' ORDER BY user_date DESC';
// ordered by registration date
$search_term = '%' . $search_term . '%';
$count_sql = "SELECT count(*) AS number FROM " . TABLE_USERS . $where_clause . $sort_clause;
$count = $h->db->get_var($h->db->prepare($count_sql, $search_term, $search_term));
$sql = "SELECT * FROM " . TABLE_USERS . $where_clause . $sort_clause;
$query = $h->db->prepare($sql, $search_term, $search_term);
}
}
// if filter
$filter = '';
if ($h->cage->get->getAlpha('type') == 'filter') {
$filter = $h->cage->get->testAlnumLines('user_filter');
$h->vars['user_filter'] = $filter;
// used to refill the filter box after use
switch ($filter) {
case 'all':
$sort_clause = ' ORDER BY user_date DESC';
// ordered by registration date
$count_sql = "SELECT count(*) AS number FROM " . TABLE_USERS . $sort_clause;
$count = $h->db->get_var($h->db->prepare($count_sql));
$sql = "SELECT * FROM " . TABLE_USERS . $sort_clause;
$query = $h->db->prepare($sql);
break;
case 'not_killspammed':
$where_clause = " WHERE user_role != %s";
$sort_clause = ' ORDER BY user_date DESC';
// ordered by registration date
$count_sql = "SELECT count(*) AS number FROM " . TABLE_USERS . $where_clause . $sort_clause;
$count = $h->db->get_var($h->db->prepare($count_sql, 'killspammed'));
$sql = "SELECT * FROM " . TABLE_USERS . $where_clause . $sort_clause;
$query = $h->db->prepare($sql, 'killspammed');
break;
case 'admin':
$where_clause = " WHERE user_role = %s";
$sort_clause = ' ORDER BY user_date DESC';
// ordered by registration date
$count_sql = "SELECT count(*) AS number FROM " . TABLE_USERS . $where_clause . $sort_clause;
$count = $h->db->get_var($h->db->prepare($count_sql, 'admin'));
$sql = "SELECT * FROM " . TABLE_USERS . $where_clause . $sort_clause;
$query = $h->db->prepare($sql, 'admin');
break;
case 'supermod':
$where_clause = " WHERE user_role = %s";
$sort_clause = ' ORDER BY user_date DESC';
// ordered by registration date
$count_sql = "SELECT count(*) AS number FROM " . TABLE_USERS . $where_clause . $sort_clause;
$count = $h->db->get_var($h->db->prepare($count_sql, 'supermod'));
$sql = "SELECT * FROM " . TABLE_USERS . $where_clause . $sort_clause;
$query = $h->db->prepare($sql, 'supermod');
break;
case 'moderator':
$where_clause = " WHERE user_role = %s";
$sort_clause = ' ORDER BY user_date DESC';
// ordered by registration date
$count_sql = "SELECT count(*) AS number FROM " . TABLE_USERS . $where_clause . $sort_clause;
$count = $h->db->get_var($h->db->prepare($count_sql, 'moderator'));
$sql = "SELECT * FROM " . TABLE_USERS . $where_clause . $sort_clause;
$query = $h->db->prepare($sql, 'moderator');
break;
case 'member':
$where_clause = " WHERE user_role = %s";
$sort_clause = ' ORDER BY user_date DESC';
// ordered by registration date
$count_sql = "SELECT count(*) AS number FROM " . TABLE_USERS . $where_clause . $sort_clause;
$count = $h->db->get_var($h->db->prepare($count_sql, 'member'));
$sql = "SELECT * FROM " . TABLE_USERS . $where_clause . $sort_clause;
$query = $h->db->prepare($sql, 'member');
break;
case 'pending':
$where_clause = " WHERE user_role = %s";
$sort_clause = ' ORDER BY user_date DESC';
// ordered by registration date
$count_sql = "SELECT count(*) AS number FROM " . TABLE_USERS . $where_clause . $sort_clause;
$count = $h->db->get_var($h->db->prepare($count_sql, 'pending'));
$sql = "SELECT * FROM " . TABLE_USERS . $where_clause . $sort_clause;
$query = $h->db->prepare($sql, 'pending');
break;
case 'undermod':
$where_clause = " WHERE user_role = %s";
$sort_clause = ' ORDER BY user_date DESC';
// ordered by registration date
$count_sql = "SELECT count(*) AS number FROM " . TABLE_USERS . $where_clause . $sort_clause;
$count = $h->db->get_var($h->db->prepare($count_sql, 'undermod'));
$sql = "SELECT * FROM " . TABLE_USERS . $where_clause . $sort_clause;
$query = $h->db->prepare($sql, 'undermod');
break;
case 'suspended':
$where_clause = " WHERE user_role = %s";
$sort_clause = ' ORDER BY user_date DESC';
// ordered by registration date
$count_sql = "SELECT count(*) AS number FROM " . TABLE_USERS . $where_clause . $sort_clause;
$count = $h->db->get_var($h->db->prepare($count_sql, 'suspended'));
$sql = "SELECT * FROM " . TABLE_USERS . $where_clause . $sort_clause;
$query = $h->db->prepare($sql, 'suspended');
break;
case 'banned':
$where_clause = " WHERE user_role = %s";
$sort_clause = ' ORDER BY user_date DESC';
// ordered by registration date
$count_sql = "SELECT count(*) AS number FROM " . TABLE_USERS . $where_clause . $sort_clause;
$count = $h->db->get_var($h->db->prepare($count_sql, 'banned'));
$sql = "SELECT * FROM " . TABLE_USERS . $where_clause . $sort_clause;
$query = $h->db->prepare($sql, 'banned');
break;
case 'killspammed':
$where_clause = " WHERE user_role = %s";
$sort_clause = ' ORDER BY user_date DESC';
// ordered by registration date
$count_sql = "SELECT count(*) AS number FROM " . TABLE_USERS . $where_clause . $sort_clause;
$count = $h->db->get_var($h->db->prepare($count_sql, 'killspammed'));
$sql = "SELECT * FROM " . TABLE_USERS . $where_clause . $sort_clause;
$query = $h->db->prepare($sql, 'killspammed');
break;
case 'newest':
$sort_clause = ' ORDER BY user_date DESC';
// same as "all"
$count_sql = "SELECT count(*) AS number FROM " . TABLE_USERS;
$count = $h->db->get_var($h->db->prepare($count_sql));
$sql = "SELECT * FROM " . TABLE_USERS . $sort_clause;
$query = $h->db->prepare($sql);
break;
case 'oldest':
$sort_clause = ' ORDER BY user_date ASC';
$count_sql = "SELECT count(*) AS number FROM " . TABLE_USERS;
$count = $h->db->get_var($h->db->prepare($count_sql));
$sql = "SELECT * FROM " . TABLE_USERS . $sort_clause;
$query = $h->db->prepare($sql);
break;
case 'last_visited':
$sort_clause = ' ORDER BY user_lastvisit DESC';
$count_sql = "SELECT count(*) AS number FROM " . TABLE_USERS;
$count = $h->db->get_var($h->db->prepare($count_sql));
$sql = "SELECT * FROM " . TABLE_USERS . $sort_clause;
$query = $h->db->prepare($sql);
break;
default:
$where_clause = " WHERE user_role = %s";
$sort_clause = ' ORDER BY user_date DESC';
// ordered newest first for convenience
$count_sql = "SELECT count(*) AS number FROM " . TABLE_USERS . $where_clause . $sort_clause;
$count = $h->db->get_var($h->db->prepare($count_sql, $filter));
$sql = "SELECT * FROM " . TABLE_USERS . $where_clause . $sort_clause;
$query = $h->db->prepare($sql, $filter);
// filter = 'admin', 'member', etc.
break;
}
}
if (!isset($query)) {
// default list
// if all new users are set to 'pending' show pending list as default...
if ($h->vars['regStatus'] == 'pending') {
$where_clause = " WHERE user_role = %s";
$sort_clause = ' ORDER BY user_date DESC';
$count_sql = "SELECT count(*) AS number FROM " . TABLE_USERS . $where_clause . $sort_clause;
$count = $h->db->get_var($h->db->prepare($count_sql, 'pending'));
$sql = "SELECT * FROM " . TABLE_USERS . $where_clause . $sort_clause;
$query = $h->db->prepare($sql, 'pending');
} else {
$sort_clause = ' ORDER BY user_date DESC';
// ordered by newest
$count_sql = "SELECT count(*) AS number FROM " . TABLE_USERS . $sort_clause;
$count = $h->db->get_var($h->db->prepare($count_sql));
$sql = "SELECT * FROM " . TABLE_USERS . $sort_clause;
$query = $h->db->prepare($sql);
}
}
$pagedResults = $h->pagination($query, $count, 30, 'users');
if ($pagedResults) {
$h->vars['user_man_rows'] = $this->drawRows($h, $pagedResults, $filter, $search_term);
} elseif ($h->vars['user_filter'] == 'pending') {
$h->message = $h->lang['user_man_no_pending_users'];
$h->messageType = 'green';
}
// Show template:
$h->displayTemplate('user_man_main', 'user_manager');
}
public function ajaxStatsUsers($h)
{
$mergedData = array();
//Get the first set of data you want to graph from the database
//$databaseData1 = array(array('x_value' => 5, 'y_value' =>10), array('x_value' => 15, 'y_value' =>120));// someFunctionToGetDataFromDatabase($id);
$user = UserBase::instance();
$databaseData1 = $user->newUserCount($h);
//print_r($databaseData1);
//loop through the first set of data and pull out the values we want, then format
foreach ($databaseData1 as $r) {
$x = $r[0];
$y = $r[1];
$data1[] = array($x, $y);
}
//send our data values to $mergedData, add in your custom label and color
$mergedData[] = array('label' => "Data 1", 'data' => $data1, 'color' => '#6bcadb');
////Get the second set of data you want to graph from the database
////$databaseData2 = someFunctionToGetDataFromDatabase($id);
//$databaseData2 = array(array('x_value' => 5, 'y_value' =>50), array('x_value' => 15, 'y_value' =>80));// someFunctionToGetDataFromDatabase($id);
//
//
//foreach($databaseData2 as $r)
//{
// $x = $r['x_value'];
// $y = $r['y_value'];
// $data2[] = array ($x, $y);
//}
//send our data values to $mergedData, add in your custom label and color
//$mergedData[] = array('label' => "Data 2" , 'data' => $data2, 'color' => '#6db000');
//now we can JSON encode our data
echo json_encode($mergedData);
}
function __construct()
{
parent::__construct();
// User modes
for ($j = 97; $j <= 122; $j++) {
$mode_l = 'mode_l' . chr($j);
$mode_u = 'mode_u' . chr($j);
if (isset($this->{$mode_l})) {
if ($this->{$mode_l} == "Y") {
$this->{$mode_l} = true;
$this->umodes .= chr($j);
} else {
$this->{$mode_l} = false;
}
}
if (isset($this->{$mode_u})) {
if ($this->{$mode_u} == "Y") {
$this->{$mode_u} = true;
$this->umodes .= chr($j - 32);
} else {
$this->{$mode_u} = false;
}
}
}
// Channel modes
$cmodes = null;
if ($this->cmode_lq == 'Y') {
$cmodes .= "q";
}
if ($this->cmode_la == 'Y') {
$cmodes .= "a";
}
if ($this->cmode_lo == 'Y') {
$cmodes .= "o";
}
if ($this->cmode_lh == 'Y') {
$cmodes .= "h";
}
if ($this->cmode_lv == 'Y') {
$cmodes .= "v";
}
$this->cmodes = $cmodes;
// Oper mode
if (!Protocol::oper_hidden_mode || !$this->hasMode(Protocol::oper_hidden_mode)) {
$levels = Protocol::$oper_levels;
if (!empty($levels)) {
foreach ($levels as $mode => $level) {
$mode = Denora::getSqlMode($mode);
if ($this->{$mode}) {
$this->operator_level = $level;
break;
}
}
} elseif ($this->mode_lo) {
$this->operator_level = "Operator";
}
if ($this->operator_level) {
$this->operator = true;
}
}
}
/**
* @inheritdoc
*/
public function rules()
{
return array_merge(parent::rules(), [['role', 'default', 'value' => self::ROLE_STUDENT], ['role', 'in', 'range' => [self::ROLE_STUDENT, self::ROLE_TEACHER, self::ROLE_ADMIN]], ['status', 'default', 'value' => self::STATUS_ACTIVE], ['status', 'in', 'range' => [self::STATUS_ACTIVE, self::STATUS_DELETED]]]);
}
/**
* Physically delete a user
* Note: You should delete all their posts, comments, etc. first
*
* @param int $user_id (optional)
*/
public function deleteUser($user_id = 0)
{
$userbase = new UserBase();
return $userbase->deleteUser($this, $user_id);
}
protected function beforeSave()
{
if ($this->isNewRecord) {
if (isset(Yii::app()->request->cookies['infokit_source'])) {
$this->site = Yii::app()->request->cookies['infokit_source']->value;
} else {
$this->site = parse_url(app()->request->getHostInfo(), PHP_URL_HOST);
}
$this->site = trim(str_replace(array('https://', 'http://', '/admin'), '', $this->site));
}
return parent::beforeSave();
}
public function drawRows($h, $pagedResults, $filter = '', $search_term = '')
{
$output = "";
$alt = 0;
$pg = $h->cage->get->getInt('pg');
if (!$pagedResults->items) {
return "";
}
foreach ($pagedResults->items as $comments) {
$alt++;
// We need user for the post author's name:
$user = new UserBase();
$user->getUserBasic($h, $comments->comment_user_id);
// need to read the comment into the Comment object.
$h->comment->readComment($h, $comments);
$h->post->readPost($h, $h->comment->postId);
$post_link = $h->url(array('page' => $h->post->id)) . "#c" . $h->comment->id;
// COMMENT CONTENT
$original_content = stripslashes(urldecode($h->comment->content));
// clean comment
// since the whole comment can be seen in the edit box, we'll just use a summary in the main comment area:
if ($h->currentUser->getPermission('can_edit_comments') == 'yes') {
$content = truncate($original_content, 140);
// truncating strips tags, so we have to do this before we use Smilies, etc.
} else {
$content = $original_content;
}
$h->comment->content = $content;
// make it available to other plugins
$h->pluginHook('comment_manager_comment_content');
// hook for other plugins to edit the comment
$content = $h->comment->content;
// assign edited or unedited comment back to $content.
$approve_link = BASEURL . "admin_index.php?page=plugin_settings&plugin=comment_manager&action=approve&comment_id=" . $h->comment->id;
if ($filter) {
$approve_link .= "&type=filter&comment_status_filter=" . $filter;
}
if ($search_term) {
$approve_link .= "&type=search&search_value=" . $search_term;
}
if ($pg) {
$approve_link .= "&pg=" . $pg;
}
$delete_link = BASEURL . "admin_index.php?page=plugin_settings&plugin=comment_manager&action=delete&comment_id=" . $h->comment->id;
if ($filter) {
$delete_link .= "&type=filter&comment_status_filter=" . $filter;
}
if ($search_term) {
$delete_link .= "&type=search&search_value=" . $search_term;
}
if ($pg) {
$delete_link .= "&pg=" . $pg;
}
if ($h->currentUser->getPermission('can_delete_comments') == 'yes') {
$colspan = 7;
} else {
$colspan = 6;
}
// put icons next to the username with links to User Manager
$h->vars['user_manager_name_icons'] = array($user->name, '');
// second param is "output"
$h->pluginHook('comment_manager_user_name');
$icons = $h->vars['user_manager_name_icons'][1];
// 1 is the second param: output
$output .= "<tr class='table_row_" . $alt % 2 . " cm_details_" . $alt % 2 . "'>\n";
$output .= "<td class='cm_id'>" . $h->comment->id . "</td>\n";
$output .= "<td class='cm_status'><b>" . ucfirst($h->comment->status) . "</b></td>\n";
$output .= "<td class='cm_date'>" . date('d M \'y H:i:s', strtotime($h->comment->date)) . "</a></td>\n";
$output .= "<td class='cm_author'><a href='" . $h->url(array('user' => $user->name)) . "' title='User Profile'>" . $user->name . $icons . "</td>\n";
$output .= "<td class='cm_post'><a href='" . $post_link . "'>" . $h->post->title . "</a></td>\n";
$output .= "<td class='cm_approve'>" . "<a href='" . $approve_link . "'>\n";
$output .= "<img src='" . BASEURL . "content/plugins/comment_manager/images/approve.png'>" . "</a></td>\n";
if ($h->currentUser->getPermission('can_delete_comments') == 'yes') {
$output .= "<td class='cm_delete'>" . "<a href='" . $delete_link . "'>\n";
$output .= "<img src='" . BASEURL . "content/plugins/comment_manager/images/delete.png'>" . "</a></td>\n";
}
$output .= "</tr>\n";
$output .= "<tr class='table_tr_details table_row_" . $alt % 2 . "'>\n";
$output .= "<td class='table_description cm_summary_" . $alt % 2 . "' colspan=" . $colspan . ">";
$output .= "<blockquote>" . nl2br($content) . "</blockquote>";
if ($h->currentUser->getPermission('can_delete_comments') == 'yes') {
$output .= " <small>[<a class='table_drop_down' href='#' title='" . $h->lang["com_man_show_content"] . "'>" . $h->lang["com_man_show_form"] . "</a>]</small>\n";
}
$output .= "</td>\n";
$output .= "</tr>\n";
if ($h->currentUser->getPermission('can_edit_comments') == 'yes') {
$output .= "<tr class='table_tr_details' style='display:none;'>\n";
$output .= "<td colspan=" . $colspan . " class='table_description cm_description_" . $alt % 2 . "'>\n";
$output .= "<form name='com_man_edit_form' action='" . BASEURL . "admin_index.php?plugin=comment_manager' method='post'>\n";
$output .= "<table><tr>\n";
$output .= "<td><textarea name='com_man_edit_content' cols=80 rows=7>" . $original_content . "</textarea></td>\n";
$output .= "</tr>\n";
$output .= "<td><input class='submit' type='submit' value='" . $h->lang['com_man_edit_form_update'] . "' /></td>\n";
$output .= "</tr></table>\n";
$output .= "<input type='hidden' name='cid' value='" . $h->comment->id . "' />\n";
$output .= "<input type='hidden' name='page' value='plugin_settings' />\n";
$output .= "<input type='hidden' name='type' value='edit' />\n";
$output .= "<input type='hidden' name='csrf' value='" . $h->csrfToken . "' />\n";
$output .= "</form>\n";
$output .= "</tr>";
}
}
if ($pagedResults) {
$h->vars['com_man_navi'] = $h->pageBar($pagedResults);
}
return $output;
}
/**
* Returns the static model of the specified AR class.
* @return User the static model class
*/
public static function model($className = __CLASS__)
{
return parent::model($className);
}
/**
* Change username or email
*
* @param int $userid
* @return bool
*/
public function updateAccount($h, $userid = 0)
{
// $viewee is the person whose account is being modified
$viewee = new UserBase($h);
// Get the details of the account to show.
// If no account is specified, assume it's your own.
if (!$userid) {
$userid = $this->id;
}
$viewee->getUser($h, $userid);
$error = 0;
// fill checks
$checks['userid_check'] = '';
$checks['username_check'] = '';
$checks['email_check'] = '';
$checks['role_check'] = '';
$checks['password_check_old'] = '';
$checks['password_check_new'] = '';
$checks['password_check_new2'] = '';
// Updating account info (username and email address)
if ($h->cage->post->testAlnumLines('update_type') == 'update_general') {
// check CSRF key
if (!$h->csrf()) {
$h->messages[$h->lang('error_csrf')] = 'red';
$error = 1;
}
$username_check = $h->cage->post->testUsername('username');
// alphanumeric, dashes and underscores okay, case insensitive
if (!$username_check) {
$h->messages[$h->lang('main_user_account_update_username_error')] = 'red';
$error = 1;
} elseif ($h->nameExists($username_check, '', $viewee->id) || $h->isBlocked('user', $username_check)) {
$h->messages[$h->lang('main_user_account_update_username_exists')] = 'red';
$error = 1;
} else {
//success
$viewee->name = $username_check;
}
$email_check = $h->cage->post->testEmail('email');
if (!$email_check) {
$h->messages[$h->lang('main_user_account_update_email_error')] = 'red';
$error = 1;
} elseif ($h->emailExists($email_check, '', $viewee->id) || $h->isBlocked('email', $email_check)) {
$h->messages[$h->lang('main_user_account_update_email_exists')] = 'red';
$error = 1;
} else {
//success
$viewee->email = $email_check;
}
$role_check = $h->cage->post->testUsername('user_role');
// from Users plugin account page
// compare with current role and update if different
if (!$error && $role_check && $role_check != $viewee->role) {
$viewee->role = $role_check;
$new_perms = $viewee->getDefaultPermissions($h, $role_check);
$viewee->setAllPermissions($new_perms);
$viewee->updatePermissions($h);
if ($role_check == 'killspammed' || $role_check == 'deleted') {
$h->deleteComments($viewee->id);
// includes child comments from *other* users
$h->deletePosts($viewee->id);
// includes tags and votes for self-submitted posts
$h->pluginHook('userbase_killspam', '', array('target_user' => $viewee->id));
if ($role_check == 'deleted') {
$h->deleteUser($viewee->id);
$checks['username_check'] = 'deleted';
$h->message = $h->lang("users_account_deleted");
$h->messageType = 'red';
return $checks;
// This will then show a red "deleted" notice
}
}
}
// If we've just edited our own account, let's refresh the cookie so it uses our latest username:
if ($h->currentUser->id == $h->cage->post->testInt('userid')) {
$h->setCookie($h, false);
// delete the cookie
$h->getUser($h, $h->currentUser->id, '', true);
// re-read the database record to get updated info
$h->setCookie($h, true);
// create a new, updated cookie
}
}
if (!isset($username_check) && !isset($email_check)) {
$username_check = $viewee->name;
$email_check = $viewee->email;
$role_check = $viewee->role;
// do nothing
} elseif ($error == 0) {
$exists = $h->userExists(0, $username_check, $email_check);
if ($exists != 'no' && $exists != 'error') {
// user exists
//success
$viewee->updateUserBasic($h, $userid);
// only update the cookie if it's your own account:
if ($userid == $this->id) {
$h->setCookie($h, false);
// delete the cookie
$h->getUser($h, $h->currentUser->id, '', true);
// re-read the database record to get updated info
$h->setCookie($h, true);
// create a new, updated cookie
}
$h->messages[$h->lang('main_user_account_update_success')] = 'green';
} else {
//fail
$h->messages[$h->lang("main_user_account_update_unexpected_error")] = 'red';
}
} else {
// error must = 1 so fall through and display the form again
}
//update checks
$this->updatePassword($h, $userid);
$userid_check = $viewee->id;
$checks['userid_check'] = $userid_check;
$checks['username_check'] = $username_check;
$checks['email_check'] = $email_check;
$checks['role_check'] = $role_check;
return $checks;
}
/**
* Get sidebar comment items
*
* @param array $comments
* return string $output
*/
public function getCommentsWidgetItems($h, $comments = array(), $comments_widget_settings)
{
$need_cache = false;
// check for a cached version and use it if no recent update:
$output = $h->smartCache('html', 'comments', 10);
if ($output) {
return $output;
} else {
$need_cache = true;
}
$author = new UserBase();
if (!$comments) {
return false;
}
foreach ($comments as $item) {
// Post used in Hotaru's url function
$h->readPost($item->comment_post_id);
// Hide comments from widget if their post has been buried or set to pending:
if ($h->post->status == 'pending' || $h->post->status == 'buried') {
continue;
}
// get author details
$author->getUserBasic($h, $item->comment_user_id);
$h->post->vars['catSafeName'] = $h->getCatSafeName($h->post->category);
// OUTPUT COMMENT
$output .= "<li class='comments_widget_item'>\n";
if ($h->isActive('avatar') && $comments_widget_settings['avatar']) {
$h->setAvatar($author->id, $comments_widget_settings['avatar_size']);
$output .= "<div class='comments_widget_avatar'>\n";
$output .= $h->linkAvatar();
$output .= "</div> \n";
}
if ($comments_widget_settings['author']) {
$output .= "<a class='comments_widget_author' href='" . $h->url(array('user' => $author->name)) . "'>" . $author->name . "</a>: \n";
}
$output .= "<div class='comments_widget_content'>\n";
$item_content = stripslashes(html_entity_decode(urldecode($item->comment_content), ENT_QUOTES, 'UTF-8'));
$item_content = truncate($item_content, $comments_widget_settings['length'], true);
$h->comment->content = $item_content;
// make it available to other plugins
$h->pluginHook('comments_widget_comment_content');
// hook for other plugins to edit the comment
$item_content = $h->comment->content;
// assign edited or unedited comment back to $content.
$comment_link = $h->url(array('page' => $item->comment_post_id)) . "#c" . $item->comment_id;
$comment_tooltip = $h->lang["comments_widget_title_tooltip"] . $h->post->title;
$comment_tooltip = htmlentities($comment_tooltip, ENT_QUOTES, 'UTF-8');
$output .= "<a href='" . $comment_link . "' title='" . $comment_tooltip . "'>" . $item_content . "</a>\n</div>\n";
$output .= "</li>\n\n";
}
if ($need_cache) {
$h->smartCache('html', 'comments', 10, $output);
// make or rewrite the cache file
}
return $output;
}
/**
* Physically delete a user
* Note: You should delete all their posts, comments, etc. first
*
* @param int $user_id (optional)
*/
public function deleteUser($user_id = 0)
{
$userbase = UserBase::instance();
return $userbase->deleteUser($this, $user_id);
}
function __construct()
{
parent::__construct();
}
/**
* Get activity items
*
* @param array $activity
* @param array $activity_settings
* return string $output
*/
public function getActivityItems($h, $activity = array())
{
$output = '';
// Get settings from database if they exist... (should be in cache by now)
$activity_settings = $h->getSerializedSettings('activity');
if (!isset($user)) {
$user = new UserBase();
}
foreach ($activity as $item) {
// Post used in Hotaru's url function
if ($item->useract_key == 'post') {
$h->readPost($item->useract_value);
} elseif ($item->useract_key2 == 'post') {
$h->readPost($item->useract_value2);
}
// Hide activity if its post has been buried or set to pending:
if ($h->post->status == 'pending' || $h->post->status == 'buried') {
continue;
}
// get user details
$user->getUserBasic($h, $item->useract_userid);
$h->post->vars['catSafeName'] = $h->getCatSafeName($h->post->category);
// OUTPUT ITEM
$output .= "<li class='activity_widget_item'>\n";
if ($h->isActive('avatar') && $activity_settings['widget_avatar']) {
$h->setAvatar($user->id, $activity_settings['widget_avatar_size']);
$output .= "<div class='activity_widget_avatar'>\n";
$output .= $h->linkAvatar();
$output .= "</div> \n";
}
if ($activity_settings['widget_user']) {
$output .= "<a class='activity_widget_user' href='" . $h->url(array('user' => $user->name)) . "'>" . $user->name . "</a> \n";
}
$output .= "<div class='activity_widget_content'>\n";
$post_title = stripslashes(html_entity_decode(urldecode($h->post->title), ENT_QUOTES, 'UTF-8'));
$title_link = $h->url(array('page' => $h->post->id));
$result = $this->activitySwitch($h, $item);
$output .= $result['output'] . ""<a href='" . $title_link . $result['cid'] . "' >" . $post_title . "</a>" \n";
if ($activity_settings['time']) {
// Commented this out because "8 mins ago" will never change when cached!
//$output .= "<small>[" . time_difference(unixtimestamp($item->useract_date), $h->lang);
//$output .= " " . $h->lang["submit_post_ago"] . "]</small>";
$output .= "<small>[" . date('g:ia, M jS', strtotime($item->useract_date)) . "]</small>";
}
$output .= "</div>\n";
$output .= "</li>\n\n";
}
return $output;
}
