Example #1
0
 /**
  * Assign details
  *
  * A little different from those in other classes, this one only returns the info ready for output
  */
 public function assign_details($output_text = true)
 {
     $details = array('POST_ID' => $this->post_id, 'TOPIC_ID' => $this->topic_id, 'POST_TYPE' => $this->post_type, 'POST_ACCESS' => $this->post_access, 'POST_LOCKED' => $this->post_locked, 'POST_ATTACHMENT' => $this->post_attachment, 'POST_USER_ID' => $this->post_user_id, 'POST_IP' => phpbb::$auth->acl_get('u_titania_mod_post_mod') ? $this->post_ip : false, 'POST_TIME' => phpbb::$user->format_date($this->post_time), 'POST_EDIT_REASON' => censor_text($this->post_edit_reason), 'POST_SUBJECT' => censor_text($this->post_subject), 'POST_TEXT' => $output_text ? $this->generate_text_for_display() : '', 'EDITED_MESSAGE' => $this->post_edited ? sprintf(phpbb::$user->lang['EDITED_MESSAGE'], users_overlord::get_user($this->post_edit_user, '_full'), phpbb::$user->format_date($this->post_edited)) : '', 'DELETED_MESSAGE' => $this->post_deleted != 0 ? sprintf(phpbb::$user->lang['DELETED_MESSAGE'], users_overlord::get_user($this->post_delete_user, '_full'), phpbb::$user->format_date($this->post_deleted), $this->get_url('undelete')) : '', 'U_VIEW' => $this->get_url(), 'U_EDIT' => $this->acl_get('edit') ? $this->get_url('edit') : '', 'U_QUICKEDIT' => $this->acl_get('edit') ? $this->get_url('quick_edit') : '', 'U_DELETE' => $this->acl_get('delete') && (!$this->post_deleted || phpbb::$auth->acl_get('u_titania_post_hard_delete')) ? $this->get_url('delete') : '', 'U_REPORT' => phpbb::$user->data['is_registered'] ? $this->get_url('report') : '', 'U_WARN' => false, 'U_INFO' => phpbb::$auth->acl_gets('u_titania_mod_author_mod', 'u_titania_mod_contrib_mod', 'u_titania_mod_faq_mod', 'u_titania_mod_post_mod') || $this->types->find_authed('moderate') ? $this->controller_helper->route('phpbb.titania.manage.attention.redirect', array('type' => TITANIA_POST, 'id' => $this->post_id)) : '', 'U_QUOTE' => $this->acl_get('post') ? $this->get_url('quote') : '', 'S_UNREAD_POST' => $this->unread ? true : false, 'S_POST_APPROVED' => phpbb::$auth->acl_get('u_titania_mod_post_mod') ? $this->post_approved : true, 'S_POST_REPORTED' => phpbb::$auth->acl_get('u_titania_mod_post_mod') ? $this->post_reported : false, 'S_POST_DELETED' => $this->post_deleted != 0 ? true : false, 'S_ACCESS_TEAMS' => $this->access->is_team($this->post_access), 'S_ACCESS_AUTHORS' => $this->access->is_author($this->post_access));
     // Hooks
     titania::$hook->call_hook_ref(array(__CLASS__, __FUNCTION__), $details, $this);
     return $details;
 }
Example #2
0
 /**
  * Set user's access level.
  *
  * @return null
  */
 protected function set_access_level()
 {
     if ($this->access->is_public() && $this->user->data['is_registered'] && !$this->user->data['is_bot']) {
         if ($this->is_author) {
             $this->access->set_level(access::AUTHOR_LEVEL);
         }
     }
 }
Example #3
0
 /**
  * Get the postcount for displaying
  *
  * @param int|bool $access_level Bool False to get the post count for the current user, access level id for finding from a specific level
  *
  * @return int The post count for the current user's access level
  */
 public function get_postcount($access_level = false)
 {
     if ($access_level === false) {
         $access_level = $this->access->get_level();
     }
     $is_mod = phpbb::$auth->acl_get('u_titania_mod_post_mod');
     $flags = count::get_flags($access_level, $is_mod, $is_mod);
     return count::from_db($this->topic_posts, $flags);
 }
Example #4
0
 /**
  * Load author object and set access level.
  *
  * @param string|int $author		Author username or user id.
  * @throws \Exception			Throws exception if user is not found.
  * @return null
  */
 protected function load_author($author)
 {
     $this->author = new \titania_author(false);
     if (!$this->author->load($author)) {
         throw new \Exception($this->user->lang['AUTHOR_NOT_FOUND']);
     }
     $this->is_owner = $this->user->data['user_id'] == $this->author->user_id;
     // Check to see if the currently accessing user is the author
     if ($this->access->is_public() && $this->is_owner) {
         $this->access->set_level(access::AUTHOR_LEVEL);
     }
 }
Example #5
0
 /**
  * Get quote for a post.
  *
  * @param int $post_id
  * @return string
  */
 protected function get_quote($post_id)
 {
     $text = '';
     $quote = $this->load_post($post_id);
     $quoted_post_is_accessible = $this->access->get_level() <= min($quote->post_access, $quote->topic->topic_access);
     $can_quote_post = $this->auth->acl_get('u_titania_mod_post_mod') || $quote->post_approved && (!$quote->post_deleted || $quote->post_deleted == $this->user->data['user_id']);
     // Permission check
     if ($quoted_post_is_accessible && $can_quote_post) {
         $for_edit = $quote->generate_text_for_edit();
         $quote_username = \users_overlord::get_user($quote->post_user_id, '_username', true);
         $text = '[quote="' . $quote_username . '"]' . $for_edit['text'] . '[/quote]';
     }
     return $text;
 }
Example #6
0
    /**
     * Check user's access against attachment access level.
     *
     * @return int Returns HTTP status code.
     */
    protected function check_author_level_access()
    {
        // Author level check
        $contrib = false;
        switch ((int) $this->file['object_type']) {
            case TITANIA_FAQ:
                $sql = 'SELECT c.contrib_id, c.contrib_user_id
					FROM ' . TITANIA_CONTRIB_FAQ_TABLE . ' f, ' . TITANIA_CONTRIBS_TABLE . ' c
					WHERE f.faq_id = ' . (int) $this->file['object_id'] . '
						AND c.contrib_id = f.contrib_id';
                $result = $this->db->sql_query($sql);
                $contrib = $this->db->sql_fetchrow($result);
                $this->db->sql_freeresult($result);
                break;
            case TITANIA_SUPPORT:
            case TITANIA_QUEUE_DISCUSSION:
                $sql = 'SELECT c.contrib_id, c.contrib_user_id
					FROM ' . TITANIA_POSTS_TABLE . ' p, ' . TITANIA_TOPICS_TABLE . ' t, ' . TITANIA_CONTRIBS_TABLE . ' c
					WHERE p.post_id = ' . (int) $this->file['object_id'] . '
						AND t.topic_id = p.topic_id
						AND c.contrib_id = t.parent_id';
                $result = $this->db->sql_query($sql);
                $contrib = $this->db->sql_fetchrow($result);
                $this->db->sql_freeresult($result);
                break;
        }
        if ($contrib !== false) {
            if ($contrib['contrib_user_id'] == $this->user->data['user_id']) {
                // Main author
                $this->access->set_level(access::AUTHOR_LEVEL);
            } else {
                // Coauthor
                $sql = 'SELECT user_id
					FROM ' . TITANIA_CONTRIB_COAUTHORS_TABLE . '
					WHERE contrib_id = ' . (int) $contrib['contrib_id'] . '
						AND user_id = ' . (int) $this->user->data['user_id'] . '
						AND active = 1';
                $result = $this->db->sql_query($sql);
                if ($this->db->sql_fetchrow($result)) {
                    $this->access->set_level(access::AUTHOR_LEVEL);
                }
                $this->db->sql_freeresult($result);
            }
        }
        // Still not authorised?
        return $this->file['attachment_access'] < $this->access->get_level() ? self::FORBIDDEN : self::OK;
    }
Example #7
0
 /**
  * Create select with Titania's accesses
  *
  * @param int|bool $default		Default access level. False for none.
  * @param int $min_access		Minimum access level to display
  * @return string
  */
 protected function get_access_select($default = false, $min_access = access::PUBLIC_LEVEL)
 {
     if ($this->access->is_public()) {
         return '';
     }
     $access_types = array(access::TEAM_LEVEL => 'ACCESS_TEAMS', access::AUTHOR_LEVEL => 'ACCESS_AUTHORS', access::PUBLIC_LEVEL => 'ACCESS_PUBLIC');
     if ($default === false) {
         $default = access::PUBLIC_LEVEL;
     }
     $s_options = '';
     foreach ($access_types as $type => $lang_key) {
         if ($this->access->get_level() > $type || $min_access < $type) {
             continue;
         }
         $selected = $default == $type ? ' selected="selected"' : '';
         $s_options .= '<option value="' . $type . '"' . $selected . '>' . $this->user->lang($lang_key) . '</option>';
     }
     return $s_options;
 }
Example #8
0
 /**
  * Parse the uploader
  *
  * @param string $tpl_file The name of the template file to use to create the uploader
  * @param bool $custom_sort Function used to sort the attachments
  * @return string The parsed HTML code ready for output
  */
 public function parse_uploader($tpl_file = 'posting/attachments/default.html', $custom_sort = false)
 {
     // If the upload max filesize is less than 0, do not show the uploader (0 = unlimited)
     if (!$this->access->is_team()) {
         if (isset($this->ext_config->upload_max_filesize[$this->object_type]) && $this->ext_config->upload_max_filesize[$this->object_type] < 0) {
             return '';
         }
     }
     $this->template->assign_vars(array('FORM_NAME' => $this->form_name, 'MAX_LENGTH' => $this->access->is_team() ? $this->config['max_filesize'] : false, 'S_FORM_ENCTYPE' => ' enctype="multipart/form-data"', 'S_INLINE_ATTACHMENT_OPTIONS' => true, 'S_PLUPLOAD_ENABLED' => $this->use_plupload, 'S_SET_CUSTOM_ORDER' => $this->set_custom_order, 'S_UPLOADER_KEY' => generate_link_hash('uploader_key'), 'SELECT_PREVIEW' => $this->object_type == TITANIA_SCREENSHOT, 'SELECT_REVIEW_VAR' => 'set_preview_file' . $this->object_type));
     $index_dir = '-';
     $index = $this->operator->get_count() - 1;
     if ($custom_sort == false && !$this->config['display_order']) {
         $index_dir = '+';
         $index = 0;
     }
     $this->operator->sort($custom_sort);
     // Delete previous attachments list
     $this->template->destroy_block_vars('attach_row');
     $base_url = $this->controller_helper->get_current_url();
     $hash = generate_link_hash('attach_manage');
     $comments = $this->get_request_comments();
     $hidden_data = $this->get_basic_attachment_data();
     $index_prefix = $this->use_plupload ? '' : $this->form_name . '_';
     foreach ($this->operator->get_all() as $attachment_id => $attach) {
         $params = array('a' => $attachment_id, 'hash' => $hash);
         $_hidden_data = array();
         foreach ($hidden_data[$attachment_id] as $property => $value) {
             $_hidden_data["attachment_data[{$index_prefix}{$index}][{$property}]"] = $value;
         }
         $output = array_merge($attach->get_display_vars(''), array('FILENAME' => $attach->get_filename(), 'FILE_COMMENT' => isset($comments[$attachment_id]) ? $comments[$attachment_id] : $attach->get('attachment_comment'), 'ATTACH_ID' => $attachment_id, 'INDEX' => $index_prefix . $index, 'FILESIZE' => get_formatted_filesize($attach->get('filesize')), 'S_HIDDEN' => build_hidden_fields($_hidden_data), 'S_PREVIEW' => $attach->is_preview(), 'U_VIEW_ATTACHMENT' => $attach->get_url(), 'U_DELETE' => $this->path_helper->append_url_params($base_url, array_merge($params, array('action' => 'delete_attach')))));
         if ($attach->is_type(TITANIA_SCREENSHOT)) {
             $output = array_merge($output, array('U_MOVE_UP' => $this->path_helper->append_url_params($base_url, array_merge($params, array('action' => 'attach_up'))), 'U_MOVE_DOWN' => $this->path_helper->append_url_params($base_url, array_merge($params, array('action' => 'attach_down')))));
         }
         $index += $index_dir == '+' ? 1 : -1;
         $this->template->assign_block_vars('attach_row', $output);
     }
     $this->template->assign_var('S_ATTACH_DATA', json_encode(array_values($hidden_data)));
     $this->template->set_filenames(array($tpl_file => $tpl_file));
     return $this->template->assign_display($tpl_file);
 }
Example #9
0
 /**
  * Query search index.
  *
  * @return array
  */
 protected function query_index()
 {
     // For those without moderator permissions do not display unapproved stuff
     if (!$this->auth->acl_get('m_')) {
         $this->engine->where_equals('approved', 1);
     }
     // Don't worry about authors level access...no search page that can search where a
     // person would have authors access
     if (!$this->access->is_team()) {
         $this->engine->where_equals('access_level', access::PUBLIC_LEVEL);
     }
     $this->engine->set_limit($this->sort->start, $this->sort->limit);
     $results = $this->engine->search();
     $contribs = $faqs = $posts = array();
     $this->sort->total = $results['total'];
     foreach ($results['documents'] as $data) {
         switch ($data['type']) {
             case TITANIA_CONTRIB:
                 $contribs[] = $data['id'];
                 break;
             case TITANIA_SUPPORT:
             case TITANIA_QUEUE_DISCUSSION:
             case TITANIA_QUEUE:
                 $posts[] = $data['id'];
                 break;
             case TITANIA_FAQ:
                 $faqs[] = $data['id'];
                 break;
         }
     }
     // Get additional data not included in result.
     if ($results['documents']) {
         $results['documents'] = $this->get_contribs($contribs, $results['documents']);
         $results['documents'] = $this->get_posts($posts, $results['documents']);
         $results['documents'] = $this->get_faqs($faqs, $results['documents']);
     }
     return $results;
 }