function moderate($cid, $zid, $rid)
{
if (!db_has_rec("comment", $cid)) {
return;
}
if (db_has_rec("comment_vote", array("cid" => $cid, "zid" => $zid))) {
$comment_vote = db_get_rec("comment_vote", array("cid" => $cid, "zid" => $zid));
$old = $comment_vote["rid"];
if ($rid == $old) {
return;
} else {
if ($rid == 0) {
db_del_rec("comment_vote", array("cid" => $cid, "zid" => $zid));
} else {
$comment_vote["rid"] = $rid;
db_set_rec("comment_vote", $comment_vote);
return;
}
}
}
$comment_vote = array();
$comment_vote["cid"] = $cid;
$comment_vote["zid"] = $zid;
$comment_vote["rid"] = $rid;
$comment_vote["time"] = time();
db_set_rec("comment_vote", $comment_vote);
}
}
//var_dump($_POST);
//if (!empty(@$_POST["up_x"]) || !empty(@$_POST["down_x"])) {
if (array_key_exists("up_x", $_POST) || array_key_exists("down_x", $_POST) || array_key_exists("undo_x", $_POST)) {
$redirect = true;
$up = array_key_exists("up_x", $_POST);
//die("up");
} else {
$redirect = false;
$up = http_post_int("up");
}
//die("here");
if (db_has_rec("pipe_vote", array("pid" => $pid, "zid" => $auth_zid))) {
//$pipe_vote = db_get_rec("pipe_vote", array("pid" => $pid, "zid" => $auth_zid));
//$value = $pipe_vote["value"];
db_del_rec("pipe_vote", array("pid" => $pid, "zid" => $auth_zid));
$result = "undone";
} else {
if ($up) {
$result = "up";
} else {
$result = "down";
}
$pipe_vote = array();
$pipe_vote["pid"] = $pid;
$pipe_vote["zid"] = $auth_zid;
$pipe_vote["time"] = time();
if ($up) {
$pipe_vote["value"] = 1;
} else {
$pipe_vote["value"] = -1;
//
// Pipecode is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Pipecode. If not, see <http://www.gnu.org/licenses/>.
//
if ($zid != $auth_zid) {
die("not your page");
}
$fid = http_get_int("fid");
$feed = db_get_rec("feed", $fid);
if (http_post()) {
db_del_rec("feed_user", array("zid" => $auth_zid, "fid" => $fid));
$row = run_sql("select count(zid) as user_count from feed_user where fid = ?", array($fid));
$count = $row[0]["user_count"];
if ($count == 0) {
run_sql("delete from feed_item where fid = ?", array($fid));
run_sql("delete from feed where fid = ?", array($fid));
}
header("Location: edit");
die;
}
print_header();
writeln('<form method="post">');
writeln('<h1>Remove Feed</h1>');
writeln('<p>Are you sure you want to remove <b>' . $feed["title"] . '</b> from your page?</p>');
writeln('<input type="submit" value="Remove"/>');
writeln('</form>');
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Pipecode. If not, see <http://www.gnu.org/licenses/>.
//
include "render.php";
$cid = (int) $s2;
if (!http_post()) {
die("error: post method required");
}
if ($auth_zid == "") {
die("error: sign in to moderate");
}
if (!db_has_rec("comment", $cid)) {
die("error: comment not found [{$cid}]");
}
if (db_has_rec("comment_vote", array("cid" => $cid, "zid" => $auth_zid))) {
db_del_rec("comment_vote", array("cid" => $cid, "zid" => $auth_zid));
}
$rid = http_post_int("rid");
if ($rid > 0 && $rid <= 10) {
$comment_vote = array();
$comment_vote["cid"] = $cid;
$comment_vote["zid"] = $auth_zid;
$comment_vote["rid"] = $rid;
$comment_vote["time"] = time();
db_set_rec("comment_vote", $comment_vote);
}
$score = get_comment_score($cid);
writeln("{$cid} {$score}");
db_del_rec("email_challenge", $verify);
print_header("Password Reset");
writeln('<h1>Password Reset</h1>');
writeln('<p>Don\'t forget it this time!</p>');
print_footer();
die;
}
$username = http_post_string("username", array("len" => 20, "valid" => "[a-z][A-Z][0-9]"));
$zid = strtolower($username) . "@{$site_name}";
if (!is_local_user($zid)) {
die("no such user [{$zid}]");
}
$user_conf = db_get_conf("user_conf", $zid);
$hash = crypt_sha256(rand());
if (db_has_rec("email_challenge", array("username" => $username))) {
db_del_rec("email_challenge", array("username" => $username));
}
$email_challenge = array();
$email_challenge["challenge"] = $hash;
$email_challenge["username"] = $username;
$email_challenge["email"] = $user["email"];
$email_challenge["expires"] = time() + 86400 * 3;
db_set_rec("email_challenge", $email_challenge);
$subject = "Forgot Password";
$body = "Did you forget your password for \"{$username}\" on {$server_name}?\n";
$body .= "\n";
$body .= "In order to reset your password, you must visit the following link:\n";
$body .= "\n";
if ($https_enabled) {
$body .= "https://{$server_name}/forgot?verify={$hash}\n";
} else {
$password_2 = http_post_string("password_2", array("len" => 64, "valid" => "[KEYBOARD]"));
if (strlen($password_1) < 6) {
die("password too short");
}
if ($password_1 != $password_2) {
die("passwords do not match");
}
$salt = random_hash();
$password = crypt_sha256("{$password_1}{$salt}");
$user_conf = array();
$user_conf["password"] = $password;
$user_conf["salt"] = $salt;
$user_conf["email"] = $email_challenge["email"];
$user_conf["joined"] = time();
db_set_conf("user_conf", $user_conf, $zid);
db_del_rec("email_challenge", $email_challenge["challenge"]);
print_header("User Created");
writeln('<h1>User Created</h1>');
writeln('<p>Welcome to ' . $server_title . '!</p>');
writeln('<p>' . $zid . "</p>");
print_footer();
die;
}
$username = http_post_string("username", array("len" => 20, "valid" => "[a-z][0-9]"));
$mail_1 = http_post_string("mail_1", array("len" => 50, "valid" => "[a-z][A-Z][0-9]@.-_+"));
$mail_2 = http_post_string("mail_2", array("len" => 50, "valid" => "[a-z][A-Z][0-9]@.-_+"));
$answer = http_post_string("answer", array("required" => false));
$luser = strtolower($username);
if (string_uses(substr($username, 0, 1), "[0-9]")) {
die("user_name may not start with a number [{$username}]");
}
}
if (http_post("delete")) {
$message["location"] = "Trash";
db_set_rec("mail", $message);
header("Location: /mail/");
die;
}
if (http_post("restore")) {
$message["location"] = "Inbox";
db_set_rec("mail", $message);
header("Location: /mail/");
die;
}
if (http_post("expunge")) {
$message["location"] = "Trash";
db_del_rec("mail", $message["mail_id"]);
header("Location: /mail/trash");
die;
}
//$address = parse_mail_address($message["mail_from"]);
//$name = array();
//$icon = array();
//$link = array();
//if ($message["location"] != "Junk") {
// $name[] = "Reply";
// $icon[] = "mail-reply";
// $link[] = "/mail/compose?mid=$mail_id";
//$name[] = "Junk";
//$icon[] = "junk";
//$link[] = "/mail/mark?mid=$mail_id";
//}
