function process_request($request) { require_once QA_INCLUDE_DIR . 'mp-app-posts.php'; require_once QA_INCLUDE_DIR . 'mp-db-users.php'; $qa_content = qa_content_prepare(); // if the user is not logged in, request user to login if (!qa_get_logged_in_userid()) { $qa_content['error'] = qa_insert_login_links('Please ^1log in^2 or ^3register^4 first.', $request); return $qa_content; } $qa_content['title'] = 'Course Announcements'; // DISPLAY ANNOUCEMENTS $data = '<div class="qa-q-list">'; // retrieve annoucements $announcements = mp_announcements_get_all(mp_get_categoryid()); if (count($announcements) == 0) { $data .= "No announcements"; } else { foreach ($announcements as $announcement) { $data .= '<div class="qa-q-list-item">'; $data .= '<div class="qa-q-item-title">' . $announcement['title'] . '</div>'; $data .= '<div class="qa-q-view-content">' . $announcement['content'] . '</div>'; $data .= '<div class="qa-q-item-meta">Posted by <A HREF="' . qa_path_html('user/' . $announcement['handle']) . '">' . $announcement['handle'] . '</A> on ' . $announcement['created'] . '</div>'; $data .= '</div>'; $data .= '<div class="qa-q-list-item-clear" ></div>'; } } $data .= '</div>'; $qa_content['custom_2'] = $data; // create the sub menu for navigation $qa_content['navigation']['sub'] = mp_announcements_sub_navigation(); $qa_content['navigation']['sub']['default']['selected'] = true; return $qa_content; }
function qa_wall_error_html($fromuserid, $touserid, $touserflags) { require_once QA_INCLUDE_DIR . 'qa-app-limits.php'; if (qa_to_override(__FUNCTION__)) { $args = func_get_args(); return qa_call_override(__FUNCTION__, $args); } if (!QA_FINAL_EXTERNAL_USERS && qa_opt('allow_user_walls')) { if ($touserflags & QA_USER_FLAGS_NO_WALL_POSTS && !(isset($fromuserid) && $fromuserid == $touserid)) { return qa_lang_html('profile/post_wall_blocked'); } else { switch (qa_user_permit_error('permit_post_wall', QA_LIMIT_WALL_POSTS)) { case 'limit': return qa_lang_html('profile/post_wall_limit'); break; case 'login': return qa_insert_login_links(qa_lang_html('profile/post_wall_must_login'), qa_request()); break; case 'confirm': return qa_insert_login_links(qa_lang_html('profile/post_wall_must_confirm'), qa_request()); break; case 'approve': return qa_lang_html('profile/post_wall_must_be_approved'); break; case false: return false; break; } } } return qa_lang_html('users/no_permission'); }
function qa_captcha_reason_note($captchareason) { $notehtml = null; switch ($captchareason) { case 'login': $notehtml = qa_insert_login_links(qa_lang_html('misc/captcha_login_fix')); break; case 'confirm': $notehtml = qa_insert_login_links(qa_lang_html('misc/captcha_confirm_fix')); break; case 'approve': $notehtml = qa_lang_html('misc/captcha_approve_fix'); break; } return $notehtml; }
function qa_admin_check_privileges(&$qa_content) { if (!qa_is_logged_in()) { require_once QA_INCLUDE_DIR . 'qa-app-format.php'; $qa_content = qa_content_prepare(); $qa_content['title'] = qa_lang_html('admin/admin_title'); $qa_content['error'] = qa_insert_login_links(qa_lang_html('admin/not_logged_in'), qa_request()); return false; } elseif (qa_get_logged_in_level() < QA_USER_LEVEL_ADMIN) { $qa_content = qa_content_prepare(); $qa_content['title'] = qa_lang_html('admin/admin_title'); $qa_content['error'] = qa_lang_html('admin/no_privileges'); return false; } return true; }
function process_request($request) { require_once QA_INCLUDE_DIR . 'qa-app-format.php'; require_once QA_INCLUDE_DIR . 'qa-app-posts.php'; require_once QA_INCLUDE_DIR . 'qa-db-post-create.php'; require_once QA_INCLUDE_DIR . 'mp-db-users.php'; // report that we entered this page qa_report_event('page_enter', qa_get_logged_in_userid(), qa_get_logged_in_handle(), qa_cookie_get(), array('params' => $_SERVER['QUERY_STRING'])); // create the editor and update its content qa_get_post_content('editor', 'content', $ineditor, $incontent, $informat, $intext); $editorname = isset($ineditor) ? $ineditor : qa_opt('editor_for_qs'); $editor = qa_load_editor(@$incontent, @$informat, $editorname); // retrieve variable data $innotify = qa_post_text('notify') ? true : false; // handle creation of annoucement if (qa_post_text('docreate')) { //retrieve data $title = qa_post_text('title'); $content = $incontent; $format = $informat; // validate data // handle create work // actual create process is in file mp-app-posts.php $postid = qa_post_create('AN', null, $title, $content, $format, mp_get_categoryid(), null, qa_get_logged_in_userid(), $innotify); // redirect page qa_redirect('mp-announcements-page'); // our work is done here } $qa_content = qa_content_prepare(); // if the user is not logged in, request user to login if (!qa_get_logged_in_userid()) { $qa_content['error'] = qa_insert_login_links('Please ^1log in^2 or ^3register^4 first.', $request); return $qa_content; } $qa_content['title'] = 'Create Announcement'; $qa_content['form_newannouncement'] = array('tags' => 'METHOD="POST" ACTION="' . qa_self_html() . '"', 'style' => 'tall', 'fields' => array('title' => array('label' => qa_lang_html('announcements/a_title_label'), 'tags' => 'NAME="title"', 'value' => qa_html(qa_post_text('title')), 'error' => qa_html(@$errors['title'])), 'content' => array_merge($editor->get_field($qa_content, @$incontent, @$informat, 'content', 12, false), array('label' => qa_lang_html('announcements/a_content_label'), 'error' => qa_html(@$errors['content']))), 'notify' => array('label' => 'Send email notification to all registered students', 'tags' => 'NAME="notify"', 'type' => 'checkbox', 'value' => qa_html($innotify))), 'buttons' => array('ok' => array('tags' => 'NAME="docreate"', 'label' => 'Create Announcement', 'value' => '1')), 'hidden' => array('hiddenfield' => '1', 'editor' => qa_html($editorname))); // create the sub menu for navigation $qa_content['navigation']['sub'] = mp_announcements_sub_navigation(); $qa_content['navigation']['sub']['create']['selected'] = true; return $qa_content; }
function qa_page_q_add_c_form(&$qa_content, $questionid, $parentid, $formid, $usecaptcha, $in, $errors, $loadfocusnow) { switch (qa_user_permit_error('permit_post_c')) { case 'login': $form = array('title' => qa_insert_login_links(qa_lang_html('question/comment_must_login'), qa_request())); break; case 'confirm': $form = array('title' => qa_insert_login_links(qa_lang_html('question/comment_must_confirm'), qa_request())); break; case 'limit': $form = array('title' => qa_lang_html('question/comment_limit')); break; default: $form = array('title' => qa_lang_html('users/no_permission')); break; case false: $prefix = 'c' . $parentid . '_'; $editorname = isset($in['editor']) ? $in['editor'] : qa_opt('editor_for_cs'); $editor = qa_load_editor(@$in['content'], @$in['format'], $editorname); if (method_exists($editor, 'update_script')) { $updatescript = $editor->update_script($prefix . 'content'); } else { $updatescript = ''; } $custom = qa_opt('show_custom_comment') ? trim(qa_opt('custom_comment')) : ''; $form = array('tags' => 'METHOD="POST" ACTION="' . qa_self_html() . '" NAME="c_form_' . qa_html($parentid) . '"', 'title' => qa_lang_html($questionid == $parentid ? 'question/your_comment_q' : 'question/your_comment_a'), 'fields' => array('custom' => array('type' => 'custom', 'note' => $custom), 'content' => array_merge(qa_editor_load_field($editor, $qa_content, @$in['content'], @$in['format'], $prefix . 'content', 4, $loadfocusnow, $loadfocusnow), array('error' => qa_html(@$errors['content'])))), 'buttons' => array('comment' => array('tags' => 'onClick="' . $updatescript . ' return qa_submit_comment(' . qa_js($questionid) . ', ' . qa_js($parentid) . ', this);"', 'label' => qa_lang_html('question/add_comment_button')), 'cancel' => array('tags' => 'NAME="docancel"', 'label' => qa_lang_html('main/cancel_button'))), 'hidden' => array($prefix . 'editor' => qa_html($editorname), $prefix . 'doadd' => '1')); if (!strlen($custom)) { unset($form['fields']['custom']); } qa_set_up_notify_fields($qa_content, $form['fields'], 'C', qa_get_logged_in_email(), isset($in['notify']) ? $in['notify'] : qa_opt('notify_users_default'), $in['email'], @$errors['email'], $prefix); $onloads = array(); if ($usecaptcha) { $userid = qa_get_logged_in_userid(); $captchaloadscript = qa_set_up_captcha_field($qa_content, $form['fields'], $errors, qa_insert_login_links(qa_lang_html(isset($userid) ? 'misc/captcha_confirm_fix' : 'misc/captcha_login_fix'))); if (strlen($captchaloadscript)) { $onloads[] = 'document.getElementById(' . qa_js($formid) . ').qa_show=function() { ' . $captchaloadscript . ' }'; } } if (!$loadfocusnow) { if (method_exists($editor, 'load_script')) { $onloads[] = 'document.getElementById(' . qa_js($formid) . ').qa_load=function() { ' . $editor->load_script($prefix . 'content') . ' }'; } if (method_exists($editor, 'focus_script')) { $onloads[] = 'document.getElementById(' . qa_js($formid) . ').qa_focus=function() { ' . $editor->focus_script($prefix . 'content') . ' }'; } $form['buttons']['cancel']['tags'] .= ' onClick="return qa_toggle_element()"'; } if (count($onloads)) { $qa_content['script_onloads'][] = $onloads; } } $form['id'] = $formid; $form['collapse'] = !$loadfocusnow; $form['style'] = 'tall'; return $form; }
// Check the code and unsubscribe the user if appropriate $unsubscribed = false; $loginuserid = qa_get_logged_in_userid(); $incode = trim(qa_get('c')); // trim to prevent passing in blank values to match uninitiated DB rows $inhandle = qa_get('u'); if (!empty($inhandle)) { // match based on code and handle provided on URL $userinfo = qa_db_select_with_pending(qa_db_user_account_selectspec($inhandle, false)); if (strtolower(trim(@$userinfo['emailcode'])) == strtolower($incode)) { qa_db_user_set_flag($userinfo['userid'], QA_USER_FLAGS_NO_MAILINGS, true); $unsubscribed = true; } } if (!$unsubscribed && isset($loginuserid)) { // as a backup, also unsubscribe logged in user qa_db_user_set_flag($loginuserid, QA_USER_FLAGS_NO_MAILINGS, true); $unsubscribed = true; } // Prepare content for theme $qa_content = qa_content_prepare(); $qa_content['title'] = qa_lang_html('users/unsubscribe_title'); if ($unsubscribed) { $qa_content['error'] = strtr(qa_lang_html('users/unsubscribe_complete'), array('^0' => qa_html(qa_opt('site_title')), '^1' => '<a href="' . qa_path_html('account') . '">', '^2' => '</a>')); } else { $qa_content['error'] = qa_insert_login_links(qa_lang_html('users/unsubscribe_wrong_log_in'), 'unsubscribe'); } return $qa_content; /* Omit PHP closing tag to help avoid accidental output */
} else { $qa_content['error'] = qa_lang_html('question/q_hidden_other'); } $qa_content['suggest_next'] = qa_html_suggest_qs_tags(qa_using_tags()); return $qa_content; } $permiterror = qa_user_post_permit_error('permit_view_q_page', $question, null, false); if ($permiterror && (qa_is_human_probably() || !qa_opt('allow_view_q_bots'))) { $qa_content = qa_content_prepare(); $topage = qa_q_request($questionid, $question['title']); switch ($permiterror) { case 'login': $qa_content['error'] = qa_insert_login_links(qa_lang_html('main/view_q_must_login'), $topage); break; case 'confirm': $qa_content['error'] = qa_insert_login_links(qa_lang_html('main/view_q_must_confirm'), $topage); break; case 'approve': $qa_content['error'] = qa_lang_html('main/view_q_must_be_approved'); break; default: $qa_content['error'] = qa_lang_html('users/no_permission'); break; } return $qa_content; } // Determine if captchas will be required $captchareason = qa_user_captcha_reason(qa_user_level_for_post($question)); $usecaptcha = $captchareason != false; // If we're responding to an HTTP POST, include file that handles all posting/editing/etc... logic // This is in a separate file because it's a *lot* of logic, and will slow down ordinary page views
$field = array('type' => 'static', 'label' => qa_lang_html('question/ask_follow_from_a'), 'value' => $viewer->get_html($followanswer['content'], $followanswer['format'], array('blockwordspreg' => qa_get_block_words_preg()))); qa_array_insert($qa_content['form']['fields'], 'title', array('follows' => $field)); } if (qa_using_categories() && count($categories)) { $field = array('label' => qa_lang_html('question/q_category_label'), 'error' => qa_html(@$errors['categoryid'])); qa_set_up_category_field($qa_content, $field, 'category', $categories, $in['categoryid'], true, qa_opt('allow_no_sub_category')); if (!qa_opt('allow_no_category')) { // don't auto-select a category even though one is required $field['options'][''] = ''; } qa_array_insert($qa_content['form']['fields'], 'content', array('category' => $field)); } if (qa_opt('extra_field_active')) { $field = array('label' => qa_html(qa_opt('extra_field_prompt')), 'tags' => 'NAME="extra"', 'value' => qa_html(@$in['extra']), 'error' => qa_html(@$errors['extra'])); qa_array_insert($qa_content['form']['fields'], null, array('extra' => $field)); } if (qa_using_tags()) { $field = array('error' => qa_html(@$errors['tags'])); qa_set_up_tag_field($qa_content, $field, 'tags', isset($in['tags']) ? $in['tags'] : array(), array(), qa_opt('do_complete_tags') ? array_keys($completetags) : array(), qa_opt('page_size_ask_tags')); qa_array_insert($qa_content['form']['fields'], null, array('tags' => $field)); } qa_set_up_notify_fields($qa_content, $qa_content['form']['fields'], 'Q', qa_get_logged_in_email(), isset($in['notify']) ? $in['notify'] : qa_opt('notify_users_default'), @$in['email'], @$errors['email']); if ($usecaptcha) { require_once 'qa-app-captcha.php'; qa_set_up_captcha_field($qa_content, $qa_content['form']['fields'], @$errors, qa_insert_login_links(qa_lang_html(isset($userid) ? 'misc/captcha_confirm_fix' : 'misc/captcha_login_fix'))); } $qa_content['focusid'] = 'title'; return $qa_content; /* Omit PHP closing tag to help avoid accidental output */
function qa_page_q_add_c_form($answerid) { global $qa_content, $incomment, $informat, $errors, $questionid, $ineditor, $innotify, $inemail, $jumptoanchor, $focusonid, $usecaptcha, $qa_login_userid; $jumptoanchor = isset($answerid) ? qa_anchor('A', $answerid) : qa_anchor('Q', $questionid); $focusonid = 'comment'; $editorname = isset($ineditor) ? $ineditor : qa_opt('editor_for_cs'); $editor = qa_load_editor(@$incomment, @$informat, $editorname); $form = array('title' => qa_lang_html(isset($answerid) ? 'question/your_comment_a' : 'question/your_comment_q'), 'style' => 'tall', 'fields' => array('content' => array_merge($editor->get_field($qa_content, @$incomment, @$informat, 'comment', 4, true), array('error' => qa_html(@$errors['content'])))), 'buttons' => array('comment' => array('tags' => 'NAME="' . (isset($answerid) ? 'docommentadda_' . $answerid : 'docommentaddq') . '"', 'label' => qa_lang_html('question/add_comment_button')), 'cancel' => array('tags' => 'NAME="docancel"', 'label' => qa_lang_html('main/cancel_button'))), 'hidden' => array('editor' => qa_html($editorname))); qa_set_up_notify_fields($qa_content, $form['fields'], 'C', qa_get_logged_in_email(), isset($innotify) ? $innotify : qa_opt('notify_users_default'), @$inemail, @$errors['email']); if ($usecaptcha) { qa_set_up_captcha_field($qa_content, $form['fields'], @$errors, qa_insert_login_links(qa_lang_html(isset($qa_login_userid) ? 'misc/captcha_confirm_fix' : 'misc/captcha_login_fix'))); } return $form; }
function comment_vote_error_html($post, $userid, $topage) { require_once QA_INCLUDE_DIR . 'qa-app-users.php'; if (is_array($post) && qa_opt('permit_vote_c') && (!isset($post['raw']['userid']) || !isset($userid) || (int) $post['raw']['userid'] != $userid)) { switch (qa_user_permit_error('permit_vote_c', 'V')) { case 'login': return qa_insert_login_links(qa_lang_html('main/vote_must_login'), $topage); break; case 'confirm': return qa_insert_login_links(qa_lang_html('main/vote_must_confirm'), $topage); break; case 'limit': return qa_lang_html('main/vote_limit'); break; default: return qa_lang_html('users/no_permission'); break; case false: return false; } } else { return qa_lang_html('main/vote_not_allowed'); } // voting option should not have been presented (but could happen due to options change) }
if (empty($errors)) { qa_db_user_set_password($userid, $innewpassword1); qa_db_user_set($userid, 'sessioncode', ''); // stop old 'Remember me' style logins from still working qa_set_logged_in_user($userid, $useraccount['handle'], false, $useraccount['sessionsource']); // reinstate this specific session qa_report_event('u_password', $userid, $useraccount['handle'], qa_cookie_get()); qa_redirect('account', array('state' => 'password-changed')); } } } // Prepare content for theme $qa_content = qa_content_prepare(); $qa_content['title'] = qa_lang_html('profile/my_account_title'); $qa_content['error'] = @$errors['page']; $qa_content['form_profile'] = array('tags' => 'enctype="multipart/form-data" method="post" action="' . qa_self_html() . '"', 'style' => 'wide', 'fields' => array('duration' => array('type' => 'static', 'label' => qa_lang_html('users/member_for'), 'value' => qa_time_to_string(qa_opt('db_time') - $useraccount['created'])), 'type' => array('type' => 'static', 'label' => qa_lang_html('users/member_type'), 'value' => qa_html(qa_user_level_string($useraccount['level'])), 'note' => $isblocked ? qa_lang_html('users/user_blocked') : null), 'handle' => array('label' => qa_lang_html('users/handle_label'), 'tags' => 'name="handle"', 'value' => qa_html(isset($inhandle) ? $inhandle : $useraccount['handle']), 'error' => qa_html(@$errors['handle']), 'type' => $changehandle && !$isblocked ? 'text' : 'static'), 'email' => array('label' => qa_lang_html('users/email_label'), 'tags' => 'name="email"', 'value' => qa_html(isset($inemail) ? $inemail : $useraccount['email']), 'error' => isset($errors['email']) ? qa_html($errors['email']) : ($doconfirms && !$isconfirmed ? qa_insert_login_links(qa_lang_html('users/email_please_confirm')) : null), 'type' => $isblocked ? 'static' : 'text'), 'messages' => array('label' => qa_lang_html('users/private_messages'), 'tags' => 'name="messages"', 'type' => 'checkbox', 'value' => !($useraccount['flags'] & QA_USER_FLAGS_NO_MESSAGES), 'note' => qa_lang_html('users/private_messages_explanation')), 'wall' => array('label' => qa_lang_html('users/wall_posts'), 'tags' => 'name="wall"', 'type' => 'checkbox', 'value' => !($useraccount['flags'] & QA_USER_FLAGS_NO_WALL_POSTS), 'note' => qa_lang_html('users/wall_posts_explanation')), 'mailings' => array('label' => qa_lang_html('users/mass_mailings'), 'tags' => 'name="mailings"', 'type' => 'checkbox', 'value' => !($useraccount['flags'] & QA_USER_FLAGS_NO_MAILINGS), 'note' => qa_lang_html('users/mass_mailings_explanation')), 'avatar' => null), 'buttons' => array('save' => array('tags' => 'onclick="qa_show_waiting_after(this, false);"', 'label' => qa_lang_html('users/save_profile'))), 'hidden' => array('dosaveprofile' => '1', 'code' => qa_get_form_security_code('account'))); if (qa_get_state() == 'profile-saved') { $qa_content['form_profile']['ok'] = qa_lang_html('users/profile_saved'); } if (!qa_opt('allow_private_messages')) { unset($qa_content['form_profile']['fields']['messages']); } if (!qa_opt('allow_user_walls')) { unset($qa_content['form_profile']['fields']['wall']); } if (!qa_opt('mailing_enabled')) { unset($qa_content['form_profile']['fields']['mailings']); } if ($isblocked) { unset($qa_content['form_profile']['buttons']['save']); $qa_content['error'] = qa_lang_html('users/no_permission');
*/ if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser header('Location: ../'); exit; } // report that we entered this page qa_report_event('page_enter', qa_get_logged_in_userid(), qa_get_logged_in_handle(), qa_cookie_get(), array('params' => $_SERVER['QUERY_STRING'], 'path' => $_SERVER['SCRIPT_NAME'])); require_once QA_INCLUDE_DIR . 'qa-db-selects.php'; require_once QA_INCLUDE_DIR . 'qa-app-format.php'; require_once QA_INCLUDE_DIR . 'qa-app-q-list.php'; require_once QA_INCLUDE_DIR . 'mp-db-users.php'; ///// EMILIO ///// if (!isset($qa_login_userid)) { $qa_content = qa_content_prepare(); $qa_content['error'] = qa_insert_login_links('Please ^1log in^2 or ^3register^4 to view the questions.', $qa_request); return $qa_content; } ///// EMILIO //// $categoryslugs = $pass_subrequests; $countslugs = count($categoryslugs); $sort = $countslugs ? null : qa_get('sort'); // Get list of questions, plus category information switch ($sort) { case 'hot': $questionselect = qa_db_qs_selectspec($qa_login_userid, 'hotness', $qa_start, mp_get_categoryslug()); break; case 'votes': $questionselect = qa_db_qs_selectspec($qa_login_userid, 'netvotes', $qa_start, mp_get_categoryslug()); break; case 'answers':
function ajaxPostComment($text, $aid = false) { if ($aid) { $answer = qa_db_single_select(qa_db_full_post_selectspec(null, $aid)); } require_once QA_INCLUDE_DIR . 'qa-page-question-post.php'; global $qa_login_userid, $qa_cookieid, $question, $questionid, $formtype, $formpostid, $errors, $reloadquestion, $pageerror, $qa_request, $ineditor, $incomment, $informat, $innotify, $inemail, $commentsfollows, $jumptoanchor, $usecaptcha; $parent = isset($answer) ? $answer : $question; switch (qa_user_permit_error('permit_post_c', 'C')) { case 'login': $pageerror = qa_insert_login_links(qa_lang_html('question/comment_must_login'), $qa_request); break; case 'confirm': $pageerror = qa_insert_login_links(qa_lang_html('question/comment_must_confirm'), $qa_request); break; case 'limit': $pageerror = qa_lang_html('question/comment_limit'); break; default: $pageerror = qa_lang_html('users/no_permission'); break; case false: $incomment = qa_post_text('ajax_comment_content'); if (!isset($incomment)) { $pageerror = qa_lang_html('bork'); } else { $innotify = qa_post_text('notify') ? true : false; $inemail = qa_post_text('email'); $this->ajaxEditor($ineditor, $incomment, $informat, $intext); // use our own format types $formats = array(); $formats[] = ''; $editors = qa_list_modules('viewer'); if (in_array('Markdown Viewer', $editors)) { $formats[] = 'markdown'; } $formats[] = 'html'; $informat = $formats[qa_opt('ajax_comment_format')]; $errors = qa_comment_validate($incomment, $informat, $intext, $innotify, $inemail); if ($usecaptcha) { qa_captcha_validate($_POST, $errors); } if (empty($errors)) { $isduplicate = false; foreach ($commentsfollows as $comment) { if ($comment['basetype'] == 'C' && $comment['parentid'] == $parent['postid'] && !$comment['hidden']) { if (implode(' ', qa_string_to_words($comment['content'])) == implode(' ', qa_string_to_words($incomment))) { $isduplicate = true; } } } if (!$isduplicate) { if (!isset($qa_login_userid)) { $qa_cookieid = qa_cookie_get_create(); } // create a new cookie if necessary // get editor format $commentid = qa_comment_create($qa_login_userid, qa_get_logged_in_handle(), $qa_cookieid, $incomment, $informat, $intext, $innotify, $inemail, $question, @$answer, $commentsfollows); qa_report_write_action($qa_login_userid, $qa_cookieid, 'c_post', $questionid, @$answer['postid'], $commentid); } else { $pageerror = qa_lang_html('question/duplicate_content'); } } } break; } if ($pageerror) { $this->output_raw('### ' . $pageerror); } else { if (!empty($errors)) { $this->output_raw('### ' . implode(',', $errors)); } else { // return c_item $c_item = $this->ajaxCommentCreate($parent, $commentid); if (isset($c_item['classes'])) { $c_item['classes'] .= ' ajax-comment-hidden'; } else { $c_item['classes'] = ' ajax-comment-hidden'; } $this->c_list_item($c_item); } } }
} // Prepare content for theme $qa_content = qa_content_prepare(); $qa_content['title'] = qa_lang_html('users/confirm_title'); $qa_content['error'] = @$pageerror; if ($useremailed) { $qa_content['error'] = qa_lang_html('users/confirm_emailed'); } elseif ($userconfirmed) { $qa_content['error'] = qa_lang_html('users/confirm_complete'); if (!isset($loginuserid)) { $qa_content['suggest_next'] = strtr(qa_lang_html('users/log_in_to_access'), array('^1' => '<a href="' . qa_path_html('login', array('e' => $inhandle)) . '">', '^2' => '</a>')); } } elseif (isset($loginuserid)) { // if logged in, allow sending a fresh link require_once QA_INCLUDE_DIR . 'qa-util-string.php'; if (strlen($incode)) { $qa_content['error'] = qa_lang_html('users/confirm_wrong_resend'); } $email = qa_get_logged_in_email(); $qa_content['form'] = array('tags' => 'method="post" action="' . qa_path_html('confirm') . '"', 'style' => 'tall', 'fields' => array('email' => array('label' => qa_lang_html('users/email_label'), 'value' => qa_html($email) . strtr(qa_lang_html('users/change_email_link'), array('^1' => '<a href="' . qa_path_html('account') . '">', '^2' => '</a>')), 'type' => 'static')), 'buttons' => array('send' => array('tags' => 'name="dosendconfirm"', 'label' => qa_lang_html('users/send_confirm_button'))), 'hidden' => array('code' => qa_get_form_security_code('confirm'))); if (!qa_email_validate($email)) { $qa_content['error'] = qa_lang_html('users/email_invalid'); unset($qa_content['form']['buttons']['send']); } } else { $qa_content['error'] = qa_insert_login_links(qa_lang_html('users/confirm_wrong_log_in'), 'confirm'); } return $qa_content; /* Omit PHP closing tag to help avoid accidental output */
public function process_request($request) { $category_1 = qa_opt('qa_blog_cat_1'); $category_2 = qa_opt('qa_blog_cat_2'); $category_3 = qa_opt('qa_blog_cat_3'); $category_4 = qa_opt('qa_blog_cat_4'); $category_5 = qa_opt('qa_blog_cat_5'); $qa_content = qa_content_prepare(); $errors = array(); if (qa_clicked('docancel')) { qa_redirect('blog'); } else { if (qa_clicked('dosaveoptions')) { $in = array(); qa_get_post_content('editor', 'content', $in['editor'], $in['content'], $in['format'], $in['text']); $in['title'] = qa_post_text('title'); $in['category'] = qa_post_text('category'); if (strlen($in['title']) < 10 || strlen($in['content']) < 50 || $in['category'] !== 'cat_0' && $in['category'] !== 'cat_1' && $in['category'] !== 'cat_2' && $in['category'] !== 'cat_3' && $in['category'] !== 'cat_4' && $in['category'] !== 'cat_5') { if (strlen($in['title']) < 10) { $errors['title'] = qa_lang('qa_blog_lang/error_title'); } if (strlen($in['content']) < 50) { $errors['content'] = qa_lang('qa_blog_lang/error_content'); } if ($in['category'] !== 'cat_0' && $in['category'] !== 'cat_1' && $in['category'] !== 'cat_2' && $in['category'] !== 'cat_3' && $in['category'] !== 'cat_4' && $in['category'] !== 'cat_5') { $errors['type'] = 'Invalid category'; } } else { $type = 0; if ($in['category'] === 'cat_1') { $type = 1; } else { if ($in['category'] === 'cat_2') { $type = 2; } else { if ($in['category'] === 'cat_3') { $type = 3; } else { if ($in['category'] === 'cat_4') { $type = 4; } else { if ($in['category'] === 'cat_5') { $type = 5; } } } } } qa_db_query_sub('INSERT INTO ^blog_posts (postid, userid, posted, title, type, content, views,format) VALUES (0,#,NOW(),$,#,$,0,$)', qa_get_logged_in_userid(), $in['title'], $type, $in['content'], 'draft'); header('location:' . qa_path_to_root() . '/user/' . qa_get_logged_in_handle() . ''); } } else { if (qa_clicked('doarticle')) { $in = array(); qa_get_post_content('editor', 'content', $in['editor'], $in['content'], $in['format'], $in['text']); $in['title'] = qa_post_text('title'); $in['category'] = qa_post_text('category'); if (strlen($in['title']) < 10 || strlen($in['content']) < 50 || $in['category'] !== 'cat_0' && $in['category'] !== 'cat_1' && $in['category'] !== 'cat_2' && $in['category'] !== 'cat_3' && $in['category'] !== 'cat_4' && $in['category'] !== 'cat_5') { if (strlen($in['title']) < 10) { $errors['title'] = qa_lang('qa_blog_lang/error_title'); } if (strlen($in['content']) < 50) { $errors['content'] = qa_lang('qa_blog_lang/error_content'); } if ($in['category'] !== 'cat_0' && $in['category'] !== 'cat_1' && $in['category'] !== 'cat_2' && $in['category'] !== 'cat_3' && $in['category'] !== 'cat_4' && $in['category'] !== 'cat_5') { $errors['type'] = 'Invalid category'; } } else { $type = 0; if ($in['category'] === 'cat_1') { $type = 1; } else { if ($in['category'] === 'cat_2') { $type = 2; } else { if ($in['category'] === 'cat_3') { $type = 3; } else { if ($in['category'] === 'cat_4') { $type = 4; } else { if ($in['category'] === 'cat_5') { $type = 5; } } } } } $result = qa_db_query_sub('INSERT INTO ^blog_posts (postid, userid, posted, title, type, content, views,format) VALUES (0,#,NOW(),$,#,$,0,$)', qa_get_logged_in_userid(), $in['title'], $type, $in['content'], 'markdown'); header('location:' . qa_path_to_root() . '/blog/'); } } } } if (qa_is_logged_in()) { $qa_content['title'] = qa_lang('qa_blog_lang/articles_page'); $userpostslink = '/user/' . qa_get_logged_in_handle() . '/articles'; $editorname = isset($in['editor']) ? $in['editor'] : qa_opt('editor_for_qs'); $editor = qa_load_editor(@$in['content'], @$in['format'], $editorname); $field = qa_editor_load_field($editor, $qa_content, @$in['content'], @$in['format'], 'content', 12, false); $field['label'] = ''; $field['error'] = qa_html(@$errors['content']); $qa_content['custom'] = qa_lang('qa_blog_lang/default_blog_tagline'); $typeoptions = array('cat_1' => $category_1, 'cat_2' => $category_2, 'cat_3' => $category_3, 'cat_4' => $category_4, 'cat_5' => $category_5); $qa_content['form'] = array('tags' => 'name="blog" method="post" action="' . qa_self_html() . '"', 'style' => 'tall', 'fields' => array('title' => array('label' => qa_lang('qa_blog_lang/post_title'), 'tags' => 'name="title" id="title" autocomplete="off"', 'value' => qa_html(@$in['title']), 'error' => qa_html(@$errors['title'])), 'category' => array('label' => qa_lang('qa_blog_lang/post_cat'), 'type' => 'select', 'tags' => 'name="category"', 'options' => $typeoptions, 'error' => qa_html(@$errors['type'])), 'similar' => array('type' => 'custom', 'html' => '<span id="similar"></span>'), 'content' => $field), 'buttons' => array('post' => array('tags' => 'onclick="qa_show_waiting_after(this, false); ' . (method_exists($editor, 'update_script') ? $editor->update_script('content') : '') . '"', 'label' => qa_lang('qa_blog_lang/post_button')), 'save' => array('tags' => 'name="dosaveoptions"', 'label' => qa_lang('qa_blog_lang/draft_button')), 'cancel' => array('tags' => 'name="docancel"', 'label' => qa_lang('qa_blog_lang/cancel_button'))), 'hidden' => array('editor' => qa_html($editorname), 'code' => qa_get_form_security_code('article'), 'doarticle' => '1')); $html = "<h2>" . qa_lang('qa_blog_lang/past_post') . "</h2>"; $userid = qa_get_logged_in_userid(); $result = qa_db_query_sub("SELECT * FROM ^blog_posts WHERE userid = '{$userid}' ORDER BY posted DESC"); $i = 0; while ($blob = mysqli_fetch_array($result)) { $i++; $html .= '<ul><li><h3><a href="blog/' . $blob['postid'] . '/' . seoUrl3($blob['title']) . '">' . $blob['title'] . '</a><h3></li></ul>'; } if ($i == 0) { $html .= qa_lang('qa_blog_lang/post_null'); } $html .= ''; $qa_content['custom2'] = $html; } else { $qa_content['title'] = qa_lang('qa_blog_lang/title_error'); $qa_content['error'] = qa_insert_login_links(qa_lang('qa_blog_lang/access_error'), $request); } return $qa_content; }
function process_request($request) { // if the user is not logged in, request user to login if (!qa_get_logged_in_userid()) { $qa_content = qa_content_prepare(); $qa_content['error'] = qa_insert_login_links('Please ^1log in^2 or ^3register^4 to view leaderboard.', $request); return $qa_content; } $qa_content = qa_content_prepare(); $qa_content['title'] = 'Leaderboards'; // retrieve raw points data $Qpoints = qa_db_read_all_assoc(qa_db_query_sub('SELECT U2.handle, 500 * COUNT(P.postid) points, 100 * SUM(P.upvotes) upvotes, 100 * SUM(P.downvotes) downvotes FROM (SELECT * FROM ^posts WHERE type = "Q" and categoryid = #) P RIGHT JOIN mp_user_category_map U ON P.userid = U.userid, ^users U2 WHERE U.userid = U2.userid AND U.categoryid = # GROUP BY U.userid ORDER BY points DESC', mp_get_categoryid(), mp_get_categoryid()), 'handle'); $Apoints = qa_db_read_all_assoc(qa_db_query_sub('SELECT U2.handle, 500 * COUNT(P.postid) points, 100* SUM(P.upvotes) upvotes, 100 * SUM(P.downvotes) downvotes FROM (SELECT * FROM ^posts WHERE type = "A" AND categoryid = #) P RIGHT JOIN mp_user_category_map U ON P.userid = U.userid, ^users U2 WHERE U.userid = U2.userid AND U.categoryid = # GROUP BY U.userid ORDER BY points DESC', mp_get_categoryid(), mp_get_categoryid()), 'handle'); // Leaderboard by participation $participationData = array(); // combine the Q and A data foreach (array_keys($Qpoints) as $key) { $participationData[$key]['handle'] = $key; $participationData[$key]['points'] = $Qpoints[$key]['points'] + $Apoints[$key]['points'] + $Qpoints[$key]['upvotes'] - $Qpoints[$key]['downvotes'] + $Apoints[$key]['upvotes'] - $Apoints[$key]['downvotes']; } // Obtain a list of columns so it can be sorted using array_multisort $points1 = array(); foreach ($participationData as $key => $row) { $points1[$key] = $row['points']; } array_multisort($points1, SORT_DESC, $participationData); // Leaderboard by contribution $contributionData = array(); // combine the Q and A data foreach (array_keys($Qpoints) as $key) { $contributionData[$key]['handle'] = $key; $contributionData[$key]['points'] = $Apoints[$key]['points'] + $Apoints[$key]['upvotes'] - $Apoints[$key]['downvotes']; } // Obtain a list of columns so it can be sorted using array_multisort $points = array(); foreach ($contributionData as $key => $row) { $points[$key] = $row['points']; } array_multisort($points, SORT_DESC, $contributionData); // calculate activity points $activityPoints = qa_db_read_all_assoc(qa_db_query_sub('SELECT QU.handle, COALESCE(SUM(U.points), 0) points FROM `mp_userpoints` U RIGHT JOIN mp_user_category_map M ON U.userid = M.userid AND U.categoryid = M.categoryid, qa_users QU WHERE M.userid = QU.userid AND M.categoryid = # GROUP BY M.userid ORDER BY points DESC, QU.handle ASC', mp_get_categoryid()), 'handle'); // calculate overall points //$allPoints = qa_db_read_all_assoc( // qa_db_query_sub('SELECT U.handle, P.userid, COALESCE(SUM(POINTS),0) points FROM (SELECT * FROM mp_userpoints WHERE categoryid = # ) P RIGHT JOIN ^users U ON P.userid = U.userid GROUP BY P.userid ORDER BY points DESC', // mp_get_categoryid())); $allPoints = array(); foreach (array_keys($Qpoints) as $key) { $allPoints[$key] = $participationData[$key]['points'] + $contributionData[$key]['points'] + $activityPoints[$key]['points']; } asort($allPoints, SORT_NUMERIC); $allPoints = array_reverse($allPoints, true); ////////////////////////////////////////////////////////////////////////////////////////////////////// // begin data display ////////////////////////////////////////////////////////////////////////////////////////////////////// $data = '<table><tr><td>'; $data .= '<div style="background-color:#EEEEFF;visibility: visible; border:1px solid #4488FF; width:160px; overflow:auto; "> <div style="background-color:#4488FF; font-family:Arial; font-size:14px; text-align:center; color:white; padding:3px;">Total Points</div> <div style="font-family:Arial; font-size:14px; text-align:center; color:black; padding:3px;">'; $data .= '<table width="100%">'; foreach ($allPoints as $handle => $points) { $data .= '<tr><td align="left">' . $handle . '</td><td align="right">' . $points . '</td></tr>'; } $data .= '</table></div></div><br />'; $data .= '</td><td> </td><td>'; $data .= '<div style="background-color:#EEEEFF;visibility: visible; border:1px solid #4488FF; width:160px; overflow:auto; "> <div style="background-color:#4488FF; font-family:Arial; font-size:14px; text-align:center; color:white; padding:3px;">Participation</div> <div style="font-family:Arial; font-size:14px; text-align:center; color:black; padding:3px;">'; $data .= '<table width="100%">'; foreach ($participationData as $row) { $data .= '<tr><td align="left">' . $row['handle'] . '</td><td align="right">' . $row['points'] . '</td></tr>'; } $data .= '</table></div></div><br /> '; $data .= '</td><td> </td><td>'; $data .= '<div style="background-color:#EEEEFF;visibility: visible; border:1px solid #4488FF; width:160px; overflow:auto; "> <div style="background-color:#4488FF; font-family:Arial; font-size:14px; text-align:center; color:white; padding:3px;">Knowledge Contribution</div> <div style="font-family:Arial; font-size:14px; text-align:center; color:black; padding:3px;">'; $data .= '<table width="100%">'; foreach ($contributionData as $row) { $data .= '<tr><td align="left">' . $row['handle'] . '</td><td align="right">' . $row['points'] . '</td></tr>'; } $data .= '</table></div></div><br /> '; $data .= '</td><td> </td><td>'; $data .= '<div style="background-color:#EEEEFF;visibility: visible; border:1px solid #4488FF; width:160px; overflow:auto; "> <div style="background-color:#4488FF; font-family:Arial; font-size:14px; text-align:center; color:white; padding:3px;">Usage Activity</div> <div style="font-family:Arial; font-size:14px; text-align:center; color:black; padding:3px;">'; $data .= '<table width="100%">'; foreach ($activityPoints as $row) { $data .= '<tr><td align="left">' . $row['handle'] . '</td><td align="right">' . $row['points'] . '</td></tr>'; } $data .= '</table></div></div><br /> '; $data .= '</td></tr></table>'; $qa_content['custom_1'] = $data; return $qa_content; }
require_once QA_INCLUDE_DIR . 'qa-db-selects.php'; require_once QA_INCLUDE_DIR . 'qa-app-users.php'; require_once QA_INCLUDE_DIR . 'qa-app-format.php'; require_once QA_INCLUDE_DIR . 'qa-app-limits.php'; $handle = qa_request_part(1); $loginuserid = qa_get_logged_in_userid(); // Check we have a handle, we're not using Q2A's single-sign on integration and that we're logged in if (QA_FINAL_EXTERNAL_USERS) { qa_fatal_error('User accounts are handled by external code'); } if (!strlen($handle)) { qa_redirect('users'); } if (!isset($loginuserid)) { $qa_content = qa_content_prepare(); $qa_content['error'] = qa_insert_login_links(qa_lang_html('misc/message_must_login'), qa_request()); return $qa_content; } // Find the user profile and questions and answers for this handle list($toaccount, $torecent, $fromrecent) = qa_db_select_with_pending(qa_db_user_account_selectspec($handle, false), qa_db_recent_messages_selectspec($loginuserid, true, $handle, false), qa_db_recent_messages_selectspec($handle, false, $loginuserid, true)); // Check the user exists and work out what can and can't be set (if not using single sign-on) if (!qa_opt('allow_private_messages') || !is_array($toaccount) || $toaccount['flags'] & QA_USER_FLAGS_NO_MESSAGES) { return include QA_INCLUDE_DIR . 'qa-page-not-found.php'; } // Check that we have permission and haven't reached the limit $errorhtml = null; switch (qa_user_permit_error(null, QA_LIMIT_MESSAGES)) { case 'limit': $errorhtml = qa_lang_html('misc/message_limit'); break; case false:
function qa_page_q_do_comment($question, $parent, $commentsfollows, $pagestart, $usecaptcha, &$cnewin, &$cnewerrors, &$formtype, &$formpostid, &$error) { $answer = $question['postid'] == $parent['postid'] ? null : $parent; $parentid = $parent['postid']; switch (qa_user_permit_error('permit_post_c', QA_LIMIT_COMMENTS)) { case 'login': $error = qa_insert_login_links(qa_lang_html('question/comment_must_login'), qa_request()); break; case 'confirm': $error = qa_insert_login_links(qa_lang_html('question/comment_must_confirm'), qa_request()); break; case 'limit': $error = qa_lang_html('question/comment_limit'); break; default: $error = qa_lang_html('users/no_permission'); break; case false: if (qa_clicked('c' . $parentid . '_doadd')) { $commentid = qa_page_q_add_c_submit($question, $parent, $commentsfollows, $usecaptcha, $cnewin[$parentid], $cnewerrors[$parentid]); if (isset($commentid)) { qa_page_q_refresh($pagestart, null, $parent['basetype'], $parentid); } else { $formtype = 'c_add'; $formpostid = $parentid; // show form again } } else { $formtype = 'c_add'; $formpostid = $parentid; // show form first time } break; } }
function qa_page_q_do_comment($question, $parent, $commentsfollows, $pagestart, $usecaptcha, &$cnewin, &$cnewerrors, &$formtype, &$formpostid, &$error) { // The 'approve', 'login', 'confirm', 'userblock', 'ipblock' permission errors are reported to the user here // The other option ('level') prevents the comment button being shown, in qa_page_q_post_rules(...) $answer = $question['postid'] == $parent['postid'] ? null : $parent; $parentid = $parent['postid']; switch (qa_user_post_permit_error('permit_post_c', $parent, QA_LIMIT_COMMENTS)) { case 'login': $error = qa_insert_login_links(qa_lang_html('question/comment_must_login'), qa_request()); break; case 'confirm': $error = qa_insert_login_links(qa_lang_html('question/comment_must_confirm'), qa_request()); break; case 'approve': $error = qa_lang_html('question/comment_must_be_approved'); break; case 'limit': $error = qa_lang_html('question/comment_limit'); break; default: $error = qa_lang_html('users/no_permission'); break; case false: if (qa_clicked('c' . $parentid . '_doadd')) { $commentid = qa_page_q_add_c_submit($question, $parent, $commentsfollows, $usecaptcha, $cnewin[$parentid], $cnewerrors[$parentid]); if (isset($commentid)) { qa_page_q_refresh($pagestart, null, $parent['basetype'], $parentid); } else { $formtype = 'c_add'; $formpostid = $parentid; // show form again } } else { $formtype = 'c_add'; $formpostid = $parentid; // show form first time } break; } }
function qa_flag_error_html($post, $userid, $topage) { require_once QA_INCLUDE_DIR . 'qa-db-selects.php'; require_once QA_INCLUDE_DIR . 'qa-app-options.php'; require_once QA_INCLUDE_DIR . 'qa-app-users.php'; if (is_array($post) && qa_opt('flagging_of_posts') && (!isset($post['userid']) || !isset($userid) || $post['userid'] != $userid)) { switch (qa_user_permit_error('permit_flag', 'F')) { case 'login': return qa_insert_login_links(qa_lang_html('question/flag_must_login'), $topage); break; case 'confirm': return qa_insert_login_links(qa_lang_html('question/flag_must_confirm'), $topage); break; case 'limit': return qa_lang_html('question/flag_limit'); break; default: return qa_lang_html('users/no_permission'); break; case false: return false; } } else { return qa_lang_html('question/flag_not_allowed'); } // flagging option should not have been presented }
function qa_page_q_add_c_form(&$qa_content, $question, $parent, $formid, $captchareason, $in, $errors, $loadfocusnow) { // The 'approve', 'login', 'confirm', 'userblock', 'ipblock' permission errors are reported to the user here // The other option ('level') prevents the comment button being shown, in qa_page_q_post_rules(...) switch (qa_user_post_permit_error('permit_post_c', $parent, QA_LIMIT_COMMENTS)) { case 'login': $form = array('title' => qa_insert_login_links(qa_lang_html('question/comment_must_login'), qa_request())); break; case 'confirm': $form = array('title' => qa_insert_login_links(qa_lang_html('question/comment_must_confirm'), qa_request())); break; case 'approve': $form = array('title' => qa_lang_html('question/comment_must_be_approved')); break; case 'limit': $form = array('title' => qa_lang_html('question/comment_limit')); break; default: $form = array('title' => qa_lang_html('users/no_permission')); break; case false: $prefix = 'c' . $parent['postid'] . '_'; $editorname = isset($in['editor']) ? $in['editor'] : qa_opt('editor_for_cs'); $editor = qa_load_editor(@$in['content'], @$in['format'], $editorname); if (method_exists($editor, 'update_script')) { $updatescript = $editor->update_script($prefix . 'content'); } else { $updatescript = ''; } $custom = qa_opt('show_custom_comment') ? trim(qa_opt('custom_comment')) : ''; $form = array('tags' => 'method="post" action="' . qa_self_html() . '" name="c_form_' . qa_html($parent['postid']) . '"', 'title' => qa_lang_html($question['postid'] == $parent['postid'] ? 'question/your_comment_q' : 'question/your_comment_a'), 'fields' => array('custom' => array('type' => 'custom', 'note' => $custom), 'content' => array_merge(qa_editor_load_field($editor, $qa_content, @$in['content'], @$in['format'], $prefix . 'content', 4, $loadfocusnow, $loadfocusnow), array('error' => qa_html(@$errors['content'])))), 'buttons' => array('comment' => array('tags' => 'onclick="' . $updatescript . ' return qa_submit_comment(' . qa_js($question['postid']) . ', ' . qa_js($parent['postid']) . ', this);"', 'label' => qa_lang_html('question/add_comment_button')), 'cancel' => array('tags' => 'name="docancel"', 'label' => qa_lang_html('main/cancel_button'))), 'hidden' => array($prefix . 'editor' => qa_html($editorname), $prefix . 'doadd' => '1', $prefix . 'code' => qa_get_form_security_code('comment-' . $parent['postid']))); if (!strlen($custom)) { unset($form['fields']['custom']); } if (!qa_is_logged_in()) { qa_set_up_name_field($qa_content, $form['fields'], @$in['name'], $prefix); } qa_set_up_notify_fields($qa_content, $form['fields'], 'C', qa_get_logged_in_email(), isset($in['notify']) ? $in['notify'] : qa_opt('notify_users_default'), $in['email'], @$errors['email'], $prefix); $onloads = array(); if ($captchareason) { $captchaloadscript = qa_set_up_captcha_field($qa_content, $form['fields'], $errors, qa_captcha_reason_note($captchareason)); if (strlen($captchaloadscript)) { $onloads[] = 'document.getElementById(' . qa_js($formid) . ').qa_show=function() { ' . $captchaloadscript . ' };'; } } if (!$loadfocusnow) { if (method_exists($editor, 'load_script')) { $onloads[] = 'document.getElementById(' . qa_js($formid) . ').qa_load=function() { ' . $editor->load_script($prefix . 'content') . ' };'; } if (method_exists($editor, 'focus_script')) { $onloads[] = 'document.getElementById(' . qa_js($formid) . ').qa_focus=function() { ' . $editor->focus_script($prefix . 'content') . ' };'; } $form['buttons']['cancel']['tags'] .= ' onclick="return qa_toggle_element()"'; } if (count($onloads)) { $qa_content['script_onloads'][] = $onloads; } } $form['id'] = $formid; $form['collapse'] = !$loadfocusnow; $form['style'] = 'tall'; return $form; }
$errors['newpassword2'] = qa_lang('users/password_mismatch'); } if (empty($errors)) { qa_db_user_set_password($userid, $innewpassword1); qa_db_user_set($userid, 'sessioncode', ''); // stop old 'Remember me' style logins from still working qa_set_logged_in_user($userid, $useraccount['handle'], false, $useraccount['sessionsource']); // reinstate this specific session qa_report_event('u_password', $userid, $useraccount['handle'], qa_cookie_get()); qa_redirect('account', array('state' => 'password-changed')); } } // Prepare content for theme $qa_content = qa_content_prepare(); $qa_content['title'] = qa_lang_html('profile/my_account_title'); $qa_content['form_profile'] = array('tags' => 'ENCTYPE="multipart/form-data" METHOD="POST" ACTION="' . qa_self_html() . '"', 'style' => 'wide', 'fields' => array('duration' => array('type' => 'static', 'label' => qa_lang_html('users/member_for'), 'value' => qa_time_to_string(qa_opt('db_time') - $useraccount['created'])), 'type' => array('type' => 'static', 'label' => qa_lang_html('users/member_type'), 'value' => qa_html(qa_user_level_string($useraccount['level']))), 'handle' => array('label' => qa_lang_html('users/handle_label'), 'tags' => 'NAME="handle"', 'value' => qa_html(isset($inhandle) ? $inhandle : $useraccount['handle']), 'error' => qa_html(@$errors['handle']), 'type' => $changehandle ? 'text' : 'static'), 'email' => array('label' => qa_lang_html('users/email_label'), 'tags' => 'NAME="email"', 'value' => qa_html(isset($inemail) ? $inemail : $useraccount['email']), 'error' => isset($errors['email']) ? qa_html($errors['email']) : ($doconfirms && !$isconfirmed ? qa_insert_login_links(qa_lang_html('users/email_please_confirm')) : null)), 'messages' => array('label' => qa_lang_html('users/private_messages'), 'tags' => 'NAME="messages"', 'type' => 'checkbox', 'value' => !($useraccount['flags'] & QA_USER_FLAGS_NO_MESSAGES), 'note' => qa_lang_html('users/private_messages_explanation')), 'mailings' => array('label' => qa_lang_html('users/mass_mailings'), 'tags' => 'NAME="mailings"', 'type' => 'checkbox', 'value' => !($useraccount['flags'] & QA_USER_FLAGS_NO_MAILINGS), 'note' => qa_lang_html('users/mass_mailings_explanation')), 'avatar' => null), 'buttons' => array('save' => array('label' => qa_lang_html('users/save_profile'))), 'hidden' => array('dosaveprofile' => '1')); if (qa_get_state() == 'profile-saved') { $qa_content['form_profile']['ok'] = qa_lang_html('users/profile_saved'); } if (!qa_opt('allow_private_messages')) { unset($qa_content['form_profile']['fields']['messages']); } if (!qa_opt('mailing_enabled')) { unset($qa_content['form_profile']['fields']['mailings']); } // Avatar upload stuff if (qa_opt('avatar_allow_gravatar') || qa_opt('avatar_allow_upload')) { $avataroptions = array(); if (qa_opt('avatar_default_show') && strlen(qa_opt('avatar_default_blobid'))) { $avataroptions[''] = '<SPAN STYLE="margin:2px 0; display:inline-block;">' . qa_get_avatar_blob_html(qa_opt('avatar_default_blobid'), qa_opt('avatar_default_width'), qa_opt('avatar_default_height'), 32) . '</SPAN> ' . qa_lang_html('users/avatar_default'); } else {
function qa_flag_error_html($post, $userid, $topage) { if (qa_to_override(__FUNCTION__)) { $args = func_get_args(); return qa_call_override(__FUNCTION__, $args); } // The 'login', 'confirm', 'limit', 'userblock' and 'ipblock' permission errors are reported to the user here. // Others ('approve', 'level') prevent the flag button being shown, in qa_page_q_post_rules(...) require_once QA_INCLUDE_DIR . 'db/selects.php'; require_once QA_INCLUDE_DIR . 'app/options.php'; require_once QA_INCLUDE_DIR . 'app/users.php'; require_once QA_INCLUDE_DIR . 'app/limits.php'; if (is_array($post) && qa_opt('flagging_of_posts') && (!isset($post['userid']) || !isset($userid) || $post['userid'] != $userid)) { switch (qa_user_post_permit_error('permit_flag', $post, QA_LIMIT_FLAGS)) { case 'login': return qa_insert_login_links(qa_lang_html('question/flag_must_login'), $topage); break; case 'confirm': return qa_insert_login_links(qa_lang_html('question/flag_must_confirm'), $topage); break; case 'limit': return qa_lang_html('question/flag_limit'); break; default: return qa_lang_html('users/no_permission'); break; case false: return false; } } else { return qa_lang_html('question/flag_not_allowed'); } // flagging option should not have been presented }
} if (@$followanswer['basetype'] != 'A') { $followanswer = null; } // Check for permission error $permiterror = qa_user_maximum_permit_error('permit_post_q', QA_LIMIT_QUESTIONS); if ($permiterror) { $qa_content = qa_content_prepare(); // The 'approve', 'login', 'confirm', 'limit', 'userblock', 'ipblock' permission errors are reported to the user here // The other option ('level') prevents the menu option being shown, in qa_content_prepare(...) switch ($permiterror) { case 'login': $qa_content['error'] = qa_insert_login_links(qa_lang_html('question/ask_must_login'), qa_request(), isset($followpostid) ? array('follow' => $followpostid) : null); break; case 'confirm': $qa_content['error'] = qa_insert_login_links(qa_lang_html('question/ask_must_confirm'), qa_request(), isset($followpostid) ? array('follow' => $followpostid) : null); break; case 'limit': $qa_content['error'] = qa_lang_html('question/ask_limit'); break; case 'approve': $qa_content['error'] = qa_lang_html('question/ask_must_be_approved'); break; default: $qa_content['error'] = qa_lang_html('users/no_permission'); break; } return $qa_content; } // Process input $captchareason = qa_user_captcha_reason();
public function process_request($request) { // set up user $this->user = array('id' => qa_get_logged_in_userid(), 'handle' => qa_get_logged_in_handle(), 'flags' => qa_get_logged_in_flags(), 'level' => qa_get_logged_in_level()); // check if user is banned (kicked) $sql = 'SELECT kickeduntil, (kickeduntil-NOW() > 0) AS iskicked FROM ^chat_users WHERE userid=#'; $result = qa_db_query_sub($sql, $this->user['id']); $row = qa_db_read_one_assoc($result, true); $this->user['iskicked'] = @$row['iskicked']; $this->user['kickeduntil'] = @$row['kickeduntil']; // create dates for database $now = time(); $this->dates = array('posted' => gmdate('Y-m-d H:i:s', $now), 'posted_utc' => gmdate('Y-m-d\\TH:i:s\\Z', $now)); $opt_kicklevel = qa_opt($this->optkick); // AJAX: someone posted a message $message = qa_post_text('ajax_add_message'); if ($message !== null) { if (!$this->user_perms_post()) { echo "QA_AJAX_RESPONSE\n0\nYou are not allowed to post currently, sorry."; return; } // prevent just spaces $message = trim($message); if (strlen($message) == 0) { echo "QA_AJAX_RESPONSE\n0\nThe message you post must actually be something."; return; } $data = array('userid' => $this->user['id'], 'username' => $this->user['handle'], 'posted' => $this->dates['posted'], 'posted_utc' => $this->dates['posted_utc'], 'message' => $message); // save to database $data['postid'] = $this->post_message($data); $this->update_activity(true); $data['username'] = qa_html($data['username']); $data['message'] = $this->format_message($data['message']); header('Content-Type: text/plain; charset=utf-8'); echo "QA_AJAX_RESPONSE\n" . $this->user['id'] . "\n" . json_encode($data); return; } // AJAX: polling check; $lastid=0 on initial page load $lastid = qa_post_text('ajax_get_messages'); if ($lastid !== null) { if (!$this->user_perms_view()) { echo "QA_AJAX_RESPONSE\n0\nYou don't appear to be logged in. Please reload the page."; return; } if ($this->user_perms_kicked()) { echo "QA_AJAX_RESPONSE\n0\nYou have been kicked. Please reload the page."; return; } $this->update_activity($lastid == 0); $messages = $this->get_messages($lastid); $users = $this->users_online(); header('Content-Type: text/plain; charset=utf-8'); echo "QA_AJAX_RESPONSE\n" . $this->user['id'] . "\n" . json_encode($messages) . "\n" . json_encode($users); return; } // AJAX: request to kick user $kickuserid = qa_post_text('ajax_kick_userid'); $kickhandle = qa_post_text('ajax_kick_username'); if ($kickuserid !== null) { // make sure user is correct level as set in options if ($this->user['level'] < $opt_kicklevel) { echo "QA_AJAX_RESPONSE\n0\nYou are not allowed to do that currently, sorry."; return; } $this->kick_user($kickuserid, $kickhandle); header('Content-Type: text/plain; charset=utf-8'); echo "QA_AJAX_RESPONSE\n" . $this->user['id'] . "\nGave 'em a right kickin'!"; return; } // regular page request $qa_content = qa_content_prepare(); $qa_content['title'] = 'Chat Room'; $qa_content['script_rel'][] = $this->urltoroot . 'qa-chat.js?v=1.7'; if ($this->user_perms_post()) { $qa_content['custom_form'] = '<form method="post" id="qa-chat-form">' . ' <input id="message" class="qa-chat-post" type="text" name="ajax_add_message" autocomplete="off" maxlength="800">' . ' <input type="submit" value="Post">' . '</form>' . '<ul id="qa-chat-list"></ul>'; } else { if ($this->user_perms_kicked()) { $ktil_utc = gmdate('Y-m-d\\TH:i:s\\Z', strtotime($this->user['kickeduntil'])); $qa_content['error'] = 'Sorry, you have been kicked from chat temporarily. Take a few moments to chill.<br>' . 'The ban expires <span id="qa_chat_kickeduntil" data-utc="' . $ktil_utc . '" title="' . $ktil_utc . '">soon</span>' . '<script>$("#qa_chat_kickeduntil").timeago();</script>'; } else { if ($this->user_perms_view()) { $qa_content['error'] = 'Sorry, you are currently unable to post in chat. If you are new, you must confirm your email address.'; } else { $qa_content['error'] = qa_insert_login_links('Please ^1log in^2 or ^3register^4 to use the chat room.', $request); } } } return $qa_content; }