public function build($runData)
{
$c = new Criteria();
$c->add("site_id", $runData->getTemp("site")->getSiteId());
$c->addJoin("user_id", "ozone_user.user_id");
$pl = $runData->getParameterList();
$from = $pl->getParameterValue("group", "MODULE");
$showSince = $pl->getParameterValue("showSince", "MODULE");
if ($showSince == "no" || $showSince == "false" || $showSince == "get lost") {
$showSince = false;
} else {
$showSince = true;
}
if ($pl->getParameterType("from") == "MODULE") {
$from = $pl->getParameterValue("from");
}
if ($from !== "admins" && $from !== "moderators") {
$from = null;
}
if ($from === "admins") {
$mems = DB_AdminPeer::instance()->select($c);
} elseif ($from === "moderators") {
$mems = DB_ModeratorPeer::instance()->select($c);
} else {
$mems = DB_MemberPeer::instance()->select($c);
}
if (count($mems) > 0) {
$runData->contextAdd("from", $from);
$runData->contextAdd("memberships", $mems);
$runData->contextAdd("showSince", $showSince);
}
}
private function canSetBlock($user, $page)
{
if ($user && ($user->getSuperAdmin() || $user->getSuperModerator())) {
return true;
}
if (!$user) {
return false;
}
// still nothing. check if moderator of "pages".
$c = new Criteria();
$c->add("site_id", $page->getSiteId());
$c->add("user_id", $user->getUserId());
$rel = DB_ModeratorPeer::instance()->selectOne($c);
if ($rel && strpos($rel->getPermissions(), 'p') !== false) {
return true;
}
// still nothing. check if admin.
$c = new Criteria();
$c->add("site_id", $page->getSiteId());
$c->add("user_id", $user->getUserId());
$rel = DB_AdminPeer::instance()->selectOne($c);
if ($rel) {
return true;
}
return false;
}
public function build($runData)
{
$pl = $runData->getParameterList();
$threadId = $pl->getParameterValue("threadId");
$site = $runData->getTemp("site");
$user = $runData->getUser();
$db = Database::connection();
$db->begin();
$thread = DB_ForumThreadPeer::instance()->selectByPrimaryKey($threadId);
if ($thread == null || $thread->getSiteId() !== $site->getSiteId()) {
throw new ProcessException(_("No thread found... Is it deleted?"), "no_thread");
}
// check if thread blocked
if ($thread->getBlocked()) {
// check if moderator or admin
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$rel = DB_ModeratorPeer::instance()->selectOne($c);
if (!$rel || strpos($rel->getPermissions(), 'f') == false) {
$rel = DB_AdminPeer::instance()->selectOne($c);
if (!$rel) {
throw new WDPermissionException(_("Sorry, this thread is blocked. Nobody can add new posts nor edit existing ones."));
}
}
}
$category = $thread->getCategory();
WDPermissionManager::instance()->hasForumPermission('edit_thread', $runData->getUser(), $category, $thread);
$runData->contextAdd("thread", $thread);
$db->commit();
}
public function build($runData)
{
$c = new Criteria();
$c->add("site_id", $runData->getTemp("site")->getSiteId());
$c->addJoin("user_id", "ozone_user.user_id");
$c->addOrderAscending("ozone_user.nick_name");
$mems = DB_ModeratorPeer::instance()->select($c);
if (count($mems) > 0) {
$runData->contextAdd("moderators", $mems);
}
}
public function build($runData)
{
$userId = $runData->getUserId();
// get all membership - criteria with join ;-) wooo!
$c = new Criteria();
$c->add("user_id", $userId);
$c->addJoin("site_id", "site.site_id");
$c->add("site.deleted", false);
$mems = DB_ModeratorPeer::instance()->select($c);
if (count($mems) > 0) {
$runData->contextAdd("moderators", $mems);
}
}
public function build($runData)
{
$pl = $runData->getParameterList();
$postId = $pl->getParameterValue("postId", "AMODULE");
$user = $runData->getUser();
$site = $runData->getTemp("site");
if ($postId == null || !is_numeric($postId)) {
throw new ProcessException(_("No post specified."), "no_post");
}
$post = DB_ForumPostPeer::instance()->selectByPrimaryKey($postId);
if ($post == null || $post->getSiteId() != $site->getSiteId()) {
throw new ProcessException(_("No post specified."), "no_post");
}
$category = $post->getForumThread()->getCategory();
WDPermissionManager::instance()->hasForumPermission('edit_post', $runData->getUser(), $category, null, $post);
// check if thread blocked
$thread = $post->getForumThread();
if ($thread->getBlocked()) {
// check if moderator or admin
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$rel = DB_ModeratorPeer::instance()->selectOne($c);
if (!$rel || strpos($rel->getPermissions(), 'f') == false) {
$rel = DB_AdminPeer::instance()->selectOne($c);
if (!$rel) {
throw new WDPermissionException(_("Sorry, this thread is blocked. Nobody can add new posts nor edit existing ones."));
}
}
}
// OK for now...
// keep the session - i.e. put an object into session storage not to delete it!!!
$runData->sessionAdd("keep", true);
$runData->contextAdd("post", $post);
$runData->ajaxResponseAdd("postId", $postId);
$userId = $runData->getUserId();
if ($userId == null) {
$userString = $runData->createIpString();
$runData->contextAdd("anonymousString", $userString);
}
}
public function build($runData)
{
$pl = $runData->getParameterList();
$moderatorId = $pl->getParameterValue("moderatorId");
$site = $runData->getTemp("site");
$mod = DB_ModeratorPeer::instance()->selectByPrimaryKey($moderatorId);
if ($mod == null || $mod->getSiteId() != $site->getSiteId()) {
throw new ProcessException("No such moderator.");
}
$runData->contextAdd("moderator", $mod);
$ps = $mod->getPermissions();
if (strpos($ps, 'p') !== false) {
$runData->contextAdd("ppages", true);
}
if (strpos($ps, 'f') !== false) {
$runData->contextAdd("pforum", true);
}
if (strpos($ps, 'u') !== false) {
$runData->contextAdd("pusers", true);
}
$runData->ajaxResponseAdd("moderatorId", $moderatorId);
}
public function saveModeratorPermissionsEvent($runData)
{
$pl = $runData->getParameterList();
$moderatorId = $pl->getParameterValue("moderatorId");
if ($moderatorId == null || !is_numeric($moderatorId)) {
throw new ProcessException(_("Moderator does not exist."));
}
$mod = DB_ModeratorPeer::instance()->selectByPrimaryKey($moderatorId);
if ($mod == null || $mod->getSiteId() != $runData->getTemp("site")->getSiteId()) {
throw new ProcessException(_("Moderator does not exist."));
}
$ps = '';
if ($pl->getParameterValue("pages")) {
$ps .= 'p';
}
if ($pl->getParameterValue("forum")) {
$ps .= 'f';
}
if ($pl->getParameterValue("users")) {
$ps .= 'u';
}
$mod->setPermissions($ps);
$mod->save();
if (GlobalProperties::$UI_SLEEP) {
sleep(1);
}
}
public function moderatorResignEvent($runData)
{
$siteId = $runData->getParameterList()->getParameterValue("site_id");
$userId = $runData->getUserId();
$db = Database::connection();
$db->begin();
$c = new Criteria();
$c->add("user_id", $userId);
$c->add("site_id", $siteId);
DB_ModeratorPeer::instance()->delete($c);
$site = DB_SitePeer::instance()->selectByPrimaryKey($siteId);
$user = $runData->getUser();
AdminNotificationMaker::instance()->moderatorResigned($site, $user);
$db->commit();
}
public function build($runData)
{
$pl = $runData->getParameterList();
$postId = $pl->getParameterValue("postId");
$threadId = $pl->getParameterValue("threadId");
$user = $runData->getUser();
$site = $runData->getTemp("site");
$title = '';
$db = Database::connection();
$db->begin();
$thread = DB_ForumThreadPeer::instance()->selectByPrimaryKey($threadId);
if ($thread == null || $thread->getSiteId() !== $site->getSiteId()) {
throw new ProcessException(_("No thread found... Is it deleted?"), "no_thread");
}
// check if thread blocked
if ($thread->getBlocked()) {
// check if moderator or admin
if ($runData->getUser()) {
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$rel = DB_ModeratorPeer::instance()->selectOne($c);
}
if (!$rel || strpos($rel->getPermissions(), 'f') == false) {
$rel = DB_AdminPeer::instance()->selectOne($c);
if (!$rel) {
throw new WDPermissionException(_("Sorry, this thread is blocked. Nobody can add new posts nor edit existing ones."));
}
}
}
// now check if user is allowed
$category = $thread->getCategory();
WDPermissionManager::instance()->hasForumPermission('new_post', $runData->getUser(), $category);
if ($postId !== null && is_numeric($postId)) {
$post = DB_ForumPostPeer::instance()->selectByPrimaryKey($postId);
if ($post == null || $post->getThreadId() !== $thread->getThreadId()) {
throw new ProcessException(_("Original post does not exist! Please reload the page to make it up-to-date."), "no_post");
}
// try to determine true parent id based on the nesting level.
// TODO!
$maxNest = $thread->getForumCategory()->getEffectiveMaxNestLevel();
// now check the nest level of the post... woooo...
$parentId6 = $post->getParentId();
$nestLevel6 = 0;
$parents = array();
while ($parentId6 != null) {
$parent6 = DB_ForumPostPeer::instance()->selectByPrimaryKey($parentId6);
$parents[] = $parent6;
$parentId6 = $parent6->getParentId();
$nestLevel6++;
}
if ($nestLevel6 >= $maxNest) {
// change parent id to the maxNest-1 in the chain
$parent = $parents[$nestLevel6 - ($maxNest - 1) - 1];
if ($parent) {
$parentId = $parent->getPostId();
$parentChanged = true;
}
} else {
$parentId = $post->getPostId();
}
$title = preg_replace('/^Re:\\s?/', '', $post->getTitle());
$title = 'Re: ' . $title;
} else {
// only if NOT a page discussion
if ($thread->getPageId() == null) {
$title = 'Re: ' . $thread->getTitle();
}
}
$runData->contextAdd("thread", $thread);
if ($parentId) {
$runData->ajaxResponseAdd("parentId", $parentId);
$runData->contextAdd("parentId", $parentId);
if ($parentChanged) {
$runData->ajaxResponseAdd("parentChanged", true);
}
}
$runData->contextAdd("title", $title);
// keep the session - i.e. put an object into session storage not to delete it!!!
$runData->sessionAdd("keep", true);
$userId = $runData->getUserId();
if ($userId == null) {
$userString = $runData->createIpString();
$runData->contextAdd("anonymousString", $userString);
}
$db->commit();
}
public function saveEvent($runData)
{
$params = $runData->getParameterList()->asArray();
$ids = array();
foreach ($params as $param_key => $param_val) {
$m = array();
if (preg_match(';^nick_name_([new0-9]+)$;', $param_key, $m)) {
$ids[] = $m[1];
}
}
foreach ($ids as $id) {
$nick_name = $params["nick_name_{$id}"];
$password = $params["password_{$id}"];
$admin = $params["admin_{$id}"] ? true : false;
$mod = $params["mod_{$id}"] ? true : false;
$site = $runData->getTemp('site');
if ($nick_name) {
if ($id = 1 * $id) {
$u = DB_OzoneUserPeer::instance()->selectByPrimaryKey($id);
} else {
$u = null;
}
$next = false;
if (!$u) {
$u = new DB_OzoneUser();
if (!$password) {
$next = true;
}
$u->save();
$m = new DB_Member();
$m->setUserId($u->getUserId());
$m->setSiteId($site->getSiteId());
$m->save();
}
if (!$next) {
$u->setName($nick_name);
$u->setEmail($nick_name);
$u->setNickName($nick_name);
$u->setUnixName(WDStringUtils::toUnixName($nick_name));
if ($password) {
$u->setPassword(md5($password));
}
$u->save();
if ($admin) {
if (!WDPermissionManager::hasPermission('manage_site', $u, $site)) {
$a = new DB_Admin();
$a->setUserId($u->getUserId());
$a->setSiteId($site->getSiteId());
$a->save();
}
} else {
// ! $admin
$c = new Criteria();
$c->add('site_id', $site->getSiteId());
$c->add('user_id', $u->getUserId());
DB_AdminPeer::instance()->delete($c);
}
if ($mod) {
if (!WDPermissionManager::hasPermission('moderate_site', $u, $site)) {
$m = new DB_Moderator();
$m->setUserId($u->getUserId());
$m->setSiteId($site->getSiteId());
$m->save();
}
} else {
// ! $mod
$c = new Criteria();
$c->add('site_id', $site->getSiteId());
$c->add('user_id', $u->getUserId());
DB_ModeratorPeer::instance()->delete($c);
}
}
}
}
}
public function hasForumPermission($action, $user, $category, $thread = null, $post = null)
{
if ($user) {
if (is_string($user) && is_numeric($user) || is_int($user)) {
$user = DB_OzoneUserPeer::instance()->selectByPrimaryKey($user);
}
}
if ($user && ($user->getSuperAdmin() || $user->getSuperModerator())) {
return true;
}
$site = $GLOBALS['site'];
// ugly.
// ban by IP first.
if ($this->checkIpBlocks) {
$ips = Ozone::getRunData()->createIpString();
$blocks = $this->checkIpBlocked($ips, $site);
if (count($blocks) > 0) {
if ($this->throwExceptions) {
throw new WDPermissionException(_("Sorry, your IP address is blocked from participating in and modifying this site."));
} else {
return false;
}
}
}
if (strpos($action, "thread")) {
$authorString = _("author of the thread");
} else {
$authorString = _("author of the post");
}
//action code
$ac = self::$forumActions[$action];
//permission string
$ps = $category->getPermissionString();
//throw new WDPermissionException($ps);
// first try anonymous and registered to save effort
$uc = self::$userClasses['anonymous'];
if ($this->permissionLookup($ac, $uc, $ps)) {
// ok, anyone can.
// but check ip blocks.
if ($this->checkUserBlocks && $user) {
//if(!$user){
// $ips = Ozone::getRunData()->createIpString();
//
// $blocks = $this->checkIpBlocked($ips, $site);
// if(count($blocks)>0){
//
// if($this->throwExceptions){
// throw new WDPermissionException(_("Sorry, your IP address is blocked from participating in and modifying this site."));
// }else{
// return false;
// }
// }
//}
//if($user){
$block = $this->checkUserBlocked($user, $site);
if ($block) {
if ($this->throwExceptions) {
$message = _("Sorry, you are blocked from participating in and modifying this site. ");
if ($block->getReason() && $block->getReason() != '') {
$message .= _("The given reason is:") . " <p>" . htmlspecialchars($block->getReason()) . "</p>";
}
throw new WDPermissionException($message);
//throw new WDPermissionException("Sorry, you are blocked from participating in and modifying this site. " .
// "The given reason is: \"".htmlspecialchars($block->getReason())."\"");
} else {
return false;
}
}
//}
}
return true;
} elseif (!$user) {
// anonymous can not and the user is only anonymous. game over.
// throw new WDPermissionException($ps);
$m = $this->generateMessage($action, $uc, $ps, 'forum', array("o" => $authorString));
$this->handleFalse($m);
return false;
}
// ok, check registered now
$uc = self::$userClasses['registered'];
if ($this->permissionLookup($ac, $uc, $ps)) {
// check blocked users
if ($this->checkUserBlocks) {
$block = $this->checkUserBlocked($user, $site);
if ($block) {
if ($this->throwExceptions) {
$message = _("Sorry, you are blocked from participating in and modifying this site. ");
if ($block->getReason() && $block->getReason() != '') {
$message .= _("The given reason is:") . " <p>" . htmlspecialchars($block->getReason()) . "</p>";
}
throw new WDPermissionException($message);
//throw new WDPermissionException("Sorry, you are blocked from participating in and modifying this site. " .
// "The given reason is: \"".htmlspecialchars($block->getReason())."\"");
} else {
return false;
}
}
}
return true;
}
// ok, a "premium feature" or what... need to check members now...
$uc = self::$userClasses['member'];
if ($this->permissionLookup($ac, $uc, $ps)) {
// ok, members CAN do this. is the user a member?
$c = new Criteria();
$c->add("site_id", $category->getSiteId());
$c->add("user_id", $user->getUserId());
$rel = DB_MemberPeer::instance()->selectOne($c);
if ($rel) {
return true;
}
}
/*// still nothing. check if owner of the page
if($page && $page->getOwnerUserId() && $user->getUserId() == $page->getOwnerUserId()){
$uc = self::$userClasses['owner'];
if($this->permissionLookup($ac, $uc, $ps)){
return true;
}
}*/
$uc = self::$userClasses['owner'];
if (($post || $thread) && $this->permissionLookup($ac, $uc, $ps)) {
$o = $post ? $post : $thread;
if ($o && $o->getUserId() && $user->getUserId() == $o->getUserId()) {
// check blocked users
if ($this->checkUserBlocks) {
$block = $this->checkUserBlocked($user, $site);
if ($block) {
if ($this->throwExceptions) {
$message = _("Sorry, you are blocked from participating in and modifying this site. ");
if ($block->getReason() && $block->getReason() != '') {
$message .= _("The given reason is:") . " <p>" . htmlspecialchars($block->getReason()) . "</p>";
}
throw new WDPermissionException($message);
//throw new WDPermissionException("Sorry, you are blocked from participating in and modifying this site. " .
// "The given reason is: \"".htmlspecialchars($block->getReason())."\"");
} else {
return false;
}
}
}
return true;
}
}
// still nothing. check if moderator of "forum".
$c = new Criteria();
$c->add("site_id", $category->getSiteId());
$c->add("user_id", $user->getUserId());
$rel = DB_ModeratorPeer::instance()->selectOne($c);
if ($rel && strpos($rel->getPermissions(), 'f') !== false) {
return true;
}
// still nothing. check if admin.
$c = new Criteria();
$c->add("site_id", $category->getSiteId());
$c->add("user_id", $user->getUserId());
$rel = DB_AdminPeer::instance()->selectOne($c);
if ($rel) {
return true;
}
$m = $this->generateMessage($action, $uc, $ps, 'forum', array("o" => $authorString));
$this->handleFalse($m);
return false;
}
public function saveThreadMetaEvent($runData)
{
$pl = $runData->getParameterList();
$threadId = $pl->getParameterValue("threadId");
$site = $runData->getTemp("site");
$title = $pl->getParameterValue("title");
$description = $pl->getParameterValue("description");
// validate
$errors = array();
if ($title == '') {
$errors['title'] = _("Thread title can not be empty.");
}
if (strlen8($title) > 128) {
$errors['title'] = _("Thread title should not be longer than 128 characters.");
}
if (strlen($description) > 1000) {
$errors['description'] = _("Thread description should not be longer than 1000 characters.");
}
if (count($errors) > 0) {
$runData->ajaxResponseAdd("formErrors", $errors);
throw new ProcessException("Form errors", "form_errors");
}
$db = Database::connection();
$db->begin();
$thread = DB_ForumThreadPeer::instance()->selectByPrimaryKey($threadId);
if ($thread == null || $thread->getSiteId() !== $site->getSiteId()) {
throw new ProcessException(_("No thread found... Is it deleted?"), "no_thread");
}
if ($thread->getBlocked()) {
// check if moderator or admin
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$rel = DB_ModeratorPeer::instance()->selectOne($c);
if (!$rel || strpos($rel->getPermissions(), 'f') == false) {
$rel = DB_AdminPeer::instance()->selectOne($c);
if (!$rel) {
throw new WDPermissionException(_("Sorry, this thread is blocked. Meta information can not be edited."));
}
}
}
$category = $thread->getCategory();
WDPermissionManager::instance()->hasForumPermission('edit_thread', $runData->getUser(), $category, $thread);
$changed = false;
$title = trim($title);
$description = trim($description);
if ($title !== $thread->getTitle()) {
$changed = true;
$thread->setTitle($title);
}
if ($description !== $thread->getDescription()) {
$changed = true;
$thread->setDescription($description);
}
if ($changed) {
$thread->save();
EventLogger::instance()->logSaveThreadMeta($thread);
}
$o = new Outdater();
$o->forumEvent("thread_save", $thread);
// index thread
Indexer::instance()->indexThread($thread);
$db->commit();
if (GlobalProperties::$UI_SLEEP) {
sleep(1);
}
}