public function execute()
{
if (false === ($group = GWF_Group::getByID(Common::getGet('gid')))) {
return $this->module->error('err_unk_group');
}
if ($group->isOptionEnabled(GWF_Group::VISIBLE_MEMBERS)) {
} else {
switch ($group->getVisibleMode()) {
case GWF_Group::VISIBLE:
break;
case GWF_Group::COMUNITY:
if (!GWF_Session::isLoggedIn()) {
return GWF_HTML::err('ERR_NO_PERMISSION');
}
break;
case GWF_Group::HIDDEN:
case GWF_Group::SCRIPT:
if (!GWF_User::isInGroupS($group->getVar('group_name'))) {
return $this->module->error('err_not_invited');
}
break;
default:
return GWF_HTML::err('ERR_GENERAL', array(__FILE__, __LINE__));
}
}
return $this->templateUsers($group);
}
public function onDeleteFolder($folderid)
{
# Permission
$folderid = (int) $folderid;
$user = GWF_Session::getUser();
if (false === ($folder = GWF_PMFolder::getByID($folderid)) || $folder->getVar('pmf_uid') !== $user->getID()) {
return $this->module->error('err_folder_perm');
}
# Delete PMs$result
$count = 0;
$pms = GDO::table('GWF_PM');
$uid = $user->getVar('user_id');
$fid = "{$folderid}";
$del = GWF_PM::OWNER_DELETED;
if (false === ($result = $pms->update("pm_options=pm_options|{$del}", "pm_owner={$uid} AND pm_folder={$fid}"))) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
$count += $pms->affectedRows($result);
// $del = GWF_PM::FROM_DELETED;
// if (false === $pms->update("pm_options=pm_options|$del", "pm_from=$uid AND pm_from_folder=$fid")) {
// return GWF_HTML::err('ERR_DATABASE', array( __FILE__, __LINE__));
// }
// $count += $pms->affectedRows();
if ($folderid > 2) {
# Delete Folder
if (false === $folder->delete()) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
}
# Done
return $this->module->message('msg_folder_deleted', array($folder->display('pmf_name'), $count));
}
private function onThanks()
{
if (false === ($post = $this->module->getCurrentPost())) {
return $this->module->error('err_post');
}
if (false === $this->module->cfgThanksEnabled()) {
return $this->module->error('err_thanks_off');
}
if (false === ($user = GWF_Session::getUser())) {
return GWF_HTML::err('ERR_GENERAL', __FILE__, __LINE__);
}
if ($post->hasThanked($user)) {
return $this->module->error('err_thank_twice');
}
if ($post->getUserID() === $user->getID()) {
return $this->module->error('err_thank_self');
}
if (false === $post->onThanks($this->module, $user)) {
return GWF_HTML::err('ERR_DATABASE', __FILE__, __LINE__);
}
if ($this->module->isAjax()) {
return '1:' . $post->getThanksCount();
} else {
return $this->module->message('msg_thanked', $post->getShowHREF());
}
}
public function execute()
{
require_once GWF_CORE_PATH . 'module/WeChall/WC_SiteAdmin.php';
if (false === ($site = WC_Site::getByID(Common::getGet('siteid')))) {
return $this->module->error('err_site');
}
$this->site = $site;
if (false === ($is_admin = GWF_User::isInGroupS(GWF_Group::STAFF))) {
if (false === $site->isSiteAdmin(GWF_Session::getUser())) {
return GWF_HTML::err('ERR_NO_PERMISSION');
}
}
if (false !== Common::getPost('add_sitemin')) {
return $this->onAddSitemin($site, $is_admin) . $this->templateEdit($site, $is_admin);
}
if (false !== Common::getPost('rem_sitemin')) {
return $this->onRemSitemin($site, $is_admin) . $this->templateEdit($site, $is_admin);
}
if (false !== Common::getPost('rem_logo')) {
return $this->onRemLogo($site, $is_admin) . $this->templateEdit($site, $is_admin);
}
if (false !== Common::getPost('set_logo')) {
return $this->onSetLogo($site, $is_admin) . $this->templateEdit($site, $is_admin);
}
if (false !== Common::getPost('edit')) {
return $this->onEdit($site, $is_admin) . $this->templateEdit($site, $is_admin);
}
return $this->templateEdit($site, $is_admin);
}
public function isFlooding()
{
$uid = GWF_Session::getUserID();
$uname = GWF_Shoutbox::generateUsername();
$euname = GDO::escape($uname);
$table = GDO::table('GWF_Shoutbox');
$max = $uid === 0 ? $this->module->cfgMaxPerDayGuest() : $this->module->cfgMaxPerDayUser();
// $cut = GWF_Time::getDate(GWF_Time::LEN_SECOND, time()-$this->module->cfgTimeout());
// $cnt = $table->countRows("shout_uname='$euname' AND shout_date>'$cut'");
# Check captcha
if ($this->module->cfgCaptcha()) {
require_once GWF_CORE_PATH . 'inc/3p/Class_Captcha.php';
if (!PhpCaptcha::Validate(Common::getPostString('captcha'), true)) {
return GWF_HTML::err('ERR_WRONG_CAPTCHA');
}
}
# Check date
$timeout = $this->module->cfgTimeout();
$last_date = $table->selectVar('MAX(shout_date)', "shout_uid={$uid} AND shout_uname='{$euname}'");
$last_time = $last_date === NULL ? 0 : GWF_Time::getTimestamp($last_date);
$next_time = $last_time + $timeout;
if ($last_time + $timeout > time()) {
return $this->module->error('err_flood_time', array(GWF_Time::humanDuration($next_time - time())));
}
# Check amount
$today = GWF_Time::getDate(GWF_Date::LEN_SECOND, time() - $timeout);
$count = $table->countRows("shout_uid={$uid} AND shout_date>='{$today}'");
if ($count >= $max) {
return $this->module->error('err_flood_limit', array($max));
}
# All fine
return false;
}
private function onTag(Slay_Song $song)
{
$form = $this->formTag($song);
if (false !== ($error = $form->validateCSRF_WeakS())) {
return $error;
}
$tags = array();
$errors = array();
foreach ($_POST as $k => $v) {
if (Common::startsWith($k, 'tag_')) {
$k = substr($k, 4);
if (Slay_Tag::getByName($k) === false) {
$errors[] = $this->module->lang('err_tag_uk');
} else {
$tags[] = $k;
}
}
}
if (count($errors) > 0) {
return GWF_HTML::error('Slaytags', $errors);
}
$user = GWF_Session::getUser();
if (false === Slay_TagVote::clearVotes($song, $user)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
if (false === Slay_TagVote::addVotes($song, $user, $tags)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
if (false === $song->computeTags()) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
return $this->module->message('msg_tagged');
}
private function onSign(GWF_Guestbook $gb, $gbe = false)
{
$form = $this->getForm($gb);
if (false !== ($errors = $form->validate($this->module))) {
return $errors . $this->templateSign($gb);
}
if ($gb->isLocked()) {
return $this->module->error('err_locked');
}
if (false === ($user = GWF_Session::getUser())) {
$userid = 0;
$username = '******' . $form->getVar('username');
} else {
$userid = $user->getVar('user_id');
$username = $user->getVar('user_name');
}
$options = 0;
$options |= isset($_POST['showmail']) ? GWF_GuestbookMSG::SHOW_EMAIL : 0;
$options |= isset($_POST['public']) ? GWF_GuestbookMSG::SHOW_PUBLIC : 0;
$options |= isset($_POST['toggle']) ? GWF_GuestbookMSG::ALLOW_PUBLIC_TOGGLE : 0;
$options |= $gb->isModerated() ? GWF_GuestbookMSG::IN_MODERATION : 0;
$gbm = new GWF_GuestbookMSG(array('gbm_gbid' => $gb->getID(), 'gbm_date' => GWF_Time::getDate(GWF_Date::LEN_SECOND), 'gbm_username' => $username, 'gbm_uid' => $userid, 'gbm_url' => Common::getPost('url', ''), 'gbm_email' => Common::getPost('email', ''), 'gbm_options' => $options, 'gbm_message' => Common::getPost('message', ''), 'gbm_replyto' => $gbe === false ? 0 : $gbe->getID()));
if (false === $gbm->insert()) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)) . $this->templateSign($gb);
}
$mod_append = $gb->isModerated() ? '_mod' : '';
if ($gb->isModerated()) {
$this->sendEmailModerate($gb, $gbm);
} elseif ($gb->isEMailOnSign()) {
$this->sendEmailSign($gb, $gbm);
}
return $this->module->message('msg_signed' . $mod_append) . $this->module->requestMethodB('Show');
}
public function onVote(WC_Challenge $chall)
{
if ('0' === ($userid = GWF_Session::getUserID())) {
return GWF_HTML::err('ERR_LOGIN_REQUIRED');
}
if (!WC_ChallSolved::hasSolved($userid, $chall->getID())) {
return $this->module->error('err_chall_vote');
}
$form = $this->getFormVote($chall, false, $userid);
if (false !== ($error = $form->validate($this->module))) {
return $error;
}
if (false !== ($vs = $chall->getVotesDif())) {
$vs->onUserVoteSafe($_POST['dif'], $userid);
}
if (false !== ($vs = $chall->getVotesEdu())) {
$vs->onUserVoteSafe($_POST['edu'], $userid);
}
if (false !== ($vs = $chall->getVotesFun())) {
$vs->onUserVoteSafe($_POST['fun'], $userid);
}
if (false === WC_ChallSolved::setVoted($userid, $chall->getID(), true)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
if (false === $chall->onRecalcVotes()) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
return $this->module->message('msg_chall_voted');
}
private function onVote(GWF_VoteMulti $poll, $user)
{
$opts = Common::getPostArray('opt', array());
$taken = array();
$max = $poll->getNumChoices();
foreach ($opts as $i => $stub) {
$i = (int) $i;
if ($i < 1 || $i > $max) {
continue;
}
if (!in_array($i, $taken, true)) {
$taken[] = $i;
}
}
$count = count($taken);
// if ($count === 0) {
// return $this->module->error('err_no_options');
// }
if (!$poll->isMultipleChoice() && $count !== 1) {
return $this->module->error('err_no_multi');
}
if (false === $poll->onVote($user, $taken)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
return $this->module->message('msg_voted', array(htmlspecialchars(GWF_Session::getLastURL())));
}
private function getButtons(GWF_PM $pm)
{
$transid = 'pm_trans_' . $pm->getID();
$u = GWF_Session::getUser();
$buttons = '';
if (false !== ($prevs = $pm->getReplyToPrev())) {
foreach ($prevs as $prev) {
$buttons .= GWF_Button::prev($prev->getDisplayHREF(), $this->module->lang('btn_prev'));
}
}
if (!$pm->hasDeleted($u)) {
$buttons .= GWF_Button::delete($pm->getDeleteHREF($u->getID()), $this->module->lang('btn_delete'));
} else {
$buttons .= GWF_Button::restore($pm->getRestoreHREF(), $this->module->lang('btn_restore'));
}
if ($pm->canEdit($u)) {
$buttons .= GWF_Button::edit($pm->getEditHREF(), $this->module->lang('btn_edit'));
}
$buttons .= GWF_Button::options($pm->getAutoFolderHREF(), $this->module->lang('btn_autofolder'));
if (!$pm->isGuestPM()) {
$buttons .= GWF_Button::reply($pm->getReplyHREF(), $this->module->lang('btn_reply')) . PHP_EOL . GWF_Button::quote($pm->getQuoteHREF(), $this->module->lang('btn_quote'));
}
$u2 = $pm->getOtherUser($u);
$buttons .= GWF_Button::ignore($pm->getIgnoreHREF($pm->getOtherUser($u)), $this->module->lang('btn_ignore', array($u2->display('user_name'))));
$buttons .= GWF_Button::translate($pm->getTranslateHREF(), $this->module->lang('btn_translate'), '', 'gwfGoogleTrans(\'' . $transid . '\'); return false;');
if (false !== ($nexts = $pm->getReplyToNext())) {
foreach ($nexts as $next) {
$buttons .= GWF_Button::next($next->getDisplayHREF(), $this->module->lang('btn_next'));
}
}
return $buttons;
}
public static function getCloud(Module_Links $module)
{
// $db = gdo_db();
$back = array();
if ($module->cfgShowPermitted()) {
$conditions = '';
} else {
$conditions = $module->getPermQuery(GWF_Session::getUser());
}
$table = self::table('GWF_LinksTagMap');
if (false === ($result = $table->select('lt_name, COUNT(*) lt_count, link_score', $conditions, 'lt_name ASC', array('ltm_lid', 'ltm_ltid'), -1, -1, 'lt_name'))) {
return $back;
}
while (false !== ($row = $table->fetch($result, self::ARRAY_A))) {
if ($row['lt_name'] !== NULL) {
$back[] = new GWF_LinksTag($row);
}
}
$table->free($result);
// $map = self::table(__CLASS__);#->getTableName();
// $tags = self::table('GWF_LinksTag')->getTableName();
// $links = self::table('GWF_Links')->getTableName();
// return $map
//
// if (false !== ($result = $db->queryAll("SELECT lt_name, COUNT(*) lt_count, link_score FROM $map LEFT JOIN $tags ON lt_id=ltm_ltid LEFT JOIN $links ON link_id=ltm_lid WHERE $conditions GROUP BY ltm_ltid ORDER BY lt_name ASC ")))
// {
// foreach ($result as $row)
// {
// $back[] = new GWF_LinksTag($row);
// }
// }
// var_dump($back);
return $back;
}
public function execute()
{
# Permissions
if (false === ($gb = GWF_Guestbook::getByID(Common::getGet('gbid')))) {
return $this->module->error('err_gb');
}
if (false === $gb->canModerate(GWF_Session::getUser())) {
return GWF_HTML::err('ERR_NO_PERMISSION');
}
# Toggle Moderation Flag
if (false !== ($state = Common::getGet('set_moderation'))) {
return $this->onSetModeration($gb, Common::getGet('gbmid', 0), $state > 0);
}
# Toggle Public Flag
if (false !== ($state = Common::getGet('set_public'))) {
return $this->onSetPublic($gb, Common::getGet('gbmid', 0), $state > 0);
}
# Edit Guestbook
if (false !== Common::getPost('edit')) {
return $this->onEdit($gb) . $this->templateEditGB($gb);
}
# Edit Single Entry
if (false !== Common::getPost('edit_entry')) {
return $this->onEditEntry($gb, Common::getGet('gbmid', 0), false);
}
if (false !== Common::getPost('del_entry')) {
return $this->onEditEntry($gb, Common::getGet('gbmid', 0), true);
}
if (false !== Common::getGet('edit_entry')) {
return $this->templateEditEntry($gb, Common::getGet('gbmid', 0));
}
return $this->templateEditGB($gb);
}
private function welcome($first_time)
{
if (false === ($user = GWF_Session::getUser())) {
return GWF_HTML::err('ERR_LOGIN_REQUIRED');
}
require_once GWF_CORE_PATH . 'module/Login/GWF_LoginHistory.php';
GWF_Hook::call(GWF_Hook::LOGIN_AFTER, $user, array(GWF_Session::getOrDefault('GWF_LOGIN_BACK', GWF_WEB_ROOT)));
$fails = GWF_Session::getOrDefault('GWF_LOGIN_FAILS', 0);
GWF_Session::remove('GWF_LOGIN_FAILS');
if ($fails > 0) {
$fails = $this->module->lang('err_failures', array($fails));
} else {
$fails = '';
}
$href_hist = $this->module->getMethodURL('History');
$username = $user->display('user_name');
if (false !== ($ll = GWF_LoginHistory::getLastLogin($user->getID()))) {
$last_login = $this->module->lang('msg_last_login', array($ll->displayDate(), $ll->displayIP(), $ll->displayHostname(), $href_hist));
$welcome = $this->module->lang('welcome_back', array($username, $ll->displayDate(), $ll->displayIP()));
} else {
$last_login = '';
$welcome = $this->module->lang('welcome', array($username));
}
$tVars = array('welcome' => $welcome, 'fails' => $fails, 'last_login' => $last_login, 'href_history' => $href_hist);
return $this->module->template('welcome.tpl', $tVars);
}
public function execute()
{
if (false !== ($username = Common::getGet('username'))) {
return $this->templateRankingU($username);
}
return $this->templateRanking(GWF_Session::getUser());
}
function prog2CheckResult(WC_Challenge $chall)
{
if (false === ($user = GWF_Session::getUser())) {
die($chall->lang('err_login'));
}
if (false === ($answer = Common::getGet('answer'))) {
die($chall->lang('err_no_answer'));
}
$solution = GWF_Session::getOrDefault('prog2_solution', false);
$startTime = GWF_Session::getOrDefault('prog2_timeout', false);
if ($solution === false || $startTime === false) {
die($chall->lang('err_no_request'));
}
$back = "";
if (trim($answer) !== $solution) {
$back .= $chall->lang('err_wrong', array(htmlspecialchars($answer, ENT_QUOTES), $solution));
} else {
$back .= $chall->lang('msg_correct');
}
$timeNeeded = microtime(true) - $startTime;
if ($timeNeeded > TIMELIMIT) {
return $back . $chall->lang('err_timeout', array(sprintf('%.02f', $timeNeeded), TIMELIMIT));
}
return trim($answer) === $solution ? true : $back;
}
public function __wakeup()
{
if (false === ($chall = WC_Challenge::getByTitle(GWF_PAGE_TITLE))) {
$chall = WC_Challenge::dummyChallenge(GWF_PAGE_TITLE, 2, 'challenge/are_you_serial/index.php');
}
$chall->onChallengeSolved(GWF_Session::getUserID());
}
private function onAdd()
{
$form = $this->formAdd();
if (false !== ($error = $form->validate($this->module))) {
return $error . $this->templateAdd();
}
$file = $form->getVar('file');
$tmp = $file['tmp_name'];
$postid = $this->post->getID();
$userid = GWF_Session::getUserID();
$options = 0;
$options |= isset($_POST['guest_view']) ? GWF_ForumAttachment::GUEST_VISIBLE : 0;
$options |= isset($_POST['guest_down']) ? GWF_ForumAttachment::GUEST_DOWNLOAD : 0;
# Put in db
$attach = new GWF_ForumAttachment(array('fatt_aid' => 0, 'fatt_uid' => $userid, 'fatt_pid' => $postid, 'fatt_mime' => GWF_Upload::getMimeType($tmp), 'fatt_size' => filesize($tmp), 'fatt_downloads' => 0, 'fatt_filename' => $file['name'], 'fatt_options' => $options, 'fatt_date' => GWF_Time::getDate(GWF_Date::LEN_SECOND)));
if (false === $attach->insert()) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
$aid = $attach->getID();
# Copy file
$path = $attach->dbimgPath();
if (false === GWF_Upload::moveTo($file, $path)) {
@unlink($tmp);
return GWF_HTML::err('ERR_WRITE_FILE', $path);
}
@unlink($tmp);
$this->post->increase('post_attachments', 1);
return $this->module->message('msg_attach_added', array($this->post->getShowHREF()));
}
public static function generateUsername()
{
if (false !== ($user = GWF_Session::getUser())) {
return $user->getVar('user_name');
} else {
return abs(crc32($_SERVER['REMOTE_ADDR']));
}
}
function dldc_cleanup()
{
$table = GDO::table('DLDC_User');
$table->deleteWhere("wechall_userid=" . GWF_Session::getUserID());
if ($table->affectedRows() > 0) {
echo GWF_HTML::message('Disclosures', 'We have deleted your old account for this challenge!', false);
}
}
private function onAdvSearch(GWF_Form $form)
{
$table = GDO::table('GWF_Links');
if (false === ($matches = $table->searchAdv(GWF_Session::getUser(), $form->getVars()))) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)) . $this->templateSearch(array(), '');
}
return $this->templateSearch($matches, '');
}
public static function redirectBack()
{
$url = GWF_WEB_ROOT;
if (false !== ($url2 = GWF_Session::getLastURL())) {
$url = GWF_WEB_ROOT . ltrim($url2, '/');
}
self::redirect($url);
}
private function getHighlightCountry()
{
if (false === ($user = GWF_Session::getUser()) || '0' === ($cid = $user->getVar('user_countryid'))) {
return GWF_IP2Country::detectCountryID();
} else {
return $cid;
}
}
private function getTicketCountStaff()
{
$uid = GWF_Session::getUserID();
$read = GWF_HelpdeskTicket::STAFF_READ;
if (0 == ($c = GDO::table('GWF_HelpdeskTicket')->countRows("hdt_worker={$uid} AND hdt_options&{$read}=0"))) {
return '';
}
return "[{$c}]";
}
private static function validateCaptcha($context, GWF_Form $form, $validator, $key)
{
if (GWF_Session::getOrDefault('php_captcha', false) !== strtoupper($form->getVar($key))) {
$form->onNewCaptcha();
return GWF_HTML::lang('ERR_WRONG_CAPTCHA');
}
// GWF_Session::remove('php_captcha');
$form->onSolvedCaptcha();
return false;
}
public function validate_subscr(Module_Forum $module, $arg)
{
if (!GWF_ForumOptions::isValidSubscr($arg)) {
return $this->module->lang('err_subscr_mode');
}
if ($arg !== 'none' && !GWF_Session::getUser()->hasValidMail()) {
return $this->module->lang('err_no_valid_mail');
}
return false;
}
private function onCrossLoginB(GWF_User $user)
{
if ($user->isDeleted()) {
return GWF_HTML::err('ERR_NO_PERMISSION');
}
if (false === GWF_Session::onLogin($user, false, true)) {
return $this->module->error('ERR_GENERAL', array(__FILE__, __LINE__));
}
return $this->module->message('msg_cross_login');
}
public function execute()
{
if (false === ($gb = GWF_Guestbook::getByID(Common::getGet('gb')))) {
return $this->module->error('err_gb');
}
if (false === $gb->canModerate(GWF_Session::getUser())) {
return GWF_HTML::err('ERR_NO_PERMISSION');
}
return $this->templateModerate();
}
function www_basic_go(WC_Challenge $chall, $url, $content)
{
if (false === ($response = GWF_HTTP::getFromURL($url))) {
echo GWF_HTML::error('WWW Basics', $chall->lang('err_file_not_found'));
} elseif ($response !== $content) {
echo GWF_HTML::error('WWW Basics', $chall->lang('err_wrong', array(htmlspecialchars($response), htmlspecialchars($content), strlen($response), strlen($content))));
} else {
$chall->onChallengeSolved(GWF_Session::getUserID());
}
}
/**
* toggle panels
* @see core/inc/GWF_Method#execute($this->module)
*/
public function execute()
{
if (false !== ($state = Common::getGet('leftpanel'))) {
GWF_Session::set('WC_LEFT_PANEL', $state > 0);
GWF_Website::redirectBack();
} elseif (false !== ($state = Common::getGet('rightpanel'))) {
GWF_Session::set('WC_RIGHT_PANEL', $state > 0);
GWF_Website::redirectBack();
}
}
public static function getOnChange()
{
# TODO: Use GWF_DOMAIN?
if (isset($_SERVER['HTTP_HOST']) === false) {
return '';
}
$current_url = htmlspecialchars(GWF_Session::getCurrentURL(), ENT_QUOTES);
$url = Common::getProtocol() . '://' . $_SERVER['HTTP_HOST'] . '/';
return 'window.location = \'' . $url . '\'+this.value+\'' . $current_url . '\'; return true;';
}
