/** * This function builds the the queries for the backup * * @param string $query * @param string $table * * @return array */ public function buildInsertQueries($query, $table) { if (!($result = $this->_config->getDb()->query($query))) { []; } $ret = []; $ret[] = "\r\n-- Table: " . $table; while ($row = $this->_config->getDb()->fetchArray($result)) { $p1 = []; $p2 = []; foreach ($row as $key => $val) { $p1[] = $key; if ('rights' != $key && is_numeric($val)) { $p2[] = $val; } else { if (is_null($val)) { $p2[] = 'NULL'; } else { $p2[] = sprintf("'%s'", $this->_config->getDb()->escape($val)); } } } $ret[] = "INSERT INTO " . $table . " (" . implode(",", $p1) . ") VALUES (" . implode(",", $p2) . ");"; } return $ret; }
/** * Sends a notification to user who added a question * * @param string $email Email address of the user * @param string $userName Name of the user * @param string $url URL of answered FAQ * * @return void */ public function sendOpenQuestionAnswered($email, $userName, $url) { $this->mail->addTo($email, $userName); $this->mail->subject = $this->config->get('main.titleFAQ') . ' - ' . $this->pmfStr['msgQuestionAnswered']; $this->mail->message = sprintf($this->pmfStr['msgMessageQuestionAnswered'], $this->config->get('main.titleFAQ')) . "\n\r" . $url; $this->mail->send(); }
/** * Returns all relevant articles for a FAQ record with the same language * * @param integer $recordId FAQ ID * @param string $question FAQ title * @param string $keywords FAQ keywords * * @return array */ public function getAllRelatedById($recordId, $question, $keywords) { $terms = str_replace('-', ' ', $question) . $keywords; $search = PMF_Search_Factory::create($this->_config, array('database' => PMF_Db::getType())); $search->setTable(PMF_Db::getTablePrefix() . 'faqdata AS fd')->setResultColumns(array('fd.id AS id', 'fd.lang AS lang', 'fcr.category_id AS category_id', 'fd.thema AS question', 'fd.content AS answer'))->setJoinedTable(PMF_Db::getTablePrefix() . 'faqcategoryrelations AS fcr')->setJoinedColumns(array('fd.id = fcr.record_id', 'fd.lang = fcr.record_lang'))->setConditions(array('fd.active' => "'yes'", 'fd.lang' => "'" . $this->_config->getLanguage()->getLanguage() . "'"))->setMatchingColumns(array('fd.thema', 'fd.content', 'fd.keywords')); $result = $search->search($terms); return $this->_config->getDb()->fetchAll($result); }
/** * Get an array with minimalistic attachment meta data * * @return array */ public function getBreadcrumbs() { $retval = array(); $query = sprintf("\n SELECT\n fa.id AS ID,\n fa.record_id AS record_id,\n fa.record_lang AS record_lang,\n fa.filename AS filename,\n fa.filesize AS filesize,\n fa.mime_type AS mime_type,\n fd.thema AS thema\n FROM\n %s fa\n JOIN\n %s fd\n ON\n fa.record_id = fd.id\n GROUP BY\n fa.id", PMF_Db::getTablePrefix() . 'faqattachment', PMF_Db::getTablePrefix() . 'faqdata'); $result = $this->config->getDb()->query($query); if ($result) { $retval = $this->config->getDb()->fetchAll($result); } return $retval; }
/** * Create a matrix for representing categories and faq records * * @return array */ public function getCategoryRecordsMatrix() { $matrix = []; $query = sprintf(' SELECT fcr.category_id AS id_cat, fd.id AS id FROM %sfaqdata fd INNER JOIN %sfaqcategoryrelations fcr ON fd.id = fcr.record_id AND fd.lang = fcr.category_lang ORDER BY fcr.category_id, fd.id', PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix()); $result = $this->_config->getDb()->query($query); if ($this->_config->getDb()->numRows($result) > 0) { while ($row = $this->_config->getDb()->fetchObject($result)) { $matrix[$row->id_cat][$row->id] = true; } } return $matrix; }
/** * This function checks the content against a bad word list if the banned * word spam protection has been activated from the general phpMyFAQ * configuration. * * @param string $content * * @return bool */ public function checkBannedWord($content) { // Sanity checks $content = PMF_String::strtolower(trim($content)); if ('' === $content || !$this->_config->get('spam.checkBannedWords')) { return true; } // Check if we check more than one word $checkWords = explode(' ', $content); if (1 === count($checkWords)) { $checkWords = array($content); } $bannedWords = $this->getBannedWords(); // We just search a match of, at least, one banned word into $content if (is_array($bannedWords)) { foreach ($bannedWords as $bannedWord) { foreach ($checkWords as $word) { if (PMF_String::strtolower($word) === PMF_String::strtolower($bannedWord)) { return false; } } } } return true; }
/** * Delete old captcha records. * * During normal use the <b>faqcaptcha</b> table would be empty, on average: * each record is created when a captcha image is showed to the user * and deleted upon a successful matching, so, on average, a record * in this table is probably related to a spam attack. * * @param int $time The time (sec) to define a captcha code old and ready * to be deleted (default: 1 week) * @return void */ private function garbageCollector($time = 604800) { $delete = sprintf("\n DELETE FROM \n %sfaqcaptcha \n WHERE \n captcha_time < %d", PMF_Db::getTablePrefix(), $_SERVER['REQUEST_TIME'] - $time); $this->_config->getDb()->query($delete); $delete = sprintf("\n DELETE FROM\n %sfaqcaptcha\n WHERE\n useragent = '%s' AND language = '%s' AND ip = '%s'", PMF_Db::getTablePrefix(), $this->userAgent, $this->_config->getLanguage()->getLanguage(), $this->ip); $this->_config->getDb()->query($delete); }
/** * Generates a huge array for the report * @return array */ public function getReportingData() { $report = []; $query = sprintf("\n SELECT\n fd.id AS id,\n fd.lang AS lang,\n fcr.category_id AS category_id,\n c.name as category_name,\n c.parent_id as parent_id,\n fd.sticky AS sticky,\n fd.thema AS question,\n fd.author AS original_author,\n fd.datum AS creation_date,\n fv.visits AS visits,\n u.display_name AS last_author\n FROM\n %sfaqdata fd\n LEFT JOIN\n %sfaqcategoryrelations fcr\n ON\n (fd.id = fcr.record_id AND fd.lang = fcr.record_lang)\n LEFT JOIN\n %sfaqvisits fv\n ON\n (fd.id = fv.id AND fd.lang = fv.lang)\n LEFT JOIN\n %sfaqchanges as fc\n ON\n (fd.id = fc.id AND fd.lang = fc.lang)\n LEFT JOIN\n %sfaquserdata as u\n ON\n (u.user_id = fc.usr)\n LEFT JOIN\n %sfaqcategories as c\n ON\n (c.id = fcr.category_id AND c.lang = fcr.record_lang)\n ORDER BY\n fd.id\n ASC", PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix()); $result = $this->_config->getDb()->query($query); $lastId = 0; while ($row = $this->_config->getDb()->fetchObject($result)) { if ($row->id == $lastId) { $report[$row->id]['faq_translations'] += 1; } else { $report[$row->id] = array('faq_id' => $row->id, 'faq_language' => $row->lang, 'category_id' => $row->category_id, 'category_parent' => $row->parent_id, 'category_name' => $row->category_name, 'faq_translations' => 0, 'faq_sticky' => $row->sticky, 'faq_question' => $row->question, 'faq_org_author' => $row->original_author, 'faq_creation' => PMF_Date::createIsoDate($row->creation_date), 'faq_visits' => $row->visits, 'faq_last_author' => $row->last_author); } $lastId = $row->id; } return $report; }
/** * Deletes logging data older than 30 days * * @return boolean */ public function delete() { $query = sprintf("DELETE FROM\n %sfaqadminlog\n WHERE\n time < %d", PMF_Db::getTablePrefix(), $_SERVER['REQUEST_TIME'] - 30 * 86400); if ($this->_config->getDb()->query($query)) { return true; } return false; }
/** * Returns the single instance * * @access static * @return PMF_Configuration */ public static function getInstance() { if (null == self::$instance) { $className = __CLASS__; self::$instance = new $className(); } return self::$instance; }
/** * Deletes an item and definition into the database * * @param integer $id Glossary ID * * @return boolean */ public function deleteGlossaryItem($id) { $query = sprintf("\n DELETE FROM\n %sfaqglossary\n WHERE\n id = %d AND lang = '%s'", PMF_Db::getTablePrefix(), (int) $id, $this->config->getLanguage()->getLanguage()); if ($this->config->getDb()->query($query)) { return true; } return false; }
/** * Deletes a news entry identified by its ID * * @todo check if there are comments attached to the deleted news * * @param integer $id News ID * * @return boolean */ function deleteNews($id) { $query = sprintf("DELETE FROM\n %sfaqnews\n WHERE\n id = %d\n AND\n lang = '%s'", PMF_Db::getTablePrefix(), $id, $this->_config->getLanguage()->getLanguage()); if (!$this->_config->getDb()->query($query)) { return false; } return true; }
/** * Get all the entries from the table faqvisits * * @return array */ public function getAllData() { $data = []; $query = sprintf("\n SELECT\n *\n FROM\n %sfaqvisits\n ORDER BY\n visits DESC", PMF_Db::getTablePrefix()); $result = $this->_config->getDb()->query($query); while ($row = $this->_config->getDb()->fetchObject($result)) { $data[] = array('id' => $row->id, 'lang' => $row->lang, 'visits' => $row->visits, 'last_visit' => $row->last_visit); } return $data; }
/** * Performs a check if an IPv4 or IPv6 address is banned * * @param string $ip IPv4 or IPv6 address * * @return boolean true, if not banned */ public function checkIp($ip) { $bannedIps = explode(' ', $this->_config->get('security.bannedIPs')); foreach ($bannedIps as $ipAddress) { if (0 == strlen($ipAddress)) { continue; } if (false === filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { // Handle IPv4 if ($this->checkForAddrMatchIpv4($ip, $ipAddress)) { return false; } } else { // Handle IPv6 if ($this->checkForAddrMatchIpv6($ip, $ipAddress)) { return false; } } } return true; }
/** * Returns all comments with their categories * * @param string $type Type of comment: faq or news * @return array */ public function getAllComments($type = self::COMMENT_TYPE_FAQ) { $comments = []; $query = sprintf("\n SELECT\n fc.id_comment AS comment_id,\n fc.id AS record_id,\n %s\n fc.usr AS username,\n fc.email AS email,\n fc.comment AS comment,\n fc.datum AS comment_date\n FROM\n %sfaqcomments fc\n %s\n WHERE\n type = '%s'", $type == self::COMMENT_TYPE_FAQ ? "fcg.category_id,\n" : '', PMF_Db::getTablePrefix(), $type == self::COMMENT_TYPE_FAQ ? "LEFT JOIN\n " . PMF_Db::getTablePrefix() . "faqcategoryrelations fcg\n ON\n fc.id = fcg.record_id\n" : '', $type); $result = $this->config->getDb()->query($query); if ($this->config->getDb()->numRows($result) > 0) { while ($row = $this->config->getDb()->fetchObject($result)) { $comments[] = array('comment_id' => $row->comment_id, 'record_id' => $row->record_id, 'category_id' => isset($row->category_id) ? $row->category_id : null, 'content' => $row->comment, 'date' => $row->comment_date, 'username' => $row->username, 'email' => $row->email); } } return $comments; }
/** * Check if at least one faq has been tagged with a tag * * @return boolean */ public function existTagRelations() { $query = sprintf(' SELECT COUNT(record_id) AS n FROM %sfaqdata_tags', PMF_Db::getTablePrefix()); $result = $this->_config->getDb()->query($query); if ($row = $this->_config->getDb()->fetchObject($result)) { return $row->n > 0; } return false; }
/** * @param integer $limit Specify the maximum amount of records to return * * @return Array $tagId => $tagFrequency */ public function getPopularTags($limit = 0) { $tags = []; $query = sprintf("\n SELECT\n COUNT(record_id) as freq, tagging_id\n FROM\n %sfaqdata_tags\n JOIN\n %sfaqdata ON id = record_id\n WHERE\n lang = '%s'\n GROUP BY tagging_id\n ORDER BY freq DESC", PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), $this->_config->getLanguage()->getLanguage()); $result = $this->_config->getDb()->query($query); if ($result) { while ($row = $this->_config->getDb()->fetchObject($result)) { $tags[$row->tagging_id] = $row->freq; if (--$limit === 0) { break; } } } return $tags; }
/** * Deletes the user-data entry for the given user-ID $userId. * Returns true on success, otherwise false. * * @param integer $userId User ID * @return bool */ public function delete($userId) { $userId = (int) $userId; if ($userId <= 0 && $userId != -1) { return false; } $this->userId = $userId; $delete = sprintf("\n DELETE FROM\n %sfaquserdata\n WHERE\n user_id = %d", PMF_Db::getTablePrefix(), $this->userId); $res = $this->config->getDb()->query($delete); if (!$res) { return false; } $this->data = array(); return true; }
/** * Calculates the rating of the user votings * * @param integer $id * * @return string */ function getVotingResult($id) { $query = sprintf(' SELECT (vote/usr) as voting, usr FROM %sfaqvoting WHERE artikel = %d', PMF_Db::getTablePrefix(), $id); $result = $this->_config->getDb()->query($query); if ($this->_config->getDb()->numRows($result) > 0) { $row = $this->_config->getDb()->fetchObject($result); return sprintf(' %s (' . $this->plr->GetMsg('plmsgVotes', $row->usr) . ')', round($row->voting, 2)); } else { return '0 (' . $this->plr->GetMsg('plmsgVotes', 0) . ')'; } }
/** * Calculates the number of visits per day the last 30 days * * @returns array */ public function getLast30DaysVisits() { $stats = $visits = array(); $startDate = strtotime('-1 month'); $endDate = $_SERVER['REQUEST_TIME']; $query = sprintf("\n SELECT\n time\n FROM\n %sfaqsessions\n WHERE\n time > %d\n AND\n time < %d;", PMF_Db::getTablePrefix(), $startDate, $endDate); $result = $this->config->getDb()->query($query); while ($row = $this->config->getDb()->fetchObject($result)) { $visits[] = $row->time; } for ($date = $startDate; $date <= $endDate; $date += 86400) { $stats[date('Y-m-d', $date)] = 0; } foreach ($visits as $visitDate) { $stats[date('Y-m-d', $visitDate)]++; } return $stats; }
/** * Generates the export * * @param integer $categoryId Category Id * @param boolean $downwards If true, downwards, otherwise upward ordering * @param string $language Language * * @return string */ public function generate($categoryId = 0, $downwards = true, $language = '') { global $PMF_LANG; // Initialize categories $this->category->transform($categoryId); $faqdata = $this->faq->get(FAQ_QUERY_TYPE_EXPORT_XML, $categoryId, $downwards, $language); $version = PMF_Configuration::getInstance()->get('main.currentVersion'); $comment = sprintf('XHTML output by phpMyFAQ %s | Date: %s', $version, PMF_Date::createIsoDate(date("YmdHis"))); $this->xml->startDocument('1.0', 'utf-8'); $this->xml->writeDtd('html', '-//W3C//DTD XHTML 1.0 Transitional//EN', 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'); $this->xml->startElement('html'); $this->xml->writeAttribute('xmlns', 'http://www.w3.org/1999/xhtml'); $this->xml->writeAttribute('xml:lang', $language); $this->xml->writeComment($comment); $this->xml->startElement('head'); $this->xml->writeElement('title', PMF_Configuration::getInstance()->get('main.titleFAQ')); $this->xml->startElement('meta'); $this->xml->writeAttribute('http-equiv', 'Content-Type'); $this->xml->writeAttribute('content', 'application/xhtml+xml; charset=utf-8'); $this->xml->endElement(); $this->xml->endElement(); // </head> $this->xml->startElement('body'); $this->xml->writeAttribute('dir', $PMF_LANG['dir']); if (count($faqdata)) { $lastCategory = 0; foreach ($faqdata as $data) { if ($data['category_id'] != $lastCategory) { $this->xml->writeElement('h1', $this->category->getPath($data['category_id'], ' >> ')); } $this->xml->writeElement('h2', strip_tags($data['topic'])); $this->xml->writeElement('p', $data['content']); $this->xml->writeElement('p', $PMF_LANG['msgAuthor'] . ': ' . $data['author_email']); $this->xml->writeElement('p', $PMF_LANG['msgLastUpdateArticle'] . PMF_Date::createIsoDate($data['lastmodified'])); $lastCategory = $data['category_id']; } } $this->xml->endElement(); // </body> $this->xml->endElement(); // </html> header('Content-type: text/html'); return $this->xml->outputMemory(); }
/** * @static * @param PMF_Configuration $faqConfig */ public static function init(PMF_Configuration $faqConfig) { $config = array(); if ($faqConfig->get('cache.varnishEnable')) { $config[VARNISH_CONFIG_PORT] = $faqConfig->get('cache.varnishPort'); $config[VARNISH_CONFIG_SECRET] = $faqConfig->get('cache.varnishSecret'); $config[VARNISH_CONFIG_TIMEOUT] = $faqConfig->get('cache.varnishTimeout'); $config[VARNISH_CONFIG_HOST] = $faqConfig->get('cache.varnishHost'); self::$instance = new PMF_Cache_Varnish($config); } else { self::$instance = new PMF_Cache_Dummy($config); } }
/** * Return the latest news data * * @param boolean $showArchive Show archived news * @param boolean $active Show active news * @param boolean $forceConfLimit Force to limit in configuration * @return string */ public function getLatestData($showArchive = false, $active = true, $forceConfLimit = false) { $news = array(); $counter = 0; $now = date('YmdHis'); $faqconfig = PMF_Configuration::getInstance(); $query = sprintf("\n SELECT\n *\n FROM\n %sfaqnews\n WHERE\n date_start <= '%s'\n AND \n date_end >= '%s'\n %s\n AND\n lang = '%s'\n ORDER BY\n datum DESC", SQLPREFIX, $now, $now, $active ? "AND active = 'y'" : '', $this->language); $result = $this->db->query($query); if ($faqconfig->get('main.numberOfShownNewsEntries') > 0 && $this->db->num_rows($result) > 0) { while ($row = $this->db->fetch_object($result)) { $counter++; if ($showArchive && $counter > $faqconfig->get('main.numberOfShownNewsEntries') || !$showArchive && !$forceConfLimit && $counter <= $faqconfig->get('main.numberOfShownNewsEntries') || !$showArchive && $forceConfLimit) { $item = array('id' => $row->id, 'lang' => $row->lang, 'date' => $row->datum, 'lang' => $row->lang, 'header' => $row->header, 'content' => $row->artikel, 'authorName' => $row->author_name, 'authorEmail' => $row->author_email, 'dateStart' => $row->date_start, 'dateEnd' => $row->date_end, 'active' => 'y' == $row->active, 'allowComments' => 'y' == $row->comment, 'link' => $row->link, 'linkTitle' => $row->linktitel, 'target' => $row->target); $news[] = $item; } } } return $news; }
/** * Check on user and group permissions and on duplicate FAQs * * @param array $resultset Array with search results * * @return void */ public function reviewResultset(array $resultset) { $this->setResultset($resultset); $duplicateResults = []; $currentUserId = $this->user->getUserId(); if ('medium' === $this->_config->get('security.permLevel')) { $currentGroupIds = $this->user->perm->getUserGroups($currentUserId); } else { $currentGroupIds = array(-1); } foreach ($this->rawResultset as $result) { $permission = false; // check permissions for groups if ('medium' === $this->_config->get('security.permLevel')) { $groupPermission = $this->faq->getPermission('group', $result->id); if (count($groupPermission) && in_array($groupPermission[0], $currentGroupIds)) { $permission = true; } } // check permission for user if ($permission || 'basic' === $this->_config->get('security.permLevel')) { $userPermission = $this->faq->getPermission('user', $result->id); if (in_array(-1, $userPermission) || in_array($this->user->getUserId(), $userPermission)) { $permission = true; } else { $permission = false; } } // check on duplicates if (!isset($duplicateResults[$result->id])) { $duplicateResults[$result->id] = 1; } else { ++$duplicateResults[$result->id]; continue; } if ($permission) { $this->reviewedResultset[] = $result; } } $this->setNumberOfResults($this->reviewedResultset); }
/** * Returns an array of country codes for a specific FAQ record ID, * specific category ID or all languages used by FAQ records , categories * * @param integer $id ID * @param string $table Specifies table * * @return array */ public function languageAvailable($id, $table = 'faqdata') { $output = []; if (isset($id)) { if ($id == 0) { // get languages for all ids $distinct = ' DISTINCT '; $where = ''; } else { // get languages for specified id $distinct = ''; $where = " WHERE id = " . $id; } $query = sprintf("\n SELECT %s\n lang\n FROM\n %s%s\n %s", $distinct, PMF_Db::getTablePrefix(), $table, $where); $result = $this->config->getDb()->query($query); if ($this->config->getDb()->numRows($result) > 0) { while ($row = $this->config->getDb()->fetchObject($result)) { $output[] = $row->lang; } } } return $output; }
/** * Generates the export * * @param integer $categoryId Category Id * @param boolean $downwards If true, downwards, otherwise upward ordering * @param string $language Language * * @return string */ public function generate($categoryId = 0, $downwards = true, $language = '') { // Initialize categories $this->category->transform($categoryId); $faqdata = $this->faq->get(FAQ_QUERY_TYPE_EXPORT_XML, $categoryId, $downwards, $language); $version = PMF_Configuration::getInstance()->get('main.currentVersion'); $comment = sprintf('XML output by phpMyFAQ %s | Date: %s', $version, PMF_Date::createIsoDate(date("YmdHis"))); $this->xml->startDocument('1.0', 'utf-8', 'yes'); $this->xml->writeComment($comment); $this->xml->startElement('phpmyfaq'); if (count($faqdata)) { foreach ($faqdata as $data) { // Build the <article/> node $this->xml->startElement('article'); $this->xml->writeAttribute('id', $data['id']); $this->xml->writeElement('language', $data['lang']); $this->xml->writeElement('category', $this->category->getPath($data['category_id'], ' >> ')); if (!empty($data['keywords'])) { $this->xml->writeElement('keywords', $data['keywords']); } else { $this->xml->writeElement('keywords'); } $this->xml->writeElement('question', strip_tags($data['topic'])); $this->xml->writeElement('answer', PMF_String::htmlspecialchars($data['content'])); if (!empty($data['author_name'])) { $this->xml->writeElement('author', $data['author_name']); } else { $this->xml->writeElement('author'); } $this->xml->writeElement('data', PMF_Date::createIsoDate($data['lastmodified'])); $this->xml->endElement(); } } $this->xml->endElement(); header('Content-type: text/xml'); return $this->xml->outputMemory(); }
function sendAskedQuestion($username, $usermail, $usercat, $content) { global $PMF_LANG, $faq; $retval = false; $faqconfig = PMF_Configuration::getInstance(); $categoryNode = new PMF_Category_Node(); if ($faqconfig->get('records.enableVisibilityQuestions')) { $visibility = 'N'; } else { $visibility = 'Y'; } $questionData = array('id' => null, 'username' => $username, 'email' => $usermail, 'category_id' => $usercat, 'question' => $content, 'date' => date('YmdHis'), 'is_visible' => $visibility); list($user, $host) = explode("@", $questionData['email']); if (PMF_Filter::filterVar($questionData['email'], FILTER_VALIDATE_EMAIL) != false) { $faqQuestions = new PMF_Faq_Questions(); $faqQuestions->create($questionData); $categoryData = $categoryNode->fetch($questionData['category_id']); $questionMail = "User: "******", mailto:" . $questionData['email'] . "\n" . $PMF_LANG["msgCategory"] . ": " . $categoryData->name . "\n\n" . wordwrap($content, 72); $userId = $categoryData->user_id; $oUser = new PMF_User(); $oUser->getUserById($userId); $userEmail = $oUser->getUserData('email'); $mainAdminEmail = $faqconfig->get('main.administrationMail'); $mail = new PMF_Mail(); $mail->unsetFrom(); $mail->setFrom($questionData['email'], $questionData['username']); $mail->addTo($mainAdminEmail); // Let the category owner get a copy of the message if ($userEmail && $mainAdminEmail != $userEmail) { $mail->addCc($userEmail); } $mail->subject = '%sitename%'; $mail->message = $questionMail; $retval = $mail->send(); } return $retval; }
/** * Returns all records from the current first letter * * @param string $letter Letter * @return array * @since 2007-03-30 * @author Thorsten Rinne <*****@*****.**> */ public function getRecordsFromLetter($letter = 'A') { global $sids, $PMF_LANG; if ($this->groupSupport) { $permPart = sprintf("( fdg.group_id IN (%s)\n OR\n (fdu.user_id = %d AND fdg.group_id IN (%s)))", implode(', ', $this->groups), $this->user, implode(', ', $this->groups)); } else { $permPart = sprintf("( fdu.user_id = %d OR fdu.user_id = -1 )", $this->user); } $letter = PMF_String::strtoupper($this->_config->getDb()->escape(PMF_String::substr($letter, 0, 1))); $writeMap = ''; switch ($this->type) { case 'db2': case 'sqlite': $query = sprintf("\n SELECT\n fd.thema AS thema,\n fd.id AS id,\n fd.lang AS lang,\n fcr.category_id AS category_id,\n fd.content AS snap\n FROM\n %sfaqcategoryrelations fcr,\n %sfaqdata fd\n LEFT JOIN\n %sfaqdata_group AS fdg\n ON\n fd.id = fdg.record_id\n LEFT JOIN\n %sfaqdata_user AS fdu\n ON\n fd.id = fdu.record_id\n WHERE\n fd.id = fcr.record_id\n AND\n SUBSTR(fd.thema, 1, 1) = '%s'\n AND\n fd.lang = '%s'\n AND\n fd.active = 'yes'\n AND\n %s", PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), $letter, $this->_config->getLanguage()->getLanguage(), $permPart); break; default: $query = sprintf("\n SELECT\n fd.thema AS thema,\n fd.id AS id,\n fd.lang AS lang,\n fcr.category_id AS category_id,\n fd.content AS snap\n FROM\n %sfaqcategoryrelations fcr,\n %sfaqdata fd\n LEFT JOIN\n %sfaqdata_group AS fdg\n ON\n fd.id = fdg.record_id\n LEFT JOIN\n %sfaqdata_user AS fdu\n ON\n fd.id = fdu.record_id\n WHERE\n fd.id = fcr.record_id\n AND\n SUBSTRING(fd.thema, 1, 1) = '%s'\n AND\n fd.lang = '%s'\n AND\n fd.active = 'yes'\n AND\n %s", PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), $letter, $this->_config->getLanguage()->getLanguage(), $permPart); break; } $result = $this->_config->getDb()->query($query); $oldId = 0; while ($row = $this->_config->getDb()->fetchObject($result)) { if ($oldId != $row->id) { $title = PMF_String::htmlspecialchars($row->thema, ENT_QUOTES, 'utf-8'); $url = sprintf('%s?%saction=artikel&cat=%d&id=%d&artlang=%s', PMF_Link::getSystemRelativeUri(), $sids, $row->category_id, $row->id, $row->lang); $oLink = new PMF_Link($url, $this->_config); $oLink->itemTitle = $row->thema; $oLink->text = $title; $oLink->tooltip = $title; $writeMap .= '<li>' . $oLink->toHtmlAnchor() . '<br />' . "\n"; $writeMap .= PMF_Utils::chopString(strip_tags($row->snap), 25) . " ...</li>\n"; } $oldId = $row->id; } $writeMap = empty($writeMap) ? '' : '<ul>' . $writeMap . '</ul>'; return $writeMap; }
/** * Tracks the user and log what he did * * @param string $action String User action string * @param integer $id ID * * @return void */ public function userTracking($action, $id = 0) { global $sid, $user, $botBlacklist; $faqconfig = PMF_Configuration::getInstance(); if (!$faqconfig->get('main.enableUserTracking')) { return; } $bots = 0; $agent = $_SERVER['HTTP_USER_AGENT']; $sid = PMF_Filter::filterInput(INPUT_GET, PMF_GET_KEY_NAME_SESSIONID, FILTER_VALIDATE_INT); $sidc = PMF_Filter::filterInput(INPUT_COOKIE, PMF_COOKIE_NAME_SESSIONID, FILTER_VALIDATE_INT); if (!is_null($sidc)) { $sid = $sidc; } if ($action == "old_session") { $sid = null; } foreach ($botBlacklist as $bot) { if (strpos($agent, $bot)) { $bots++; } } if ($bots > 0) { return; } if (!isset($sid)) { $sid = $this->db->nextID(SQLPREFIX . "faqsessions", "sid"); // Sanity check: force the session cookie to contains the current $sid if (!is_null($sidc) && !$sidc != $sid) { self::setCookie($sid); } $query = sprintf("\n INSERT INTO \n %sfaqsessions\n (sid, user_id, ip, time)\n VALUES\n (%d, %d, '%s', %d)", SQLPREFIX, $sid, $user ? $user->getUserId() : -1, $_SERVER["REMOTE_ADDR"], $_SERVER['REQUEST_TIME']); $this->db->query($query); } $data = $sid . ';' . str_replace(';', ',', $action) . ';' . $id . ';' . $_SERVER['REMOTE_ADDR'] . ';' . str_replace(';', ',', $_SERVER['QUERY_STRING']) . ';' . str_replace(';', ',', isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '') . ';' . str_replace(';', ',', urldecode($_SERVER['HTTP_USER_AGENT'])) . ';' . $_SERVER['REQUEST_TIME'] . ";\n"; file_put_contents('./data/tracking' . date('dmY'), $data, FILE_APPEND); }
$comment = PMF_Filter::filterInput(INPUT_POST, 'comment', FILTER_SANITIZE_STRIPPED); $message = ''; switch ($type) { case 'news': $id = $newsid; $msgWriteComment = $PMF_LANG['newsWriteComment']; break; case 'faq': default: $id = $faqid; $msgWriteComment = $PMF_LANG['msgWriteComment']; break; } // If e-mail address is set to optional if (!PMF_Configuration::getInstance()->get('main.optionalMailAddress') && is_null($mail)) { $mail = PMF_Configuration::getInstance()->get('main.administrationMail'); } if (!is_null($user) && !is_null($mail) && !is_null($comment) && checkBannedWord(PMF_String::htmlspecialchars($comment)) && IPCheck($_SERVER['REMOTE_ADDR']) && $captcha->checkCaptchaCode($code) && !$faq->commentDisabled($id, $LANGCODE, $type)) { $faqsession->userTracking("save_comment", $id); $commentData = array('record_id' => $id, 'type' => $type, 'username' => $user, 'usermail' => $mail, 'comment' => nl2br($comment), 'date' => $_SERVER['REQUEST_TIME'], 'helped' => ''); if ($faq->addComment($commentData)) { $emailTo = $faqconfig->get('main.administrationMail'); $urlToContent = ''; if ('faq' == $type) { $faq->getRecord($id); if ($faq->faqRecord['email'] != '') { $emailTo = $faq->faqRecord['email']; } $_faqUrl = sprintf('%saction=artikel&cat=%d&id=%d&artlang=%s', $sids, 0, $faq->faqRecord['id'], $faq->faqRecord['lang']); $oLink = new PMF_Link(PMF_Link::getSystemUri() . '?' . $_faqUrl); $oLink->itemTitle = $faq->faqRecord['title'];