function getFullSpot($msgId, $ourUserId, $nntp)
{
SpotTiming::start('SpotsOverview::' . __FUNCTION__);
$fullSpot = $this->_db->getFullSpot($msgId, $ourUserId);
if (empty($fullSpot)) {
/*
* Retrieve a full loaded spot from the NNTP server
*/
$newFullSpot = $nntp->getFullSpot($msgId);
$this->_db->addFullSpots(array($newFullSpot));
/*
* If the current spotterid is empty, we probably now
* have a spotterid because we have the fullspot.
*/
if (empty($fullSpot['spotterid']) && $newFullSpot['verified']) {
$spotSigning = Services_Signing_Base::newServiceSigning();
$newFullSpot['spotterid'] = $spotSigning->calculateSpotterId($newFullSpot['user-key']['modulo']);
/*
* Update the spotterid in the spots table so it can be filtered later on
*/
$this->_db->updateSpotInfoFromFull($newFullSpot);
}
# if
/*
* We ask our DB to retrieve the fullspot again, this ensures
* us all information is present and in always the same format
*/
$fullSpot = $this->_db->getFullSpot($msgId, $ourUserId);
}
# if
/**
* We'll overwrite our spot info from the database with some information we parse from the
* XML. This is necessary because the XML contains better encoding.
*
* For example take the titel from spot bdZZdJ3gPxTAmSE%40spot.net.
*
* We cannot use all information from the XML because because some information just
* isn't present in the XML file
*/
$spotParser = new SpotParser();
$parsedXml = $spotParser->parseFull($fullSpot['fullxml']);
$fullSpot = array_merge($parsedXml, $fullSpot);
$fullSpot['title'] = $parsedXml['title'];
/*
* When we retrieve a fullspot entry but there is no spot entry the join in our DB query
* causes us to never get the spot, hence we throw this exception
*/
if (empty($fullSpot)) {
throw new Exception("Spot is not in our Spotweb database");
}
# if
SpotTiming::stop('SpotsOverview::' . __FUNCTION__, array($msgId, $ourUserId, $nntp, $fullSpot));
return $fullSpot;
}
function render()
{
$formMessages = array('errors' => array(), 'info' => array());
# Controleer de users' rechten
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_report_spam, '');
# Sportparser is nodig voor het escapen van de random string
$spotParser = new SpotParser();
# spot signing is nodig voor het RSA signen van de spot en dergelijke
$spotSigning = Services_Signing_Base::newServiceSigning();
# creeer een default report
$report = array('body' => 'This is SPAM!', 'inreplyto' => $this->_inReplyTo, 'newmessageid' => '', 'randomstr' => '');
# reportpost verzoek was standaard niet geprobeerd
$postResult = array();
# zet de page title
$this->_pageTitle = "report: report spot";
/*
* bring the forms' action into the local scope for
* easier access
*/
$formAction = $this->_reportForm['action'];
# Make sure the anonymous user and reserved usernames cannot post content
$spotUser = new SpotUserSystem($this->_db, $this->_settings);
if (!$spotUser->allowedToPost($this->_currentSession['user'])) {
$postResult = array('result' => 'notloggedin');
$formAction = '';
}
# if
if ($formAction == 'post') {
# Notificatiesysteem initialiseren
$spotsNotifications = new SpotNotifications($this->_db, $this->_settings, $this->_currentSession);
# zorg er voor dat alle variables ingevuld zijn
$report = array_merge($report, $this->_reportForm);
# vraag de users' privatekey op
$this->_currentSession['user']['privatekey'] = $this->_db->getUserPrivateRsaKey($this->_currentSession['user']['userid']);
# het messageid krijgen we met <>'s, maar we werken
# in spotweb altijd zonder, dus die strippen we
$report['newmessageid'] = substr($report['newmessageid'], 1, -1);
# valideer of we dit report kunnen posten, en zo ja, doe dat dan
$spotPosting = new SpotPosting($this->_db, $this->_settings);
$formMessages['errors'] = $spotPosting->reportSpotAsSpam($this->_currentSession['user'], $report);
if (empty($formMessages['errors'])) {
$postResult = array('result' => 'success');
# en verstuur een notificatie
$spotsNotifications->sendReportPosted($report['inreplyto']);
} else {
$postResult = array('result' => 'failure');
}
# else
}
# if
#- display stuff -#
$this->template('spamreport', array('postreportform' => $report, 'formmessages' => $formMessages, 'postresult' => $postResult));
}
function createSystem()
{
global $settings;
global $_testInstall_Ok;
try {
/*
* The settings system is used to create a lot of output,
* we swallow it all
*/
ob_start();
/*
* Now create the database ...
*/
$settings['db'] = $_SESSION['spotsettings']['db'];
$spotUpgrader = new SpotUpgrader($settings['db'], $settings);
$spotUpgrader->database();
/*
* and create all the different settings (only the default) ones
*/
$spotUpgrader->settings();
/*
* Create the users
*/
$spotUpgrader->users();
/*
* print all the output as HTML comment for debugging
*/
$dbCreateOutput = ob_get_contents();
ob_end_clean();
/*
* Now it is time to do something with
* the information the user has given to us
*/
$db = new SpotDb($_SESSION['spotsettings']['db']);
$db->connect();
/*
* add the database settings to the main settings array for now
*/
$settings['db'] = $_SESSION['spotsettings']['db'];
/* and create the database settings */
$spotSettings = SpotSettings::singleton($db, $settings);
/*
* Update the NNTP settings in the databas
*/
$spotSettings->set('nntp_nzb', $_SESSION['spotsettings']['nntp']['nzb']);
$spotSettings->set('nntp_hdr', $_SESSION['spotsettings']['nntp']['hdr']);
$spotSettings->set('nntp_post', $_SESSION['spotsettings']['nntp']['post']);
/*
* Create the given user
*/
$spotUserSystem = new SpotUserSystem($db, $spotSettings);
$spotUser = $_SESSION['spotsettings']['adminuser'];
/*
* Create a private/public key pair for this user
*/
$spotSigning = Services_Signing_Base::newServiceSigning();
$userKey = $spotSigning->createPrivateKey($spotSettings->get('openssl_cnf_path'));
$spotUser['publickey'] = $userKey['public'];
$spotUser['privatekey'] = $userKey['private'];
/*
* and actually add the user
*/
$userId = $spotUserSystem->addUser($spotUser);
# Change the administrators' account password to that of this created user
$adminUser = $spotUserSystem->getUser(SPOTWEB_ADMIN_USERID);
$adminUser['newpassword1'] = $spotUser['newpassword1'];
$spotUserSystem->setUserPassword($adminUser);
# update the settings with our system type and our admin id
$spotSettings->set('custom_admin_userid', $userId);
$spotSettings->set('systemtype', $spotUser['systemtype']);
# Set the system type
$spotUpgrader->resetSystemType($spotUser['systemtype']);
/*
* Create the necessary database connection information
*/
$dbConnectionString = '';
switch ($_SESSION['spotsettings']['db']['engine']) {
case 'mysql':
$dbConnectionString .= "\$dbsettings['engine'] = 'mysql';" . PHP_EOL;
$dbConnectionString .= "\$dbsettings['host'] = '" . $_SESSION['spotsettings']['db']['host'] . "';" . PHP_EOL;
$dbConnectionString .= "\$dbsettings['dbname'] = '" . $_SESSION['spotsettings']['db']['dbname'] . "';" . PHP_EOL;
$dbConnectionString .= "\$dbsettings['user'] = '******'spotsettings']['db']['user'] . "';" . PHP_EOL;
$dbConnectionString .= "\$dbsettings['pass'] = '******'spotsettings']['db']['pass'] . "';" . PHP_EOL;
break;
# mysql
# mysql
case 'postgresql':
$dbConnectionString .= "\$dbsettings['engine'] = 'pdo_pgsql';" . PHP_EOL;
$dbConnectionString .= "\$dbsettings['host'] = '" . $_SESSION['spotsettings']['db']['host'] . "';" . PHP_EOL;
$dbConnectionString .= "\$dbsettings['dbname'] = '" . $_SESSION['spotsettings']['db']['dbname'] . "';" . PHP_EOL;
$dbConnectionString .= "\$dbsettings['user'] = '******'spotsettings']['db']['user'] . "';" . PHP_EOL;
$dbConnectionString .= "\$dbsettings['pass'] = '******'spotsettings']['db']['pass'] . "';" . PHP_EOL;
break;
# postgresql
}
# switch
# Try to create the dbsettings.inc.php file for the user
@file_put_contents("dbsettings.inc.php", "<?php" . PHP_EOL . $dbConnectionString);
$createdDbSettings = file_exists("dbsettings.inc.php");
?>
<table summary="PHP settings">
<tr> <th colspan='2'> Installation succesful </th> </tr>
<tr> <td colspan='2'> Spotweb has been installed succesfuly! </td> </tr>
<tr> <td colspan='2'> </td> </tr>
<?php
if (!$createdDbSettings) {
?>
<tr>
<td> → </td>
<td>
You need to create a textfile with the database settings in it. Please copy & paste the below
exactly in a file called <i>dbsettings.inc.php</i>.
<pre><?php
echo "<?php " . PHP_EOL . $dbConnectionString;
?>
</pre>
</td>
</tr>
<?php
}
?>
<tr>
<td> → </td>
<td>
Spotweb retrieves its information from the newsservers, this is called "retrieving" or retrieval of Spots.
You need to schedule a retrieval job to run <i>retrieve.php</i> on a regular basis. The first time retrieval
is run this can take up to several hours before completion.
</td>
</tr>
</table>
<?php
echo '<!-- ' . $dbCreateOutput . ' -->';
} catch (Exception $x) {
?>
<div id='error'><?php
echo $x->getMessage();
?>
<?php
echo $x->getTraceAsString();
?>
<br /><br />
</div>
<?php
}
# exception
}
function render()
{
$formMessages = array('errors' => array(), 'info' => array());
# Validate proper permissions
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_post_comment, '');
# Sportparser is nodig voor het escapen van de random string
$spotParser = new SpotParser();
# spot signing is nodig voor het RSA signen van de spot en dergelijke
$spotSigning = Services_Signing_Base::newServiceSigning();
# creeer een default comment zodat het form altijd
# de waardes van het form kan renderen
$comment = array('body' => '', 'rating' => 0, 'inreplyto' => $this->_inReplyTo, 'newmessageid' => '', 'randomstr' => '');
# postcomment verzoek was standaard niet geprobeerd
$postResult = array();
# zet de page title
$this->_pageTitle = "spot: post comment";
/*
* bring the forms' action into the local scope for
* easier access
*/
$formAction = $this->_commentForm['action'];
# Make sure the anonymous user and reserved usernames cannot post content
$spotUser = new SpotUserSystem($this->_db, $this->_settings);
if (!$spotUser->allowedToPost($this->_currentSession['user'])) {
$postResult = array('result' => 'notloggedin');
$formAction = '';
}
# if
if ($formAction == 'post') {
# zorg er voor dat alle variables ingevuld zijn
$comment = array_merge($comment, $this->_commentForm);
# vraag de users' privatekey op
$this->_currentSession['user']['privatekey'] = $spotUser->getUserPrivateRsaKey($this->_currentSession['user']['userid']);
# het messageid krijgen we met <>'s, maar we werken
# in spotweb altijd zonder, dus die strippen we
$comment['newmessageid'] = substr($comment['newmessageid'], 1, -1);
# valideer of we deze comment kunnen posten, en zo ja, doe dat dan
$spotPosting = new SpotPosting($this->_db, $this->_settings);
$formMessages['errors'] = $spotPosting->postComment($this->_currentSession['user'], $comment);
if (empty($formMessages['errors'])) {
/* Format the body so we can have smilies and stuff be shown in the template */
$tmpBody = $this->_tplHelper->formatContent($comment['body']);
/* Try to create the avatar */
if (!empty($this->_currentSession['user']['avatar'])) {
$comment['user-avatar'] = $this->_currentSession['user']['avatar'];
} else {
$spotSigning = Services_Signing_Base::newServiceSigning();
$tmpKey = $spotSigning->getPublicKey($this->_currentSession['user']['privatekey']);
$comment['user-key'] = $tmpKey['publickey'];
}
# else
$commentImage = $this->_tplHelper->makeCommenterImageUrl($comment);
/* and return the result to the system */
$postResult = array('result' => 'success', 'user' => $this->_currentSession['user']['username'], 'spotterid' => $spotSigning->calculateSpotterId($this->_currentSession['user']['publickey']), 'rating' => $comment['rating'], 'body' => $tmpBody, 'commentimage' => $commentImage);
} else {
$postResult = array('result' => 'failure');
}
# else
}
# if
#- display stuff -#
$this->template('postcomment', array('postcommentform' => $comment, 'formmessages' => $formMessages, 'postresult' => $postResult));
}
function updateUserPreferences()
{
$userList = $this->_db->getUserList();
# loop through every user and fix it
foreach ($userList as $user) {
/*
* Because we do not get all users' properties from
* getUserList, retrieve the users' settings from scratch
*/
$user = $this->_db->getUser($user['userid']);
# set the users' preferences
$this->setSettingIfNot($user['prefs'], 'perpage', 25);
$this->setSettingIfNot($user['prefs'], 'date_formatting', 'human');
$this->setSettingIfNot($user['prefs'], 'normal_template', 'we1rdo');
$this->setSettingIfNot($user['prefs'], 'mobile_template', 'we1rdo');
$this->setSettingIfNot($user['prefs'], 'tablet_template', 'we1rdo');
$this->setSettingIfNot($user['prefs'], 'count_newspots', true);
$this->setSettingIfNot($user['prefs'], 'mouseover_subcats', true);
$this->setSettingIfNot($user['prefs'], 'keep_seenlist', true);
$this->setSettingIfNot($user['prefs'], 'auto_markasread', true);
$this->setSettingIfNot($user['prefs'], 'keep_downloadlist', true);
$this->setSettingIfNot($user['prefs'], 'keep_watchlist', true);
$this->setSettingIfNot($user['prefs'], 'nzb_search_engine', 'nzbindex');
$this->setSettingIfNot($user['prefs'], 'show_filesize', true);
$this->setSettingIfNot($user['prefs'], 'show_reportcount', true);
$this->setSettingIfNot($user['prefs'], 'show_nzbbutton', true);
$this->setSettingIfNot($user['prefs'], 'show_multinzb', true);
$this->setSettingIfNot($user['prefs'], 'customcss', '');
$this->setSettingIfNot($user['prefs'], 'newspotdefault_tag', $user['username']);
$this->setSettingIfNot($user['prefs'], 'newspotdefault_body', '');
$this->setSettingIfNot($user['prefs'], 'user_language', 'nl_NL');
$this->setSettingIfNot($user['prefs'], 'show_avatars', true);
$this->setSettingIfNot($user['prefs'], 'usemailaddress_for_gravatar', true);
$this->setSettingIfNot($user['prefs']['nzbhandling'], 'action', 'disable');
$this->setSettingIfNot($user['prefs']['nzbhandling'], 'local_dir', '/tmp');
$this->setSettingIfNot($user['prefs']['nzbhandling'], 'prepare_action', 'merge');
$this->setSettingIfNot($user['prefs']['nzbhandling'], 'command', '');
$this->setSettingIfNot($user['prefs']['nzbhandling']['sabnzbd'], 'url', '');
$this->setSettingIfNot($user['prefs']['nzbhandling']['sabnzbd'], 'apikey', '');
$this->setSettingIfNot($user['prefs']['nzbhandling']['nzbget'], 'host', '');
$this->setSettingIfNot($user['prefs']['nzbhandling']['nzbget'], 'port', '');
$this->setSettingIfNot($user['prefs']['nzbhandling']['nzbget'], 'username', '');
$this->setSettingIfNot($user['prefs']['nzbhandling']['nzbget'], 'password', '');
$this->setSettingIfNot($user['prefs']['nzbhandling']['nzbget'], 'timeout', 15);
$this->setSettingIfNot($user['prefs']['notifications']['boxcar'], 'email', '');
$this->setSettingIfNot($user['prefs']['notifications']['growl'], 'host', '');
$this->setSettingIfNot($user['prefs']['notifications']['growl'], 'password', '');
$this->setSettingIfNot($user['prefs']['notifications']['nma'], 'api', '');
$this->setSettingIfNot($user['prefs']['notifications']['notifo'], 'username', '');
$this->setSettingIfNot($user['prefs']['notifications']['notifo'], 'api', '');
$this->setSettingIfNot($user['prefs']['notifications']['prowl'], 'apikey', '');
$this->setSettingIfNot($user['prefs']['notifications']['twitter'], 'screen_name', '');
$this->setSettingIfNot($user['prefs']['notifications']['twitter'], 'request_token', '');
$this->setSettingIfNot($user['prefs']['notifications']['twitter'], 'request_token_secret', '');
$this->setSettingIfNot($user['prefs']['notifications']['twitter'], 'access_token', '');
$this->setSettingIfNot($user['prefs']['notifications']['twitter'], 'access_token_secret', '');
$notifProviders = Notifications_Factory::getActiveServices();
foreach ($notifProviders as $notifProvider) {
$this->setSettingIfNot($user['prefs']['notifications'][$notifProvider], 'enabled', false);
$this->setSettingIfNot($user['prefs']['notifications'][$notifProvider]['events'], 'watchlist_handled', false);
$this->setSettingIfNot($user['prefs']['notifications'][$notifProvider]['events'], 'nzb_handled', false);
$this->setSettingIfNot($user['prefs']['notifications'][$notifProvider]['events'], 'retriever_finished', false);
$this->setSettingIfNot($user['prefs']['notifications'][$notifProvider]['events'], 'report_posted', false);
$this->setSettingIfNot($user['prefs']['notifications'][$notifProvider]['events'], 'spot_posted', false);
$this->setSettingIfNot($user['prefs']['notifications'][$notifProvider]['events'], 'user_added', false);
$this->setSettingIfNot($user['prefs']['notifications'][$notifProvider]['events'], 'newspots_for_filter', false);
}
// foreach
# make sure a sort preference is defined. An empty field means relevancy
$this->setSettingIfNot($user['prefs'], 'defaultsortfield', '');
# Remove deprecated preferences
$this->unsetSetting($user['prefs'], 'search_url');
$this->unsetSetting($user['prefs'], 'template');
$this->unsetSetting($user['prefs']['notifications'], 'libnotify');
# Make sure the user has a valid RSA key
if ($user['userid'] > 2) {
$rsaKey = $this->_db->getUserPrivateRsaKey($user['userid']);
if (empty($rsaKey)) {
# Creer een private en public key paar voor deze user
$spotSigning = Services_Signing_Base::newServiceSigning();
$userKey = $spotSigning->createPrivateKey($this->_settings->get('openssl_cnf_path'));
$this->_db->setUserRsaKeys($user['userid'], $userKey['public'], $userKey['private']);
}
# if
}
# if
# update the user record in the database
$this->_db->setUser($user);
}
# foreach
}
function createServerKeys($openSslCnfPath)
{
$spotSigning = Services_Signing_Base::newServiceSigning();
$x = $spotSigning->createPrivateKey($openSslCnfPath);
$this->setIfNot('publickey', $x['public']);
$this->setIfNot('privatekey', $x['private']);
}
function getCleanRandomString($len)
{
$spotParser = new SpotParser();
$spotSigning = Services_Signing_Base::newServiceSigning();
return substr($spotParser->specialString(base64_encode($spotSigning->makeRandomStr($len))), 0, $len);
}
function render()
{
$formMessages = array('errors' => array(), 'info' => array());
# Controleer de users' rechten
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_create_new_user, '');
# creeer een default spotuser zodat het form altijd
# de waardes van het form kan renderen
$spotUser = array('username' => '', 'firstname' => '', 'lastname' => '', 'mail' => '');
# createuser resultaat is standaard niet geprobeerd
$createResult = array();
# Instantieer het Spot user system
$spotUserSystem = new SpotUserSystem($this->_db, $this->_settings);
# zet de page title
$this->_pageTitle = "spot: create user";
/*
* bring the forms' action into the local scope for
* easier access
*/
$formAction = $this->_createUserForm['action'];
# Is dit een submit van een form, of nog maar de aanroep?
if ($formAction == 'create') {
# userid zetten we altijd op false voor het maken van een
# nieuwe user, omdat validateUserRecord() anders denkt
# dat we een bestaande user aan het bewerken zijn en we bv.
# het mailaddress niet controleren op dubbelen behalve 'zichzelf'
$this->_createUserForm['userid'] = false;
# creeer een random password voor deze user
$spotUser['newpassword1'] = substr($spotUserSystem->generateUniqueId(), 1, 9);
$spotUser['newpassword2'] = $spotUser['newpassword1'];
# valideer de user
$spotUser = array_merge($spotUser, $this->_createUserForm);
$formMessages['errors'] = $spotUserSystem->validateUserRecord($spotUser, false);
# Is er geen andere user met dezelfde username?
$userIdForName = $this->_db->findUserIdForName($spotUser['username']);
if (!empty($userIdForName)) {
$formMessages['errors'][] = sprintf(_("'%s' already exists"), $spotUser['username']);
}
# if
if (empty($formMessages['errors'])) {
# Creer een private en public key paar voor deze user
$spotSigning = Services_Signing_Base::newServiceSigning();
$userKey = $spotSigning->createPrivateKey($this->_settings->get('openssl_cnf_path'));
$spotUser['publickey'] = $userKey['public'];
$spotUser['privatekey'] = $userKey['private'];
# Notificatiesysteem initialiseren
$spotsNotifications = new SpotNotifications($this->_db, $this->_settings, $this->_currentSession);
# voeg de user toe
$spotUserSystem->addUser($spotUser);
# als het toevoegen van de user gelukt is, laat het weten
$createResult = array('result' => 'success');
$formMessages['info'][] = sprintf(_("User <strong>"%s"</strong> successfully added"), $spotUser['username']);
$formMessages['info'][] = sprintf(_("Password: <strong>"%s"</strong>"), $spotUser['newpassword1']);
# verstuur een e-mail naar de nieuwe gebruiker als daar om is gevraagd
$sendMail = isset($this->_createUserForm['sendmail']);
if ($sendMail || $this->_settings->get('sendwelcomemail')) {
$spotsNotifications->sendNewUserMail($spotUser);
}
# if
# en verstuur een notificatie
$spotsNotifications->sendUserAdded($spotUser['username'], $spotUser['newpassword1']);
} else {
$createResult = array('result' => 'failure');
}
# else
}
# if
#- display stuff -#
$this->template('createuser', array('createuserform' => $spotUser, 'formmessages' => $formMessages, 'createresult' => $createResult));
}
require_once "NNTP/Client.php";
require_once "lib/exceptions/CustomException.php";
require_once "lib/exceptions/NntpException.php";
require_once "lib/services/Signing/Services_Signing_Base.php";
require_once "lib/SpotSecurity.php";
require_once "lib/SpotTiming.php";
require_once "settings.php";
require_once "lib/SpotDb.php";
define('USERID', 30);
/* -------------------------------------------------------------------- */
echo "Included PHP classes... " . PHP_EOL;
$db = new SpotDb($settings['db']);
$db->connect();
echo "Connected to the database.." . PHP_EOL;
$spotSettings = SpotSettings::singleton($db, $settings);
$spotSigning = Services_Signing_Base::newServiceSigning();
$spotPosting = new SpotPosting($db, $spotSettings);
$spotUserSystem = new SpotUserSystem($db, $spotSettings);
echo "Initialized classes.." . PHP_EOL;
$rsaKeys = $spotSettings->get('rsa_keys');
$retriever = new SpotRetriever_Spots($spotSettings->get('nntp_hdr'), $db, $spotSettings, $rsaKeys, '', $spotSettings->get('retrieve_full'));
$msgdata = $retriever->connect($spotSettings->get('hdr_group'));
var_dump($msgdata);
# Connct thru our own NNTP session to the server so we have an XOVER list
$headerServer = $spotSettings->get('nntp_hdr');
$spotnntp = new SpotNntp($spotSettings->get('nntp_hdr'));
# $spotnntp->selectGroup($spotSettings->get('hdr_group'));
$spotnntp->selectGroup('alt.test');
$hdrList = $spotnntp->getOverview(3042000, 3042636);
foreach ($hdrList as $msgid => $msgheader) {
$spotParser = new SpotParser();
function __construct()
{
$this->_spotSigning = Services_Signing_Base::newServiceSigning();
}
function render()
{
$formMessages = array('errors' => array(), 'info' => array());
# Validate proper permissions
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_post_spot, '');
# Sportparser is nodig voor het escapen van de random string
$spotParser = new SpotParser();
# spot signing is nodig voor het RSA signen van de spot en dergelijke
$spotSigning = Services_Signing_Base::newServiceSigning();
# creeer een default spot zodat het form altijd
# de waardes van het form kan renderen
$spot = array('title' => '', 'body' => '', 'category' => 0, 'subcata' => '', 'subcatb' => array(), 'subcatc' => array(), 'subcatd' => array(), 'subcatz' => '', 'tag' => '', 'website' => '', 'newmessageid' => '', 'randomstr' => '');
# postspot verzoek was standaard niet geprobeerd
$postResult = array();
/*
* bring the forms' action into the local scope for
* easier access
*/
$formAction = $this->_spotForm['action'];
# zet de page title
$this->_pageTitle = "spot: post";
# Make sure the anonymous user and reserved usernames cannot post content
$spotUser = new SpotUserSystem($this->_db, $this->_settings);
if (!$spotUser->allowedToPost($this->_currentSession['user'])) {
$postResult = array('result' => 'notloggedin');
$formAction = '';
}
# if
# zorg er voor dat alle variables ingevuld zijn
$spot = array_merge($spot, $this->_spotForm);
# If user tried to submit, validate the file uploads
if ($formAction == 'post') {
# Make sure an NZB file was provided
if (!isset($_FILES['newspotform']) || $_FILES['newspotform']['error']['nzbfile'] != UPLOAD_ERR_OK) {
$formMessages['errors'][] = _('Please select NZB file');
$postResult = array('result' => 'failure');
$formAction = '';
}
# if
# Make sure an imgae file was provided
if (!isset($_FILES['newspotform']) || $_FILES['newspotform']['error']['imagefile'] != UPLOAD_ERR_OK) {
$formMessages['errors'][] = _('Please select a picture');
$postResult = array('result' => 'failure');
$formAction = '';
}
# if
# Make sure the subcategorie are in the proper format
if (is_array($spot['subcata']) || is_array($spot['subcatz']) || !is_array($spot['subcatb']) || !is_array($spot['subcatc']) || !is_array($spot['subcatd'])) {
$formMessages['errors'][] = _('Invalid subcategories given ');
$postResult = array('result' => 'failure');
$formAction = '';
}
# if
}
# if
if ($formAction == 'post') {
# Notificatiesysteem initialiseren
$spotsNotifications = new SpotNotifications($this->_db, $this->_settings, $this->_currentSession);
# en creer een grote lijst met spots
$spot['subcatlist'] = array_merge(array($spot['subcata']), $spot['subcatb'], $spot['subcatc'], $spot['subcatd']);
# vraag de users' privatekey op
$this->_currentSession['user']['privatekey'] = $spotUser->getUserPrivateRsaKey($this->_currentSession['user']['userid']);
# het messageid krijgen we met <>'s, maar we werken
# in spotweb altijd zonder, dus die strippen we
$spot['newmessageid'] = substr($spot['newmessageid'], 1, -1);
# valideer of we deze spot kunnen posten, en zo ja, doe dat dan
$spotPosting = new SpotPosting($this->_db, $this->_settings);
$formMessages['errors'] = $spotPosting->postSpot($this->_currentSession['user'], $spot, $_FILES['newspotform']['tmp_name']['imagefile'], $_FILES['newspotform']['tmp_name']['nzbfile']);
if (empty($formMessages['errors'])) {
$postResult = array('result' => 'success', 'user' => $this->_currentSession['user']['username'], 'spotterid' => $spotSigning->calculateSpotterId($this->_currentSession['user']['publickey']), 'body' => $spot['body']);
$formMessages['info'][] = _('Spot has been successfully uploaded. It can take some time before it is shown');
# en verstuur een notificatie
$spotsNotifications->sendSpotPosted($spot);
} else {
$postResult = array('result' => 'failure');
}
# else
}
# if
#- display stuff -#
$this->template('newspot', array('postspotform' => $spot, 'formmessages' => $formMessages, 'postresult' => $postResult));
}
function getFullSpot($msgId)
{
SpotTiming::start('SpotNntp::' . __FUNCTION__);
# initialize some variables
$spotSigning = Services_Signing_Base::newServiceSigning();
$spot = array('fullxml' => '', 'user-signature' => '', 'user-key' => '', 'verified' => false, 'messageid' => $msgId, 'spotterid' => '', 'xml-signature' => '', 'moderated' => 0, 'user-avatar' => '');
# Vraag de volledige article header van de spot op
SpotTiming::start('SpotNntp::' . __FUNCTION__ . '->getHeader()');
$header = $this->getHeader('<' . $msgId . '>');
SpotTiming::stop('SpotNntp::' . __FUNCTION__ . '->getHeader()', array($header));
# Parse de header
SpotTiming::start('SpotNntp::' . __FUNCTION__ . '->parseHeader()');
$spot = array_merge($spot, $this->parseHeader($header, $spot));
SpotTiming::stop('SpotNntp::' . __FUNCTION__ . '->parseHeader()', array($spot));
# Valideer de signature van de XML, deze is gesigned door de user zelf
SpotTiming::start('SpotNntp::' . __FUNCTION__ . '->verifyFullSpot()');
$spot['verified'] = $spotSigning->verifyFullSpot($spot);
SpotTiming::stop('SpotNntp::' . __FUNCTION__ . '->verifyFullSpot()', array($spot));
# als de spot verified is, toon dan de spotterid van deze user
if ($spot['verified']) {
$spot['spotterid'] = $spotSigning->calculateSpotterId($spot['user-key']['modulo']);
}
# if
# Parse nu de XML file, alles wat al gedefinieerd is eerder wordt niet overschreven
SpotTiming::start('SpotNntp::' . __FUNCTION__ . '->parseFull()');
$spot = array_merge($this->_spotParser->parseFull($spot['fullxml']), $spot);
SpotTiming::stop('SpotNntp::' . __FUNCTION__ . '->parseFull()', array($spot));
SpotTiming::stop('SpotNntp::' . __FUNCTION__, array($spot));
return $spot;
}
