/**
* 发布广播
*
* 广播时如果不用@进行点名,则通知全部成员
*
* @param string text , 必填
* @param string type - user行为/主动广播 , 默认为主动广播
* @return todo array
* @author EasyChen
*/
public function feed_publish()
{
$content = z(t(v('text')));
if (!not_empty($content)) {
return self::send_error(LR_API_ARGS_ERROR, __('INPUT_CHECK_BAD_ARGS', 'TEXT'));
}
$reblog_id = intval(v('fid'));
switch (z(t(v('type')))) {
case 'user':
$type = 3;
break;
case 'todo':
$type = 2;
break;
case 'notice':
$type = 1;
break;
case 'cast':
default:
$type = 4;
}
$sql = "INSERT INTO `feed` ( `content` , `reblog_id` , `uid` , `timeline` , `type` ) VALUES ( '" . s($content) . "' , '" . intval($reblog_id) . "' , '" . intval($_SESSION['uid']) . "' , NOW() , " . intval($type) . " )";
run_sql($sql);
if (db_errno() != 0) {
return self::send_error(LR_API_DB_ERROR, __('API_MESSAGE_DATABASE_ERROR') . db_error());
}
$lid = last_id();
if (intval($lid) < 1) {
return self::send_error(LR_API_DB_ERROR, __('API_MESSAGE_DATABASE_ERROR'));
}
if ($feed = get_feed_by_id($lid, db())) {
// feed 发布成功
// 当用户主动发布时,视为广播,检测at信息
if ($type == 4) {
if ($ats = find_at($content)) {
$sql = "SELECT `id` FROM `user` WHERE (`level` > 0 AND `is_closed` != 1 ) ";
foreach ($ats as $at) {
$at = z(t($at));
if ($gname = get_group_names()) {
if (in_array(strtoupper($at), $gname)) {
if ($ndata = get_group_unames($at)) {
foreach ($ndata as $nname) {
$names[] = $nname;
}
}
} else {
$names[] = $at;
}
} else {
$names[] = $at;
}
}
foreach ($names as $at) {
$at = z(t($at));
if (mb_strlen($at, 'UTF-8') < 2) {
continue;
}
$wsql[] = " `name` = '" . s(t($at)) . "' ";
if (c('at_short_name')) {
if (mb_strlen($at, 'UTF-8') == 2) {
$wsql[] = " `name` LIKE '_" . s($at) . "' ";
}
}
}
if (isset($wsql) && is_array($wsql)) {
$sql = $sql . ' AND ( ' . join(' OR ', $wsql) . ' ) ';
if ($udata = get_data($sql)) {
foreach ($udata as $uitem) {
$myuids[] = $uitem['id'];
}
}
if (isset($myuids) && is_array($myuids)) {
$myuids = array_unique($myuids);
foreach ($myuids as $muid) {
if ($muid != uid()) {
send_notice($muid, __('API_TEXT_AT_IN_CAST', array(uname(), $content)), 2, array('fid' => intval($lid), 'count' => $feed['comment_count']));
}
}
}
}
} else {
// 如果没有at,则认为是@全部人
$sql = "SELECT `id` FROM `user` WHERE `level` > 0 AND `is_closed` != 1 AND `id` !=" . intval(uid());
if ($udata = get_data($sql)) {
foreach ($udata as $uitem) {
$myuids[] = $uitem['id'];
}
if (isset($myuids) && is_array($myuids)) {
$myuids = array_unique($myuids);
foreach ($myuids as $muid) {
if ($muid != uid()) {
send_notice($muid, __('API_TEXT_ADD_CAST', array(uname(), $content)), 2, array('fid' => intval($lid), 'count' => $feed['comment_count']));
}
}
}
}
}
}
return self::send_result($feed);
} else {
return self::send_error(LR_API_DB_ERROR, __('API_MESSAGE_DATABASE_ERROR') . db_error());
}
}
function validation($data, $files)
{
// need to fill in name with document title if it wasn't supplied
if ($data['name'] == '') {
global $CFG, $USER, $COURSE;
require_once "{$CFG->dirroot}/google/lib.php";
if (!($CONSUMER_KEY = get_config('morsle', 'consumer_key'))) {
exit;
}
$owner = strtolower($USER->email);
$owner = strtolower($COURSE->shortname . '@' . $CONSUMER_KEY);
$id = get_doc_id($data['externalurl']);
$feed = get_feed_by_id($owner, $id);
$data['name'] = (string) $feed->title;
$this->_form->_submitValues['name'] = $data['name'];
}
$errors = parent::validation($data, $files);
// Validating Entered url, we are looking for obvious problems only,
// teachers are responsible for testing if it actually works.
// This is not a security validation!! Teachers are allowed to enter "javascript:alert(666)" for example.
// NOTE: do not try to explain the difference between URL and URI, people would be only confused...
if (empty($data['externalurl'])) {
$errors['externalurl'] = get_string('required');
} else {
$morsle = trim($data['externalurl']);
if (empty($morsle)) {
$errors['externalurl'] = get_string('required');
} else {
if (preg_match('|^/|', $morsle)) {
// links relative to server root are ok - no validation necessary
} else {
if (preg_match('|^[a-z]+://|i', $morsle) or preg_match('|^https?:|i', $morsle) or preg_match('|^ftp:|i', $morsle)) {
// normal URL
if (!morsle_appears_valid_url($morsle)) {
$errors['externalurl'] = get_string('invalidurl', 'morsle');
}
} else {
if (preg_match('|^[a-z]+:|i', $morsle)) {
// general URI such as teamspeak, mailto, etc. - it may or may not work in all browsers,
// we do not validate these at all, sorry
} else {
// invalid URI, we try to fix it by adding 'http://' prefix,
// relative links are NOT allowed because we display the link on different pages!
if (!morsle_appears_valid_url('http://' . $morsle)) {
$errors['externalurl'] = get_string('invalidurl', 'morsle');
}
}
}
}
}
}
return $errors;
}