function qa_admin_check_clicks() { if (qa_is_http_post()) { foreach ($_POST as $field => $value) { if (strpos($field, 'admin_') === 0) { @(list($dummy, $postid, $action) = explode('_', $field)); if (strlen($postid) && strlen($action) && qa_admin_single_click($postid, $action)) { qa_redirect(qa_request()); } } } } }
qa_set_template('custom-' . $custompage['pageid']); $qa_content = qa_content_prepare(); $level = qa_get_logged_in_level(); if (!qa_permit_value_error($custompage['permit'], $userid, $level, qa_get_logged_in_flags()) || !isset($custompage['permit'])) { $qa_content['title'] = qa_html($custompage['heading']); $qa_content['custom'] = $custompage['content']; if ($level >= QA_USER_LEVEL_ADMIN) { $qa_content['navigation']['sub'] = array('admin/pages' => array('label' => qa_lang('admin/edit_custom_page'), 'url' => qa_path_html('admin/pages', array('edit' => $custompage['pageid'])))); } } else { $qa_content['error'] = qa_lang_html('users/no_permission'); } return $qa_content; } // Then, see if we should redirect because the 'qa' page is the same as the home page if ($explicitqa && !qa_is_http_post() && !qa_has_custom_home()) { qa_redirect(qa_category_path_request($categories, $categoryid), $_GET); } // Then, if there's a slug that matches no category, check page modules provided by plugins if (!$explicitqa && $countslugs && !isset($categoryid)) { $pagemodules = qa_load_modules_with('page', 'match_request'); $request = qa_request(); foreach ($pagemodules as $pagemodule) { if ($pagemodule->match_request($request)) { qa_set_template('plugin'); return $pagemodule->process_request($request); } } } // Then, check whether we are showing a custom home page if (!$explicitqa && !$countslugs && qa_opt('show_custom_home')) {
/** * Outputs cache to the user */ private function get_cache() { qa_report_process_stage('init_page'); qa_db_connect('qa_page_db_fail_handler'); qa_page_queue_pending(); qa_load_state(); qa_check_login_modules(); if (QA_DEBUG_PERFORMANCE) { if (qa_qa_version_below('1.7')) { qa_usage_mark('setup'); } else { //global $qa_usage; //$qa_usage->mark('setup'); null; } } qa_check_page_clicks(); qa_set_form_security_key(); if (!QA_CACHING_FILE) { $contents = $this->get_cache_db(); } else { $contents = $this->get_cache_file(); } $qa_content = array(); // Dummy contents $userid = qa_get_logged_in_userid(); $questionid = qa_request_part(0); $cookieid = qa_cookie_get(true); if (is_numeric($questionid)) { $question = qa_db_select_with_pending(qa_db_full_post_selectspec($userid, $questionid)); if (is_numeric($questionid) && qa_opt('do_count_q_views') && !preg_match("/^(?:POST|PUT)\$/i", $_SERVER["REQUEST_METHOD"]) && !qa_is_http_post() && qa_is_human_probably() && (!$question['views'] || ($question['lastviewip'] != qa_remote_ip_address() || !isset($question['lastviewip'])) && ($question['createip'] != qa_remote_ip_address() || !isset($question['createip'])) && ($question['userid'] != $userid || !isset($question['userid'])) && ($question['cookieid'] != $cookieid || !isset($question['cookieid'])))) { $qa_content['inc_views_postid'] = $questionid; } else { $qa_content['inc_views_postid'] = null; } qa_do_content_stats($qa_content); } if (QA_DEBUG_PERFORMANCE) { ob_start(); if (qa_qa_version_below('1.7')) { qa_usage_output(); } else { global $qa_usage; $qa_usage->output(); } $contents .= ob_get_contents(); ob_end_clean(); } qa_db_disconnect(); header('Content-type: ' . strtr('^type/^format; charset=utf-8', array('^type' => 'text', '^format' => $this->get_cache_file_extension()))); exit($contents); }
function qa_admin_check_clicks() { if (qa_is_http_post()) { foreach ($_POST as $field => $value) { if (strpos($field, 'admin_') === 0) { @(list($dummy, $entityid, $action) = explode('_', $field)); if (strlen($entityid) && strlen($action)) { if (!qa_check_form_security_code('admin/click', qa_post_text('code'))) { return qa_lang_html('misc/form_security_again'); } elseif (qa_admin_single_click($entityid, $action)) { qa_redirect(qa_request()); } } } } } return null; }
$qa_content['script_rel'][] = 'qa-content/qa-admin.js?' . QA_VERSION; $pluginfiles = glob(QA_PLUGIN_DIR . '*/qa-plugin.php'); foreach ($moduletypes as $type) { $modules = qa_load_modules_with($type, 'init_queries'); foreach ($modules as $name => $module) { $queries = $module->init_queries($tables); if (!empty($queries)) { if (qa_is_http_post()) { qa_redirect('install'); } else { $qa_content['error'] = strtr(qa_lang_html('admin/module_x_database_init'), array('^1' => qa_html($name), '^2' => qa_html($type), '^3' => '<a href="' . qa_path_html('install') . '">', '^4' => '</a>')); } } } } if (qa_is_http_post() && !qa_check_form_security_code('admin/plugins', qa_post_text('qa_form_security_code'))) { $qa_content['error'] = qa_lang_html('misc/form_security_reload'); $showpluginforms = false; } else { $showpluginforms = true; } if (count($pluginfiles)) { foreach ($pluginfiles as $pluginindex => $pluginfile) { $plugindirectory = dirname($pluginfile) . '/'; $hash = qa_admin_plugin_directory_hash($plugindirectory); $showthisform = $showpluginforms && qa_get('show') == $hash; $contents = file_get_contents($pluginfile); $metadata = qa_admin_addon_metadata($contents, array('name' => 'Plugin Name', 'uri' => 'Plugin URI', 'description' => 'Plugin Description', 'version' => 'Plugin Version', 'date' => 'Plugin Date', 'author' => 'Plugin Author', 'author_uri' => 'Plugin Author URI', 'license' => 'Plugin License', 'min_q2a' => 'Plugin Minimum Question2Answer Version', 'min_php' => 'Plugin Minimum PHP Version', 'update' => 'Plugin Update Check URI')); if (strlen(@$metadata['name'])) { $namehtml = qa_html($metadata['name']); } else {
$in = array(); $followpostid = qa_get('follow'); $in['categoryid'] = qa_get_category_field_value('category'); if (!isset($in['categoryid'])) { $in['categoryid'] = qa_get('cat'); } $userid = qa_get_logged_in_userid(); @(list($categories, $followanswer, $completetags) = qa_db_select_with_pending(qa_db_category_nav_selectspec($in['categoryid'], true), isset($followpostid) ? qa_db_full_post_selectspec($userid, $followpostid) : null, qa_db_popular_tags_selectspec(0, QA_DB_RETRIEVE_COMPLETE_TAGS))); if (!isset($categories[$in['categoryid']])) { $in['categoryid'] = null; } if (@$followanswer['basetype'] != 'A') { $followanswer = null; } // Check for permission error $permiterror = qa_user_permit_error('permit_post_q', qa_is_http_post() ? QA_LIMIT_QUESTIONS : null); // only check rate limit later on if ($permiterror) { $qa_content = qa_content_prepare(); switch ($permiterror) { case 'login': $qa_content['error'] = qa_insert_login_links(qa_lang_html('question/ask_must_login'), qa_request(), isset($followpostid) ? array('follow' => $followpostid) : null); break; case 'confirm': $qa_content['error'] = qa_insert_login_links(qa_lang_html('question/ask_must_confirm'), qa_request(), isset($followpostid) ? array('follow' => $followpostid) : null); break; case 'limit': $qa_content['error'] = qa_lang_html('question/ask_limit'); break; default: $qa_content['error'] = qa_lang_html('users/no_permission');
} if ($question['basetype'] == 'Q') { $qa_content['a_list']['title_tags'] = 'id="a_list_title"'; if ($countfortitle > 0) { $split = $countfortitle == 1 ? qa_lang_html_sub_split('question/1_answer_title', '1', '1') : qa_lang_html_sub_split('question/x_answers_title', $countfortitle); if ($microdata) { $split['data'] = '<span itemprop="answerCount">' . $split['data'] . '</span>'; } $qa_content['a_list']['title'] = $split['prefix'] . $split['data'] . $split['suffix']; } else { $qa_content['a_list']['title_tags'] .= ' style="display:none;" '; } } if (!$formrequested) { $qa_content['page_links'] = qa_html_page_links(qa_request(), $pagestart, $pagesize, $countforpages, qa_opt('pages_prev_next'), array(), false, 'a_list_title'); } // Some generally useful stuff if (qa_using_categories() && count($categories)) { $qa_content['navigation']['cat'] = qa_category_navigation($categories, $question['categoryid']); } if (isset($jumptoanchor)) { $qa_content['script_onloads'][] = array('qa_scroll_page_to($("#"+' . qa_js($jumptoanchor) . ').offset().top);'); } // Determine whether this request should be counted for page view statistics if (qa_opt('do_count_q_views') && !$formrequested && !qa_is_http_post() && qa_is_human_probably() && (!$question['views'] || ($question['lastviewip'] != qa_remote_ip_address() || !isset($question['lastviewip'])) && ($question['createip'] != qa_remote_ip_address() || !isset($question['createip'])) && ($question['userid'] != $userid || !isset($question['userid'])) && ($question['cookieid'] != $cookieid || !isset($question['cookieid'])))) { $qa_content['inc_views_postid'] = $questionid; } return $qa_content; /* Omit PHP closing tag to help avoid accidental output */
function ra_installed_plugin() { $tables = qa_db_list_tables_lc(); $moduletypes = qa_list_module_types(); $pluginfiles = glob(QA_PLUGIN_DIR . '*/qa-plugin.php'); foreach ($moduletypes as $type) { $modules = qa_load_modules_with($type, 'init_queries'); foreach ($modules as $name => $module) { $queries = $module->init_queries($tables); if (!empty($queries)) { if (qa_is_http_post()) { qa_redirect('install'); } else { $qa_content['error'] = strtr(qa_lang_html('admin/module_x_database_init'), array('^1' => qa_html($name), '^2' => qa_html($type), '^3' => '<a href="' . qa_path_html('install') . '">', '^4' => '</a>')); } } } } if (qa_is_http_post() && !qa_check_form_security_code('admin/plugins', qa_post_text('qa_form_security_code'))) { $qa_content['error'] = qa_lang_html('misc/form_security_reload'); $showpluginforms = false; } else { $showpluginforms = true; } $plugin = array(); if (count($pluginfiles)) { foreach ($pluginfiles as $pluginindex => $pluginfile) { $plugindirectory = dirname($pluginfile) . '/'; $hash = qa_admin_plugin_directory_hash($plugindirectory); $showthisform = $showpluginforms && qa_get('show') == $hash; $contents = file_get_contents($pluginfile); $metadata = qa_admin_addon_metadata($contents, array('name' => 'Plugin Name', 'uri' => 'Plugin URI', 'description' => 'Plugin Description', 'version' => 'Plugin Version', 'date' => 'Plugin Date', 'author' => 'Plugin Author', 'author_uri' => 'Plugin Author URI', 'license' => 'Plugin License', 'min_q2a' => 'Plugin Minimum Question2Answer Version', 'min_php' => 'Plugin Minimum PHP Version', 'update' => 'Plugin Update Check URI')); if (strlen(@$metadata['name'])) { $namehtml = qa_html($metadata['name']); } else { $namehtml = qa_lang_html('admin/unnamed_plugin'); } $plugin_name = $namehtml; if (strlen(@$metadata['uri'])) { $plugin_uri = qa_html($metadata['uri']); } if (strlen(@$metadata['version'])) { $plugin_version = qa_html($metadata['version']); } if (strlen(@$metadata['author'])) { $plugin_author = qa_html($metadata['author']); if (strlen(@$metadata['author_uri'])) { $plugin_author_url = qa_html($metadata['author_uri']); } } if (strlen(@$metadata['version']) && strlen(@$metadata['update'])) { $elementid = 'version_check_' . md5($plugindirectory); $plugin_update = '(<span id="' . $elementid . '"></span>)'; $qa_content['script_onloads'][] = array("qa_version_check(" . qa_js($metadata['update']) . ", 'Plugin Version', " . qa_js($metadata['version'], true) . ", 'Plugin URI', " . qa_js($elementid) . ");"); } if (strlen(@$metadata['description'])) { $plugin_description = qa_html($metadata['description']); } //if (isset($pluginoptionmodules[$plugindirectory])) $plugin_option = qa_admin_plugin_options_path($plugindirectory); if (qa_qa_version_below(@$metadata['min_q2a'])) { $plugin_error = qa_lang_html_sub('admin/requires_q2a_version', qa_html($metadata['min_q2a'])); } elseif (qa_php_version_below(@$metadata['min_php'])) { $plugin_error = qa_lang_html_sub('admin/requires_php_version', qa_html($metadata['min_php'])); } $plugin[] = array('tags' => 'id="' . qa_html($hash) . '"', 'name' => @$plugin_name, 'uri' => @$plugin_uri, 'version' => @$plugin_version, 'author' => @$plugin_author, 'author_url' => @$plugin_author_url, 'update' => @$plugin_update, 'description' => @$plugin_description, 'path' => @$plugindirectory, 'option' => @$plugin_option, 'error' => @$plugin_error, 'fields' => array(array('type' => 'custom'))); } } return $plugin; }
function qa_check_page_clicks() { if (qa_to_override(__FUNCTION__)) { $args = func_get_args(); return qa_call_override(__FUNCTION__, $args); } global $qa_page_error_html; if (qa_is_http_post()) { foreach ($_POST as $field => $value) { if (strpos($field, 'vote_') === 0) { // voting... @(list($dummy, $postid, $vote, $anchor) = explode('_', $field)); if (isset($postid) && isset($vote)) { if (!qa_check_form_security_code('vote', qa_post_text('code'))) { $qa_page_error_html = qa_lang_html('misc/form_security_again'); } else { require_once QA_INCLUDE_DIR . 'app/votes.php'; require_once QA_INCLUDE_DIR . 'db/selects.php'; $userid = qa_get_logged_in_userid(); $post = qa_db_select_with_pending(qa_db_full_post_selectspec($userid, $postid)); $qa_page_error_html = qa_vote_error_html($post, $vote, $userid, qa_request()); if (!$qa_page_error_html) { qa_vote_set($post, $userid, qa_get_logged_in_handle(), qa_cookie_get(), $vote); qa_redirect(qa_request(), $_GET, null, null, $anchor); } break; } } } elseif (strpos($field, 'favorite_') === 0) { // favorites... @(list($dummy, $entitytype, $entityid, $favorite) = explode('_', $field)); if (isset($entitytype) && isset($entityid) && isset($favorite)) { if (!qa_check_form_security_code('favorite-' . $entitytype . '-' . $entityid, qa_post_text('code'))) { $qa_page_error_html = qa_lang_html('misc/form_security_again'); } else { require_once QA_INCLUDE_DIR . 'app/favorites.php'; qa_user_favorite_set(qa_get_logged_in_userid(), qa_get_logged_in_handle(), qa_cookie_get(), $entitytype, $entityid, $favorite); qa_redirect(qa_request(), $_GET); } } } elseif (strpos($field, 'notice_') === 0) { // notices... @(list($dummy, $noticeid) = explode('_', $field)); if (isset($noticeid)) { if (!qa_check_form_security_code('notice-' . $noticeid, qa_post_text('code'))) { $qa_page_error_html = qa_lang_html('misc/form_security_again'); } else { if ($noticeid == 'visitor') { setcookie('qa_noticed', 1, time() + 86400 * 3650, '/', QA_COOKIE_DOMAIN); } elseif ($noticeid == 'welcome') { require_once QA_INCLUDE_DIR . 'db/users.php'; qa_db_user_set_flag(qa_get_logged_in_userid(), QA_USER_FLAGS_WELCOME_NOTICE, false); } else { require_once QA_INCLUDE_DIR . 'db/notices.php'; qa_db_usernotice_delete(qa_get_logged_in_userid(), $noticeid); } qa_redirect(qa_request(), $_GET); } } } } } }
if (!isset($form['tags'])) { $form['tags'] = 'METHOD="POST" ACTION="' . qa_self_html() . '#' . $identifierhtml . '"'; } if (!isset($form['style'])) { $form['style'] = 'tall'; } $qa_content['form_' . $type . '_' . $name] = $form; $formadded = true; } } foreach ($moduletypes as $type) { $modules = qa_load_modules_with($type, 'init_queries'); foreach ($modules as $name => $module) { $queries = $module->init_queries($tables); if (!empty($queries)) { if (qa_is_http_post()) { qa_redirect('install'); } else { $qa_content['error'] = strtr(qa_lang_html('admin/module_x_database_init'), array('^1' => qa_html($name), '^2' => qa_html($type), '^3' => '<A HREF="' . qa_path_html('install') . '">', '^4' => '</A>')); } } } } if (!$formadded) { $qa_content['suggest_next'] = qa_lang_html('admin/no_plugin_options'); } $qa_content['navigation']['sub'] = qa_admin_sub_navigation(); return $qa_content; /* Omit PHP closing tag to help avoid accidental output */
// Check whether this is a follow-on question and get some info we need from the database $infollow = qa_get('follow'); //$incategoryid=qa_get_category_field_value('category'); $incategoryid = qa_post_text('category'); if (!isset($incategoryid)) { $incategoryid = qa_get('cat'); } @(list($categories, $followanswer, $completetags) = qa_db_select_with_pending(qa_db_category_nav_selectspec($incategoryid, true), isset($infollow) ? qa_db_full_post_selectspec($qa_login_userid, $infollow) : null, qa_db_popular_tags_selectspec(0, QA_DB_RETRIEVE_COMPLETE_TAGS))); if (!isset($categories[$incategoryid])) { $incategoryid = null; } if (@$followanswer['basetype'] != 'A') { $followanswer = null; } // Check for permission error $permiterror = qa_user_permit_error('permit_post_q', qa_is_http_post() ? 'Q' : null); // only check rate limit later on if ($permiterror) { $qa_content = qa_content_prepare(); switch ($permiterror) { case 'login': $qa_content['error'] = qa_insert_login_links(qa_lang_html('question/ask_must_login'), $qa_request, isset($infollow) ? array('follow' => $infollow) : null); break; case 'confirm': $qa_content['error'] = qa_insert_login_links(qa_lang_html('question/ask_must_confirm'), $qa_request, isset($infollow) ? array('follow' => $infollow) : null); break; case 'limit': $qa_content['error'] = qa_lang_html('question/ask_limit'); break; default: $qa_content['error'] = qa_lang_html('users/no_permission');
/** * Outputs cache to the user */ private function get_cache() { global $qa_usage; qa_db_connect('qa_page_db_fail_handler'); qa_page_queue_pending(); qa_load_state(); qa_check_login_modules(); qa_check_page_clicks(); $contents = @file_get_contents($this->cache_file); if (!$contents) { return; } //cache failure, graceful exit $qa_content = array(); // Dummy contents $userid = qa_get_logged_in_userid(); $questionid = qa_request_part(0); $cookieid = qa_cookie_get(true); if (is_numeric($questionid)) { $question = qa_db_select_with_pending(qa_db_full_post_selectspec($userid, $questionid)); if (is_numeric($questionid) && qa_opt('do_count_q_views') && !$this->post_method && !qa_is_http_post() && qa_is_human_probably() && (!$question['views'] || ($question['lastviewip'] != qa_remote_ip_address() || !isset($question['lastviewip'])) && ($question['createip'] != qa_remote_ip_address() || !isset($question['createip'])) && ($question['userid'] != $userid || !isset($question['userid'])) && ($question['cookieid'] != $cookieid || !isset($question['cookieid'])))) { $qa_content['inc_views_postid'] = $questionid; } else { $qa_content['inc_views_postid'] = null; } qa_do_content_stats($qa_content); } if (QA_DEBUG_PERFORMANCE) { ob_start(); $qa_usage->output(); $contents .= ob_get_contents(); ob_end_clean(); } qa_db_disconnect(); exit($contents); }