function queue_post_voters_flaggers($post)
{
if (!qa_user_post_permit_error('permit_view_voters_flaggers', $post)) {
$postids = array(@$post['postid'], @$post['opostid']);
// opostid can be relevant for flags
foreach ($postids as $postid) {
if (isset($postid) && !isset($this->qa_voters_flaggers_cache[$postid])) {
$this->qa_voters_flaggers_queue[$postid] = true;
}
}
}
}
function qa_page_q_edit_c_submit($comment, $question, $parent, &$in, &$errors)
{
$commentid = $comment['postid'];
$prefix = 'c' . $commentid . '_';
$in = array();
if ($comment['isbyuser']) {
$in['name'] = qa_post_text($prefix . 'name');
$in['notify'] = qa_post_text($prefix . 'notify') ? true : false;
$in['email'] = qa_post_text($prefix . 'email');
}
if (!qa_user_post_permit_error('permit_edit_silent', $comment)) {
$in['silent'] = qa_post_text($prefix . 'silent');
}
qa_get_post_content($prefix . 'editor', $prefix . 'content', $in['editor'], $in['content'], $in['format'], $in['text']);
// here the $in array only contains values for parts of the form that were displayed, so those are only ones checked by filters
$errors = array();
if (!qa_check_form_security_code('edit-' . $commentid, qa_post_text($prefix . 'code'))) {
$errors['content'] = qa_lang_html('misc/form_security_again');
} else {
$in['queued'] = qa_opt('moderate_edited_again') && qa_user_moderation_reason(qa_user_level_for_post($comment));
$filtermodules = qa_load_modules_with('filter', 'filter_comment');
foreach ($filtermodules as $filtermodule) {
$oldin = $in;
$filtermodule->filter_comment($in, $errors, $question, $parent, $comment);
qa_update_post_text($in, $oldin);
}
if (empty($errors)) {
$userid = qa_get_logged_in_userid();
$handle = qa_get_logged_in_handle();
$cookieid = qa_cookie_get();
if (!isset($in['silent'])) {
$in['silent'] = false;
}
$setnotify = $comment['isbyuser'] ? qa_combine_notify_email($comment['userid'], $in['notify'], $in['email']) : $comment['notify'];
qa_comment_set_content($comment, $in['content'], $in['format'], $in['text'], $setnotify, $userid, $handle, $cookieid, $question, $parent, @$in['name'], $in['queued'], $in['silent']);
return true;
}
}
return false;
}
function qa_get_vote_view($postorbasetype, $full = false, $enabledif = true)
{
if (qa_to_override(__FUNCTION__)) {
$args = func_get_args();
return qa_call_override(__FUNCTION__, $args);
}
// The 'level' and 'approve' permission errors are taken care of by disabling the voting buttons.
// Others are reported to the user after they click, in qa_vote_error_html(...)
if (is_array($postorbasetype)) {
// deal with dual-use parameter
$basetype = $postorbasetype['basetype'];
$post = $postorbasetype;
} else {
$basetype = $postorbasetype;
$post = null;
}
$disabledsuffix = '';
if ($basetype == 'Q' || $basetype == 'A') {
$view = $basetype == 'A' ? qa_opt('voting_on_as') : qa_opt('voting_on_qs');
if (!($enabledif && ($basetype == 'A' || $full || !qa_opt('voting_on_q_page_only')))) {
$disabledsuffix = '-disabled-page';
} else {
if ($basetype == 'A') {
$permiterror = isset($post) ? qa_user_post_permit_error('permit_vote_a', $post) : qa_user_permit_error('permit_vote_a');
} else {
$permiterror = isset($post) ? qa_user_post_permit_error('permit_vote_q', $post) : qa_user_permit_error('permit_vote_q');
}
if ($permiterror == 'level') {
$disabledsuffix = '-disabled-level';
} elseif ($permiterror == 'approve') {
$disabledsuffix = '-disabled-approve';
} else {
$permiterrordown = isset($post) ? qa_user_post_permit_error('permit_vote_down', $post) : qa_user_permit_error('permit_vote_down');
if ($permiterrordown == 'level') {
$disabledsuffix = '-uponly-level';
} elseif ($permiterrordown == 'approve') {
$disabledsuffix = '-uponly-approve';
}
}
}
} else {
$view = false;
}
return $view ? (qa_opt('votes_separated') ? 'updown' : 'net') . $disabledsuffix : false;
}
$htmlfields['url'] = $htmlfields['what_url'];
}
$htmlfields['what_2'] = qa_lang_html('main/hidden');
if (@$htmloptions['whenview']) {
$updated = @$question[isset($question['opostid']) ? 'oupdated' : 'updated'];
if (isset($updated)) {
$htmlfields['when_2'] = qa_when_to_html($updated, @$htmloptions['fulldatedays']);
}
}
$buttons = array();
$posttype = qa_strtolower(isset($question['obasetype']) ? $question['obasetype'] : $question['basetype']);
if (!qa_user_post_permit_error('permit_hide_show', $question)) {
// Possible values for popup: reshow_q_popup, reshow_a_popup, reshow_c_popup
$buttons['reshow'] = array('tags' => 'name="admin_' . qa_html($qhiddenpostid[$key]) . '_reshow" onclick="return qa_admin_click(this);"', 'label' => qa_lang_html('question/reshow_button'), 'popup' => qa_lang_html(sprintf('question/reshow_%s_popup', $posttype)));
}
if (!qa_user_post_permit_error('permit_delete_hidden', $question) && !$dependcounts[$qhiddenpostid[$key]]) {
// Possible values for popup: delete_q_popup, delete_a_popup, delete_c_popup
$buttons['delete'] = array('tags' => 'name="admin_' . qa_html($qhiddenpostid[$key]) . '_delete" onclick="return qa_admin_click(this);"', 'label' => qa_lang_html('question/delete_button'), 'popup' => qa_lang_html(sprintf('question/delete_%s_popup', $posttype)));
}
if (count($buttons)) {
$htmlfields['form'] = array('style' => 'light', 'buttons' => $buttons);
}
$qa_content['q_list']['qs'][] = $htmlfields;
}
} else {
$qa_content['title'] = qa_lang_html('admin/no_hidden_found');
}
$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
$qa_content['script_rel'][] = 'qa-content/qa-admin.js?' . QA_VERSION;
return $qa_content;
/*
$userid = qa_get_logged_in_userid();
list($queuedquestions, $queuedanswers, $queuedcomments) = qa_db_select_with_pending(qa_db_qs_selectspec($userid, 'created', 0, null, null, 'Q_QUEUED', true), qa_db_recent_a_qs_selectspec($userid, 0, null, null, 'A_QUEUED', true), qa_db_recent_c_qs_selectspec($userid, 0, null, null, 'C_QUEUED', true));
// Check admin privileges (do late to allow one DB query)
if (qa_user_maximum_permit_error('permit_moderate')) {
$qa_content = qa_content_prepare();
$qa_content['error'] = qa_lang_html('users/no_permission');
return $qa_content;
}
// Check to see if any were approved/rejected here
$pageerror = qa_admin_check_clicks();
// Combine sets of questions and remove those this user has no permission to moderate
$questions = qa_any_sort_by_date(array_merge($queuedquestions, $queuedanswers, $queuedcomments));
if (qa_user_permit_error('permit_moderate')) {
// if user not allowed to moderate all posts
foreach ($questions as $index => $question) {
if (qa_user_post_permit_error('permit_moderate', $question)) {
unset($questions[$index]);
}
}
}
// Get information for users
$usershtml = qa_userids_handles_html(qa_any_get_userids_handles($questions));
// Prepare content for theme
$qa_content = qa_content_prepare();
$qa_content['title'] = qa_lang_html('admin/recent_approve_title');
$qa_content['error'] = isset($pageerror) ? $pageerror : qa_admin_page_error();
$qa_content['q_list'] = array('form' => array('tags' => 'method="post" action="' . qa_self_html() . '"', 'hidden' => array('code' => qa_get_form_security_code('admin/click'))), 'qs' => array());
if (count($questions)) {
foreach ($questions as $question) {
$postid = qa_html(isset($question['opostid']) ? $question['opostid'] : $question['postid']);
$elementid = 'p' . $postid;
function qa_admin_single_click($entityid, $action)
{
$userid = qa_get_logged_in_userid();
if (!QA_FINAL_EXTERNAL_USERS && ($action == 'userapprove' || $action == 'userblock')) {
// approve/block moderated users
require_once QA_INCLUDE_DIR . 'db/selects.php';
$useraccount = qa_db_select_with_pending(qa_db_user_account_selectspec($entityid, true));
if (isset($useraccount) && qa_get_logged_in_level() >= QA_USER_LEVEL_MODERATOR) {
switch ($action) {
case 'userapprove':
if ($useraccount['level'] <= QA_USER_LEVEL_APPROVED) {
// don't demote higher level users
require_once QA_INCLUDE_DIR . 'app/users-edit.php';
qa_set_user_level($useraccount['userid'], $useraccount['handle'], QA_USER_LEVEL_APPROVED, $useraccount['level']);
return true;
}
break;
case 'userblock':
require_once QA_INCLUDE_DIR . 'app/users-edit.php';
qa_set_user_blocked($useraccount['userid'], $useraccount['handle'], true);
return true;
break;
}
}
} else {
// something to do with a post
require_once QA_INCLUDE_DIR . 'app/posts.php';
$post = qa_post_get_full($entityid);
if (isset($post)) {
$queued = substr($post['type'], 1) == '_QUEUED';
switch ($action) {
case 'approve':
if ($queued && !qa_user_post_permit_error('permit_moderate', $post)) {
qa_post_set_hidden($entityid, false, $userid);
return true;
}
break;
case 'reject':
if ($queued && !qa_user_post_permit_error('permit_moderate', $post)) {
qa_post_set_hidden($entityid, true, $userid);
return true;
}
break;
case 'hide':
if (!$queued && !qa_user_post_permit_error('permit_hide_show', $post)) {
qa_post_set_hidden($entityid, true, $userid);
return true;
}
break;
case 'reshow':
if ($post['hidden'] && !qa_user_post_permit_error('permit_hide_show', $post)) {
qa_post_set_hidden($entityid, false, $userid);
return true;
}
break;
case 'delete':
if ($post['hidden'] && !qa_user_post_permit_error('permit_delete_hidden', $post)) {
qa_post_delete($entityid);
return true;
}
break;
case 'clearflags':
require_once QA_INCLUDE_DIR . 'app/votes.php';
if (!qa_user_post_permit_error('permit_hide_show', $post)) {
qa_flags_clear_all($post, $userid, qa_get_logged_in_handle(), null);
return true;
}
break;
}
}
}
return false;
}
/**
* @deprecated This function will become private in Q2A 1.8. It is specific to this plugin and
* should not be used by outside code.
*/
public function queue_post_voters_flaggers($post)
{
if (!qa_user_post_permit_error('permit_view_voters_flaggers', $post)) {
$postkeys = array('postid', 'opostid');
foreach ($postkeys as $key) {
if (isset($post[$key]) && !isset($this->qa_voters_flaggers_cache[$post[$key]])) {
$this->qa_voters_flaggers_queue[$post[$key]] = true;
}
}
}
}
function ra_ajax_add_answer()
{
// Load relevant information about this question
$questionid = qa_post_text('a_questionid');
$userid = qa_get_logged_in_userid();
list($question, $childposts) = qa_db_select_with_pending(qa_db_full_post_selectspec($userid, $questionid), qa_db_full_child_posts_selectspec($userid, $questionid));
// Check if the question exists, is not closed, and whether the user has permission to do this
if (@$question['basetype'] == 'Q' && !isset($question['closedbyid']) && !qa_user_post_permit_error('permit_post_a', $question, QA_LIMIT_ANSWERS)) {
require_once QA_INCLUDE_DIR . 'qa-app-captcha.php';
require_once QA_INCLUDE_DIR . 'qa-app-format.php';
require_once QA_INCLUDE_DIR . 'qa-app-post-create.php';
require_once QA_INCLUDE_DIR . 'qa-app-cookies.php';
require_once QA_INCLUDE_DIR . 'qa-page-question-view.php';
require_once QA_INCLUDE_DIR . 'qa-page-question-submit.php';
// Try to create the new answer
$usecaptcha = qa_user_use_captcha(qa_user_level_for_post($question));
$answers = qa_page_q_load_as($question, $childposts);
$answerid = qa_page_q_add_a_submit($question, $answers, false, $in, $errors);
if ($answerid) {
return true;
}
}
die;
}
}
if (!$question['viewable']) {
$qa_content = qa_content_prepare();
if ($question['queued']) {
$qa_content['error'] = qa_lang_html('question/q_waiting_approval');
} elseif ($question['flagcount'] && !isset($question['lastuserid'])) {
$qa_content['error'] = qa_lang_html('question/q_hidden_flagged');
} elseif ($question['authorlast']) {
$qa_content['error'] = qa_lang_html('question/q_hidden_author');
} else {
$qa_content['error'] = qa_lang_html('question/q_hidden_other');
}
$qa_content['suggest_next'] = qa_html_suggest_qs_tags(qa_using_tags());
return $qa_content;
}
$permiterror = qa_user_post_permit_error('permit_view_q_page', $question, null, false);
if ($permiterror && (qa_is_human_probably() || !qa_opt('allow_view_q_bots'))) {
$qa_content = qa_content_prepare();
$topage = qa_q_request($questionid, $question['title']);
switch ($permiterror) {
case 'login':
$qa_content['error'] = qa_insert_login_links(qa_lang_html('main/view_q_must_login'), $topage);
break;
case 'confirm':
$qa_content['error'] = qa_insert_login_links(qa_lang_html('main/view_q_must_confirm'), $topage);
break;
case 'approve':
$qa_content['error'] = qa_lang_html('main/view_q_must_be_approved');
break;
default:
$qa_content['error'] = qa_lang_html('users/no_permission');
function qa_flag_error_html($post, $userid, $topage)
{
if (qa_to_override(__FUNCTION__)) {
$args = func_get_args();
return qa_call_override(__FUNCTION__, $args);
}
// The 'login', 'confirm', 'limit', 'userblock' and 'ipblock' permission errors are reported to the user here.
// Others ('approve', 'level') prevent the flag button being shown, in qa_page_q_post_rules(...)
require_once QA_INCLUDE_DIR . 'db/selects.php';
require_once QA_INCLUDE_DIR . 'app/options.php';
require_once QA_INCLUDE_DIR . 'app/users.php';
require_once QA_INCLUDE_DIR . 'app/limits.php';
if (is_array($post) && qa_opt('flagging_of_posts') && (!isset($post['userid']) || !isset($userid) || $post['userid'] != $userid)) {
switch (qa_user_post_permit_error('permit_flag', $post, QA_LIMIT_FLAGS)) {
case 'login':
return qa_insert_login_links(qa_lang_html('question/flag_must_login'), $topage);
break;
case 'confirm':
return qa_insert_login_links(qa_lang_html('question/flag_must_confirm'), $topage);
break;
case 'limit':
return qa_lang_html('question/flag_limit');
break;
default:
return qa_lang_html('users/no_permission');
break;
case false:
return false;
}
} else {
return qa_lang_html('question/flag_not_allowed');
}
// flagging option should not have been presented
}
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
More about this license: http://www.question2answer.org/license.php
*/
require_once QA_INCLUDE_DIR . 'app/users.php';
require_once QA_INCLUDE_DIR . 'app/limits.php';
require_once QA_INCLUDE_DIR . 'db/selects.php';
// Load relevant information about this question
$questionid = qa_post_text('a_questionid');
$userid = qa_get_logged_in_userid();
list($question, $childposts) = qa_db_select_with_pending(qa_db_full_post_selectspec($userid, $questionid), qa_db_full_child_posts_selectspec($userid, $questionid));
// Check if the question exists, is not closed, and whether the user has permission to do this
if (@$question['basetype'] == 'Q' && !isset($question['closedbyid']) && !qa_user_post_permit_error('permit_post_a', $question, QA_LIMIT_ANSWERS)) {
require_once QA_INCLUDE_DIR . 'app/captcha.php';
require_once QA_INCLUDE_DIR . 'app/format.php';
require_once QA_INCLUDE_DIR . 'app/post-create.php';
require_once QA_INCLUDE_DIR . 'app/cookies.php';
require_once QA_INCLUDE_DIR . 'pages/question-view.php';
require_once QA_INCLUDE_DIR . 'pages/question-submit.php';
// Try to create the new answer
$usecaptcha = qa_user_use_captcha(qa_user_level_for_post($question));
$answers = qa_page_q_load_as($question, $childposts);
$answerid = qa_page_q_add_a_submit($question, $answers, $usecaptcha, $in, $errors);
// If successful, page content will be updated via Ajax
if (isset($answerid)) {
$answer = qa_db_select_with_pending(qa_db_full_post_selectspec($userid, $answerid));
$question = $question + qa_page_q_post_rules($question, null, null, $childposts);
// array union
// Find most flagged questions, answers, comments
$userid = qa_get_logged_in_userid();
$questions = qa_db_select_with_pending(qa_db_flagged_post_qs_selectspec($userid, 0, true));
// Check admin privileges (do late to allow one DB query)
if (qa_user_maximum_permit_error('permit_hide_show')) {
$qa_content = qa_content_prepare();
$qa_content['error'] = qa_lang_html('users/no_permission');
return $qa_content;
}
// Check to see if any were cleared or hidden here
$pageerror = qa_admin_check_clicks();
// Remove questions the user has no permission to hide/show
if (qa_user_permit_error('permit_hide_show')) {
// if user not allowed to show/hide all posts
foreach ($questions as $index => $question) {
if (qa_user_post_permit_error('permit_hide_show', $question)) {
unset($questions[$index]);
}
}
}
// Get information for users
$usershtml = qa_userids_handles_html(qa_any_get_userids_handles($questions));
// Prepare content for theme
$qa_content = qa_content_prepare();
$qa_content['title'] = qa_lang_html('admin/most_flagged_title');
$qa_content['error'] = isset($pageerror) ? $pageerror : qa_admin_page_error();
$qa_content['q_list'] = array('form' => array('tags' => 'method="post" action="' . qa_self_html() . '"', 'hidden' => array('code' => qa_get_form_security_code('admin/click'))), 'qs' => array());
if (count($questions)) {
foreach ($questions as $question) {
$postid = qa_html(isset($question['opostid']) ? $question['opostid'] : $question['postid']);
$elementid = 'p' . $postid;
function qa_page_q_add_c_form(&$qa_content, $question, $parent, $formid, $captchareason, $in, $errors, $loadfocusnow)
{
// The 'approve', 'login', 'confirm', 'userblock', 'ipblock' permission errors are reported to the user here
// The other option ('level') prevents the comment button being shown, in qa_page_q_post_rules(...)
switch (qa_user_post_permit_error('permit_post_c', $parent, QA_LIMIT_COMMENTS)) {
case 'login':
$form = array('title' => qa_insert_login_links(qa_lang_html('question/comment_must_login'), qa_request()));
break;
case 'confirm':
$form = array('title' => qa_insert_login_links(qa_lang_html('question/comment_must_confirm'), qa_request()));
break;
case 'approve':
$form = array('title' => qa_lang_html('question/comment_must_be_approved'));
break;
case 'limit':
$form = array('title' => qa_lang_html('question/comment_limit'));
break;
default:
$form = array('title' => qa_lang_html('users/no_permission'));
break;
case false:
$prefix = 'c' . $parent['postid'] . '_';
$editorname = isset($in['editor']) ? $in['editor'] : qa_opt('editor_for_cs');
$editor = qa_load_editor(@$in['content'], @$in['format'], $editorname);
if (method_exists($editor, 'update_script')) {
$updatescript = $editor->update_script($prefix . 'content');
} else {
$updatescript = '';
}
$custom = qa_opt('show_custom_comment') ? trim(qa_opt('custom_comment')) : '';
$form = array('tags' => 'method="post" action="' . qa_self_html() . '" name="c_form_' . qa_html($parent['postid']) . '"', 'title' => qa_lang_html($question['postid'] == $parent['postid'] ? 'question/your_comment_q' : 'question/your_comment_a'), 'fields' => array('custom' => array('type' => 'custom', 'note' => $custom), 'content' => array_merge(qa_editor_load_field($editor, $qa_content, @$in['content'], @$in['format'], $prefix . 'content', 4, $loadfocusnow, $loadfocusnow), array('error' => qa_html(@$errors['content'])))), 'buttons' => array('comment' => array('tags' => 'onclick="' . $updatescript . ' return qa_submit_comment(' . qa_js($question['postid']) . ', ' . qa_js($parent['postid']) . ', this);"', 'label' => qa_lang_html('question/add_comment_button')), 'cancel' => array('tags' => 'name="docancel"', 'label' => qa_lang_html('main/cancel_button'))), 'hidden' => array($prefix . 'editor' => qa_html($editorname), $prefix . 'doadd' => '1', $prefix . 'code' => qa_get_form_security_code('comment-' . $parent['postid'])));
if (!strlen($custom)) {
unset($form['fields']['custom']);
}
if (!qa_is_logged_in()) {
qa_set_up_name_field($qa_content, $form['fields'], @$in['name'], $prefix);
}
qa_set_up_notify_fields($qa_content, $form['fields'], 'C', qa_get_logged_in_email(), isset($in['notify']) ? $in['notify'] : qa_opt('notify_users_default'), $in['email'], @$errors['email'], $prefix);
$onloads = array();
if ($captchareason) {
$captchaloadscript = qa_set_up_captcha_field($qa_content, $form['fields'], $errors, qa_captcha_reason_note($captchareason));
if (strlen($captchaloadscript)) {
$onloads[] = 'document.getElementById(' . qa_js($formid) . ').qa_show=function() { ' . $captchaloadscript . ' };';
}
}
if (!$loadfocusnow) {
if (method_exists($editor, 'load_script')) {
$onloads[] = 'document.getElementById(' . qa_js($formid) . ').qa_load=function() { ' . $editor->load_script($prefix . 'content') . ' };';
}
if (method_exists($editor, 'focus_script')) {
$onloads[] = 'document.getElementById(' . qa_js($formid) . ').qa_focus=function() { ' . $editor->focus_script($prefix . 'content') . ' };';
}
$form['buttons']['cancel']['tags'] .= ' onclick="return qa_toggle_element()"';
}
if (count($onloads)) {
$qa_content['script_onloads'][] = $onloads;
}
}
$form['id'] = $formid;
$form['collapse'] = !$loadfocusnow;
$form['style'] = 'tall';
return $form;
}
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
More about this license: http://www.question2answer.org/license.php
*/
require_once QA_INCLUDE_DIR . 'app/users.php';
require_once QA_INCLUDE_DIR . 'app/limits.php';
require_once QA_INCLUDE_DIR . 'db/selects.php';
// Load relevant information about this question and the comment parent
$questionid = qa_post_text('c_questionid');
$parentid = qa_post_text('c_parentid');
$userid = qa_get_logged_in_userid();
list($question, $parent, $children) = qa_db_select_with_pending(qa_db_full_post_selectspec($userid, $questionid), qa_db_full_post_selectspec($userid, $parentid), qa_db_full_child_posts_selectspec($userid, $parentid));
// Check if the question and parent exist, and whether the user has permission to do this
if (@$question['basetype'] == 'Q' && (@$parent['basetype'] == 'Q' || @$parent['basetype'] == 'A') && !qa_user_post_permit_error('permit_post_c', $parent, QA_LIMIT_COMMENTS)) {
require_once QA_INCLUDE_DIR . 'app/captcha.php';
require_once QA_INCLUDE_DIR . 'app/format.php';
require_once QA_INCLUDE_DIR . 'app/post-create.php';
require_once QA_INCLUDE_DIR . 'app/cookies.php';
require_once QA_INCLUDE_DIR . 'pages/question-view.php';
require_once QA_INCLUDE_DIR . 'pages/question-submit.php';
require_once QA_INCLUDE_DIR . 'util/sort.php';
// Try to create the new comment
$usecaptcha = qa_user_use_captcha(qa_user_level_for_post($question));
$commentid = qa_page_q_add_c_submit($question, $parent, $children, $usecaptcha, $in, $errors);
// If successful, page content will be updated via Ajax
if (isset($commentid)) {
$children = qa_db_select_with_pending(qa_db_full_child_posts_selectspec($userid, $parentid));
$parent = $parent + qa_page_q_post_rules($parent, $questionid == $parentid ? null : $question, null, $children);
// in theory we should retrieve the parent's siblings for the above, but they're not going to be relevant
