public function undelete($id)
{
//SQL injection safe
$pid = (int) $id;
$qry = 'SELECT uid FROM ' . PREFIX . 'codo_posts WHERE post_id=' . $pid;
$res = $this->db->query($qry);
$result = $res->fetch();
if ($result) {
$puid = $result['uid'];
if ($puid == \CODOF\User\CurrentUser\CurrentUser::id()) {
$has_permission = \CODOF\Access\Access::hasPermission(array('edit my posts', 'edit all posts'));
} else {
$has_permission = \CODOF\Access\Access::hasPermission('edit all posts');
}
if ($has_permission) {
$post = new \CODOF\Forum\Post($this->db);
//Delete post ie set status as 0
$post->undelete($pid);
echo 'success';
} else {
echo "Unauthorized request to delete post " . $id;
exit;
}
} else {
echo 'no post found';
}
}
public function delete($id)
{
//post id
$tid = (int) $id;
$topic = new \CODOF\Forum\Topic($this->db);
$topic_info = $topic->get_topic_info($tid);
$cid = $topic_info['cat_id'];
$tuid = $topic_info['uid'];
if ($topic->canViewTopic($tuid, $cid, $tid) && $topic->canDeleteTopic($tuid, $cid, $tid)) {
$isSpam = $_POST['isSpam'];
if ($isSpam == 'yes') {
$text = \DB::table(PREFIX . 'codo_posts AS p')->join(PREFIX . 'codo_topics AS t', 'p.topic_id', '=', 't.topic_id')->where('t.topic_id', '=', $tid)->pluck('p.imessage');
$filter = new \CODOF\SpamFilter();
$filter->spam($text);
}
//Set topic as deleted
$topic->delete($cid, $tid);
//update all posts linked with this topic as deleted
$post = new \CODOF\Forum\Post($this->db);
$post->deleteOfTopic($cid, $tid);
echo 'success';
} else {
exit('access denied');
}
}
public function approveReply($_pid)
{
$db = \DB::getPDO();
$pid = (int) $_pid;
$qry = 'SELECT p.post_status, p.cat_id, p.topic_id, p.uid,p.post_created, p.imessage FROM ' . PREFIX . 'codo_posts AS p' . ' WHERE p.post_id=' . $pid;
$res = $db->query($qry);
if ($res) {
$row = $res->fetch();
$status = $row['post_status'];
$cid = $row['cat_id'];
$text = $row['imessage'];
$user = \CODOF\User\User::get();
if ($user->can('moderate posts', $cid)) {
$qry = 'UPDATE ' . PREFIX . 'codo_posts SET post_status=' . \CODOF\Forum\Forum::APPROVED . ' WHERE post_id=' . $pid;
$db->query($qry);
$post = new \CODOF\Forum\Post($db);
$post->incPostCount($cid, $row['topic_id'], $row['uid']);
$options = array(":pid" => $pid, ":uid" => $user->id, ":name" => $user->name, ":time" => $row['post_created'], ":tid" => $row['topic_id']);
$topic = new \CODOF\Forum\Topic($db);
$topic->update_last_post_details($options);
//If a post considered as spam by filter is being approved
//it means the filter needs to relearn that it is not spam
if ($status == \CODOF\Forum\Forum::MODERATION_BY_FILTER) {
$filter = new \CODOF\SpamFilter();
$filter->ham($text);
}
}
}
}
public function topic($tid, $page)
{
$topic = new \CODOF\Forum\Topic($this->db);
$post = new \CODOF\Forum\Post($this->db);
$topic_info = $topic->get_topic_info($tid);
if ($topic_info['topic_status'] == \CODOF\Forum\Forum::MERGED_REDIRECT_ONLY) {
$tid = $topic_info['redirect_to'];
$topic_info = $topic->get_topic_info($tid);
}
if ($topic_info['topic_status'] == \CODOF\Forum\Forum::MODERATION_BY_FILTER) {
$topic_is_spam = true;
} else {
$topic_is_spam = false;
}
$this->smarty->assign('topic_is_spam', $topic_is_spam);
$user = \CODOF\User\User::get();
if ($topic_is_spam) {
if (!($user->can('moderate topics') || $user->id == $topic_info['uid'])) {
$this->view = 'access_denied';
return false;
}
}
if (!$topic->canViewTopic($topic_info['uid'], $topic_info['cat_id'], $topic_info['topic_id'])) {
//\CODOF\Hook::call('page not found', array('type' => 'topic', 'id' => $tid));
\CODOF\Store::set('sub_title', _t('Access denied'));
$this->view = 'access_denied';
return;
}
$tracker = new \CODOF\Forum\Tracker($this->db);
$tracker->mark_topic_as_read($topic_info['cat_id'], $tid);
if (!$topic_info) {
$this->view = 'not_found';
} else {
$posts_per_page = \CODOF\Util::get_opt("num_posts_per_topic");
if (strpos($page, "post-") !== FALSE) {
$pid = (int) str_replace("post-", "", $page);
$prev_posts = $post->get_num_prev_posts($tid, $pid);
$from = floor($prev_posts / $posts_per_page);
} else {
$from = (int) $page - 1;
}
$topic_info['no_replies'] = $topic_info['no_posts'] - 1;
$name = \CODOF\Filter::URL_safe($topic_info['title']);
$subscriber = new \CODOF\Forum\Notification\Subscriber();
$this->smarty->assign('no_followers', $subscriber->followersOfTopic($topic_info['topic_id']));
if (\CODOF\User\CurrentUser\CurrentUser::loggedIn()) {
$this->smarty->assign('my_subscription_type', $subscriber->levelForTopic($topic_info['topic_id']));
}
$this->smarty->assign('tags', $topic->getTags($topic_info['topic_id']));
$api = new Ajax\forum\topic();
$posts_data = $api->get_posts($tid, $from, $topic_info);
$num_pages = $posts_data['num_pages'];
$posts = $posts_data['posts'];
$posts_tpl = \CODOF\HB\Render::tpl('forum/topic', $posts_data);
$this->smarty->assign('posts', $posts_tpl);
$this->smarty->assign('topic_info', $topic_info);
$this->smarty->assign('title', htmlentities($topic_info['title'], ENT_QUOTES, "UTF-8"));
$search_data = array();
if (isset($_GET['str'])) {
$search_data = array('str' => strip_tags($_GET['str']));
}
$this->smarty->assign('search_data', json_encode($search_data));
$url = 'topic/' . $topic_info['topic_id'] . '/' . $name . '/';
$this->smarty->assign('pagination', $post->paginate($num_pages, $from + 1, $url, false, $search_data));
if (ceil(($topic_info['no_posts'] + 1) / $posts_per_page) > $num_pages) {
//next reply will go to next page
$this->smarty->assign('new_page', 'yes');
} else {
$this->smarty->assign('new_page', 'nope');
}
$cat = new \CODOF\Forum\Category($this->db);
$cats = $cat->get_categories();
$cid = $topic_info['cat_id'];
$parents = $cat->find_parents($cats, $cid);
array_push($parents, array("name" => $topic_info['cat_name'], "alias" => $topic_info['cat_alias']));
$this->smarty->assign('can_search', $user->can('use search'));
$this->smarty->assign('parents', $parents);
$this->smarty->assign('num_pages', $num_pages);
$this->smarty->assign('curr_page', $from + 1);
//starts from 1
$this->smarty->assign('url', RURI . $url);
$this->assign_editor_vars();
$tuid = $topic_info['uid'];
$this->assign_admin_vars($tuid);
$this->css_files = array('topic', 'editor', 'jquery.textcomplete');
$arr = array(array('topic/topic.js', array('type' => 'defer')), array('modal.js', array('type' => 'defer')), array('bootstrap-slider.js', array('type' => 'defer')));
$this->js_files = array_merge($arr, $post->get_js_editor_files());
\CODOF\Hook::call('on_topic_view', array($topic_info));
$this->view = 'forum/topic';
\CODOF\Store::set('sub_title', $topic_info['title']);
\CODOF\Store::set('og:type', 'article');
\CODOF\Store::set('og:title', $topic_info['title']);
\CODOF\Store::set('og:url', RURI . $url);
$mesg = $posts[0]['imessage'];
\CODOF\Store::set('og:desc', strlen($mesg) > 200 ? substr($mesg, 0, 197) . "..." : $mesg);
if ($from > 0) {
//previous page exists
\CODOF\Store::set('rel:prev', RURI . $url . $from);
}
$curr_page = $from + 1;
if ($curr_page < $num_pages) {
//next page exists
\CODOF\Store::set('rel:next', RURI . $url . ($curr_page + 1));
}
\CODOF\Store::set('article:published', date('c', $topic_info['topic_created']));
if ($topic_info['topic_updated'] > 0) {
\CODOF\Store::set('article:modified', date('c', $topic_info['topic_updated']));
}
}
}
if (get_magic_quotes_gpc()) {
$gpc = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
array_walk_recursive($gpc, function (&$value) {
$value = stripslashes($value);
});
}
use CODOF\Util;
use CODOF\Access\Request;
$db = \DB::getPDO();
Util::get_config($db);
\Constants::post_boot('themes/' . Util::get_opt('theme') . "/");
CODOF\Smarty\Single::get_instance();
//-------------------------server static files --------------------------------
dispatch_get('Ajax/history/posts', function () {
if (Request::valid($_GET['_token'])) {
$post = new \CODOF\Forum\Post();
$post->getHistory($_GET['pid']);
}
});
dispatch_get('Ajax/reputation/:pid/up', function ($pid) {
if (Request::valid($_GET['_token'])) {
$rep = new \CODOF\Forum\Reputation();
$rep->up($pid);
}
});
dispatch_get('Ajax/reputation/:pid/down', function ($pid) {
if (Request::valid($_GET['_token'])) {
$rep = new \CODOF\Forum\Reputation();
$rep->down($pid);
}
});
