/**
* This function builds the the queries for the backup
*
* @param string $query
* @param string $table
*
* @return array
*/
public function buildInsertQueries($query, $table)
{
if (!($result = $this->_config->getDb()->query($query))) {
[];
}
$ret = [];
$ret[] = "\r\n-- Table: " . $table;
while ($row = $this->_config->getDb()->fetchArray($result)) {
$p1 = [];
$p2 = [];
foreach ($row as $key => $val) {
$p1[] = $key;
if ('rights' != $key && is_numeric($val)) {
$p2[] = $val;
} else {
if (is_null($val)) {
$p2[] = 'NULL';
} else {
$p2[] = sprintf("'%s'", $this->_config->getDb()->escape($val));
}
}
}
$ret[] = "INSERT INTO " . $table . " (" . implode(",", $p1) . ") VALUES (" . implode(",", $p2) . ");";
}
return $ret;
}
/**
* Sends a notification to user who added a question
*
* @param string $email Email address of the user
* @param string $userName Name of the user
* @param string $url URL of answered FAQ
*
* @return void
*/
public function sendOpenQuestionAnswered($email, $userName, $url)
{
$this->mail->addTo($email, $userName);
$this->mail->subject = $this->config->get('main.titleFAQ') . ' - ' . $this->pmfStr['msgQuestionAnswered'];
$this->mail->message = sprintf($this->pmfStr['msgMessageQuestionAnswered'], $this->config->get('main.titleFAQ')) . "\n\r" . $url;
$this->mail->send();
}
/**
* Returns all relevant articles for a FAQ record with the same language
*
* @param integer $recordId FAQ ID
* @param string $question FAQ title
* @param string $keywords FAQ keywords
*
* @return array
*/
public function getAllRelatedById($recordId, $question, $keywords)
{
$terms = str_replace('-', ' ', $question) . $keywords;
$search = PMF_Search_Factory::create($this->_config, array('database' => PMF_Db::getType()));
$search->setTable(PMF_Db::getTablePrefix() . 'faqdata AS fd')->setResultColumns(array('fd.id AS id', 'fd.lang AS lang', 'fcr.category_id AS category_id', 'fd.thema AS question', 'fd.content AS answer'))->setJoinedTable(PMF_Db::getTablePrefix() . 'faqcategoryrelations AS fcr')->setJoinedColumns(array('fd.id = fcr.record_id', 'fd.lang = fcr.record_lang'))->setConditions(array('fd.active' => "'yes'", 'fd.lang' => "'" . $this->_config->getLanguage()->getLanguage() . "'"))->setMatchingColumns(array('fd.thema', 'fd.content', 'fd.keywords'));
$result = $search->search($terms);
return $this->_config->getDb()->fetchAll($result);
}
/**
* Get an array with minimalistic attachment meta data
*
* @return array
*/
public function getBreadcrumbs()
{
$retval = array();
$query = sprintf("\n SELECT\n fa.id AS ID,\n fa.record_id AS record_id,\n fa.record_lang AS record_lang,\n fa.filename AS filename,\n fa.filesize AS filesize,\n fa.mime_type AS mime_type,\n fd.thema AS thema\n FROM\n %s fa\n JOIN\n %s fd\n ON\n fa.record_id = fd.id\n GROUP BY\n fa.id", PMF_Db::getTablePrefix() . 'faqattachment', PMF_Db::getTablePrefix() . 'faqdata');
$result = $this->config->getDb()->query($query);
if ($result) {
$retval = $this->config->getDb()->fetchAll($result);
}
return $retval;
}
/**
* Create a matrix for representing categories and faq records
*
* @return array
*/
public function getCategoryRecordsMatrix()
{
$matrix = [];
$query = sprintf('
SELECT
fcr.category_id AS id_cat,
fd.id AS id
FROM
%sfaqdata fd
INNER JOIN
%sfaqcategoryrelations fcr
ON
fd.id = fcr.record_id
AND
fd.lang = fcr.category_lang
ORDER BY
fcr.category_id, fd.id', PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix());
$result = $this->_config->getDb()->query($query);
if ($this->_config->getDb()->numRows($result) > 0) {
while ($row = $this->_config->getDb()->fetchObject($result)) {
$matrix[$row->id_cat][$row->id] = true;
}
}
return $matrix;
}
/**
* This function checks the content against a bad word list if the banned
* word spam protection has been activated from the general phpMyFAQ
* configuration.
*
* @param string $content
*
* @return bool
*/
public function checkBannedWord($content)
{
// Sanity checks
$content = PMF_String::strtolower(trim($content));
if ('' === $content || !$this->_config->get('spam.checkBannedWords')) {
return true;
}
// Check if we check more than one word
$checkWords = explode(' ', $content);
if (1 === count($checkWords)) {
$checkWords = array($content);
}
$bannedWords = $this->getBannedWords();
// We just search a match of, at least, one banned word into $content
if (is_array($bannedWords)) {
foreach ($bannedWords as $bannedWord) {
foreach ($checkWords as $word) {
if (PMF_String::strtolower($word) === PMF_String::strtolower($bannedWord)) {
return false;
}
}
}
}
return true;
}
/**
* Delete old captcha records.
*
* During normal use the <b>faqcaptcha</b> table would be empty, on average:
* each record is created when a captcha image is showed to the user
* and deleted upon a successful matching, so, on average, a record
* in this table is probably related to a spam attack.
*
* @param int $time The time (sec) to define a captcha code old and ready
* to be deleted (default: 1 week)
* @return void
*/
private function garbageCollector($time = 604800)
{
$delete = sprintf("\n DELETE FROM \n %sfaqcaptcha \n WHERE \n captcha_time < %d", PMF_Db::getTablePrefix(), $_SERVER['REQUEST_TIME'] - $time);
$this->_config->getDb()->query($delete);
$delete = sprintf("\n DELETE FROM\n %sfaqcaptcha\n WHERE\n useragent = '%s' AND language = '%s' AND ip = '%s'", PMF_Db::getTablePrefix(), $this->userAgent, $this->_config->getLanguage()->getLanguage(), $this->ip);
$this->_config->getDb()->query($delete);
}
/**
* Generates a huge array for the report
* @return array
*/
public function getReportingData()
{
$report = [];
$query = sprintf("\n SELECT\n fd.id AS id,\n fd.lang AS lang,\n fcr.category_id AS category_id,\n c.name as category_name,\n c.parent_id as parent_id,\n fd.sticky AS sticky,\n fd.thema AS question,\n fd.author AS original_author,\n fd.datum AS creation_date,\n fv.visits AS visits,\n u.display_name AS last_author\n FROM\n %sfaqdata fd\n LEFT JOIN\n %sfaqcategoryrelations fcr\n ON\n (fd.id = fcr.record_id AND fd.lang = fcr.record_lang)\n LEFT JOIN\n %sfaqvisits fv\n ON\n (fd.id = fv.id AND fd.lang = fv.lang)\n LEFT JOIN\n %sfaqchanges as fc\n ON\n (fd.id = fc.id AND fd.lang = fc.lang)\n LEFT JOIN\n %sfaquserdata as u\n ON\n (u.user_id = fc.usr)\n LEFT JOIN\n %sfaqcategories as c\n ON\n (c.id = fcr.category_id AND c.lang = fcr.record_lang)\n ORDER BY\n fd.id\n ASC", PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix());
$result = $this->_config->getDb()->query($query);
$lastId = 0;
while ($row = $this->_config->getDb()->fetchObject($result)) {
if ($row->id == $lastId) {
$report[$row->id]['faq_translations'] += 1;
} else {
$report[$row->id] = array('faq_id' => $row->id, 'faq_language' => $row->lang, 'category_id' => $row->category_id, 'category_parent' => $row->parent_id, 'category_name' => $row->category_name, 'faq_translations' => 0, 'faq_sticky' => $row->sticky, 'faq_question' => $row->question, 'faq_org_author' => $row->original_author, 'faq_creation' => PMF_Date::createIsoDate($row->creation_date), 'faq_visits' => $row->visits, 'faq_last_author' => $row->last_author);
}
$lastId = $row->id;
}
return $report;
}
/**
* Deletes logging data older than 30 days
*
* @return boolean
*/
public function delete()
{
$query = sprintf("DELETE FROM\n %sfaqadminlog\n WHERE\n time < %d", PMF_Db::getTablePrefix(), $_SERVER['REQUEST_TIME'] - 30 * 86400);
if ($this->_config->getDb()->query($query)) {
return true;
}
return false;
}
/**
* Returns the single instance
*
* @access static
* @return PMF_Configuration
*/
public static function getInstance()
{
if (null == self::$instance) {
$className = __CLASS__;
self::$instance = new $className();
}
return self::$instance;
}
/**
* Deletes an item and definition into the database
*
* @param integer $id Glossary ID
*
* @return boolean
*/
public function deleteGlossaryItem($id)
{
$query = sprintf("\n DELETE FROM\n %sfaqglossary\n WHERE\n id = %d AND lang = '%s'", PMF_Db::getTablePrefix(), (int) $id, $this->config->getLanguage()->getLanguage());
if ($this->config->getDb()->query($query)) {
return true;
}
return false;
}
/**
* Deletes a news entry identified by its ID
*
* @todo check if there are comments attached to the deleted news
*
* @param integer $id News ID
*
* @return boolean
*/
function deleteNews($id)
{
$query = sprintf("DELETE FROM\n %sfaqnews\n WHERE\n id = %d\n AND\n lang = '%s'", PMF_Db::getTablePrefix(), $id, $this->_config->getLanguage()->getLanguage());
if (!$this->_config->getDb()->query($query)) {
return false;
}
return true;
}
/**
* Get all the entries from the table faqvisits
*
* @return array
*/
public function getAllData()
{
$data = [];
$query = sprintf("\n SELECT\n *\n FROM\n %sfaqvisits\n ORDER BY\n visits DESC", PMF_Db::getTablePrefix());
$result = $this->_config->getDb()->query($query);
while ($row = $this->_config->getDb()->fetchObject($result)) {
$data[] = array('id' => $row->id, 'lang' => $row->lang, 'visits' => $row->visits, 'last_visit' => $row->last_visit);
}
return $data;
}
/**
* Performs a check if an IPv4 or IPv6 address is banned
*
* @param string $ip IPv4 or IPv6 address
*
* @return boolean true, if not banned
*/
public function checkIp($ip)
{
$bannedIps = explode(' ', $this->_config->get('security.bannedIPs'));
foreach ($bannedIps as $ipAddress) {
if (0 == strlen($ipAddress)) {
continue;
}
if (false === filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
// Handle IPv4
if ($this->checkForAddrMatchIpv4($ip, $ipAddress)) {
return false;
}
} else {
// Handle IPv6
if ($this->checkForAddrMatchIpv6($ip, $ipAddress)) {
return false;
}
}
}
return true;
}
/**
* Returns all comments with their categories
*
* @param string $type Type of comment: faq or news
* @return array
*/
public function getAllComments($type = self::COMMENT_TYPE_FAQ)
{
$comments = [];
$query = sprintf("\n SELECT\n fc.id_comment AS comment_id,\n fc.id AS record_id,\n %s\n fc.usr AS username,\n fc.email AS email,\n fc.comment AS comment,\n fc.datum AS comment_date\n FROM\n %sfaqcomments fc\n %s\n WHERE\n type = '%s'", $type == self::COMMENT_TYPE_FAQ ? "fcg.category_id,\n" : '', PMF_Db::getTablePrefix(), $type == self::COMMENT_TYPE_FAQ ? "LEFT JOIN\n " . PMF_Db::getTablePrefix() . "faqcategoryrelations fcg\n ON\n fc.id = fcg.record_id\n" : '', $type);
$result = $this->config->getDb()->query($query);
if ($this->config->getDb()->numRows($result) > 0) {
while ($row = $this->config->getDb()->fetchObject($result)) {
$comments[] = array('comment_id' => $row->comment_id, 'record_id' => $row->record_id, 'category_id' => isset($row->category_id) ? $row->category_id : null, 'content' => $row->comment, 'date' => $row->comment_date, 'username' => $row->username, 'email' => $row->email);
}
}
return $comments;
}
/**
* Check if at least one faq has been tagged with a tag
*
* @return boolean
*/
public function existTagRelations()
{
$query = sprintf('
SELECT
COUNT(record_id) AS n
FROM
%sfaqdata_tags', PMF_Db::getTablePrefix());
$result = $this->_config->getDb()->query($query);
if ($row = $this->_config->getDb()->fetchObject($result)) {
return $row->n > 0;
}
return false;
}
/**
* @param integer $limit Specify the maximum amount of records to return
*
* @return Array $tagId => $tagFrequency
*/
public function getPopularTags($limit = 0)
{
$tags = [];
$query = sprintf("\n SELECT\n COUNT(record_id) as freq, tagging_id\n FROM\n %sfaqdata_tags\n JOIN\n %sfaqdata ON id = record_id\n WHERE\n lang = '%s'\n GROUP BY tagging_id\n ORDER BY freq DESC", PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), $this->_config->getLanguage()->getLanguage());
$result = $this->_config->getDb()->query($query);
if ($result) {
while ($row = $this->_config->getDb()->fetchObject($result)) {
$tags[$row->tagging_id] = $row->freq;
if (--$limit === 0) {
break;
}
}
}
return $tags;
}
/**
* Deletes the user-data entry for the given user-ID $userId.
* Returns true on success, otherwise false.
*
* @param integer $userId User ID
* @return bool
*/
public function delete($userId)
{
$userId = (int) $userId;
if ($userId <= 0 && $userId != -1) {
return false;
}
$this->userId = $userId;
$delete = sprintf("\n DELETE FROM\n %sfaquserdata\n WHERE\n user_id = %d", PMF_Db::getTablePrefix(), $this->userId);
$res = $this->config->getDb()->query($delete);
if (!$res) {
return false;
}
$this->data = array();
return true;
}
/**
* Calculates the rating of the user votings
*
* @param integer $id
*
* @return string
*/
function getVotingResult($id)
{
$query = sprintf('
SELECT
(vote/usr) as voting, usr
FROM
%sfaqvoting
WHERE
artikel = %d', PMF_Db::getTablePrefix(), $id);
$result = $this->_config->getDb()->query($query);
if ($this->_config->getDb()->numRows($result) > 0) {
$row = $this->_config->getDb()->fetchObject($result);
return sprintf(' %s (' . $this->plr->GetMsg('plmsgVotes', $row->usr) . ')', round($row->voting, 2));
} else {
return '0 (' . $this->plr->GetMsg('plmsgVotes', 0) . ')';
}
}
/**
* Calculates the number of visits per day the last 30 days
*
* @returns array
*/
public function getLast30DaysVisits()
{
$stats = $visits = array();
$startDate = strtotime('-1 month');
$endDate = $_SERVER['REQUEST_TIME'];
$query = sprintf("\n SELECT\n time\n FROM\n %sfaqsessions\n WHERE\n time > %d\n AND\n time < %d;", PMF_Db::getTablePrefix(), $startDate, $endDate);
$result = $this->config->getDb()->query($query);
while ($row = $this->config->getDb()->fetchObject($result)) {
$visits[] = $row->time;
}
for ($date = $startDate; $date <= $endDate; $date += 86400) {
$stats[date('Y-m-d', $date)] = 0;
}
foreach ($visits as $visitDate) {
$stats[date('Y-m-d', $visitDate)]++;
}
return $stats;
}
/**
* Generates the export
*
* @param integer $categoryId Category Id
* @param boolean $downwards If true, downwards, otherwise upward ordering
* @param string $language Language
*
* @return string
*/
public function generate($categoryId = 0, $downwards = true, $language = '')
{
global $PMF_LANG;
// Initialize categories
$this->category->transform($categoryId);
$faqdata = $this->faq->get(FAQ_QUERY_TYPE_EXPORT_XML, $categoryId, $downwards, $language);
$version = PMF_Configuration::getInstance()->get('main.currentVersion');
$comment = sprintf('XHTML output by phpMyFAQ %s | Date: %s', $version, PMF_Date::createIsoDate(date("YmdHis")));
$this->xml->startDocument('1.0', 'utf-8');
$this->xml->writeDtd('html', '-//W3C//DTD XHTML 1.0 Transitional//EN', 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd');
$this->xml->startElement('html');
$this->xml->writeAttribute('xmlns', 'http://www.w3.org/1999/xhtml');
$this->xml->writeAttribute('xml:lang', $language);
$this->xml->writeComment($comment);
$this->xml->startElement('head');
$this->xml->writeElement('title', PMF_Configuration::getInstance()->get('main.titleFAQ'));
$this->xml->startElement('meta');
$this->xml->writeAttribute('http-equiv', 'Content-Type');
$this->xml->writeAttribute('content', 'application/xhtml+xml; charset=utf-8');
$this->xml->endElement();
$this->xml->endElement();
// </head>
$this->xml->startElement('body');
$this->xml->writeAttribute('dir', $PMF_LANG['dir']);
if (count($faqdata)) {
$lastCategory = 0;
foreach ($faqdata as $data) {
if ($data['category_id'] != $lastCategory) {
$this->xml->writeElement('h1', $this->category->getPath($data['category_id'], ' >> '));
}
$this->xml->writeElement('h2', strip_tags($data['topic']));
$this->xml->writeElement('p', $data['content']);
$this->xml->writeElement('p', $PMF_LANG['msgAuthor'] . ': ' . $data['author_email']);
$this->xml->writeElement('p', $PMF_LANG['msgLastUpdateArticle'] . PMF_Date::createIsoDate($data['lastmodified']));
$lastCategory = $data['category_id'];
}
}
$this->xml->endElement();
// </body>
$this->xml->endElement();
// </html>
header('Content-type: text/html');
return $this->xml->outputMemory();
}
/**
* @static
* @param PMF_Configuration $faqConfig
*/
public static function init(PMF_Configuration $faqConfig)
{
$config = array();
if ($faqConfig->get('cache.varnishEnable')) {
$config[VARNISH_CONFIG_PORT] = $faqConfig->get('cache.varnishPort');
$config[VARNISH_CONFIG_SECRET] = $faqConfig->get('cache.varnishSecret');
$config[VARNISH_CONFIG_TIMEOUT] = $faqConfig->get('cache.varnishTimeout');
$config[VARNISH_CONFIG_HOST] = $faqConfig->get('cache.varnishHost');
self::$instance = new PMF_Cache_Varnish($config);
} else {
self::$instance = new PMF_Cache_Dummy($config);
}
}
/**
* Return the latest news data
*
* @param boolean $showArchive Show archived news
* @param boolean $active Show active news
* @param boolean $forceConfLimit Force to limit in configuration
* @return string
*/
public function getLatestData($showArchive = false, $active = true, $forceConfLimit = false)
{
$news = array();
$counter = 0;
$now = date('YmdHis');
$faqconfig = PMF_Configuration::getInstance();
$query = sprintf("\n SELECT\n *\n FROM\n %sfaqnews\n WHERE\n date_start <= '%s'\n AND \n date_end >= '%s'\n %s\n AND\n lang = '%s'\n ORDER BY\n datum DESC", SQLPREFIX, $now, $now, $active ? "AND active = 'y'" : '', $this->language);
$result = $this->db->query($query);
if ($faqconfig->get('main.numberOfShownNewsEntries') > 0 && $this->db->num_rows($result) > 0) {
while ($row = $this->db->fetch_object($result)) {
$counter++;
if ($showArchive && $counter > $faqconfig->get('main.numberOfShownNewsEntries') || !$showArchive && !$forceConfLimit && $counter <= $faqconfig->get('main.numberOfShownNewsEntries') || !$showArchive && $forceConfLimit) {
$item = array('id' => $row->id, 'lang' => $row->lang, 'date' => $row->datum, 'lang' => $row->lang, 'header' => $row->header, 'content' => $row->artikel, 'authorName' => $row->author_name, 'authorEmail' => $row->author_email, 'dateStart' => $row->date_start, 'dateEnd' => $row->date_end, 'active' => 'y' == $row->active, 'allowComments' => 'y' == $row->comment, 'link' => $row->link, 'linkTitle' => $row->linktitel, 'target' => $row->target);
$news[] = $item;
}
}
}
return $news;
}
/**
* Check on user and group permissions and on duplicate FAQs
*
* @param array $resultset Array with search results
*
* @return void
*/
public function reviewResultset(array $resultset)
{
$this->setResultset($resultset);
$duplicateResults = [];
$currentUserId = $this->user->getUserId();
if ('medium' === $this->_config->get('security.permLevel')) {
$currentGroupIds = $this->user->perm->getUserGroups($currentUserId);
} else {
$currentGroupIds = array(-1);
}
foreach ($this->rawResultset as $result) {
$permission = false;
// check permissions for groups
if ('medium' === $this->_config->get('security.permLevel')) {
$groupPermission = $this->faq->getPermission('group', $result->id);
if (count($groupPermission) && in_array($groupPermission[0], $currentGroupIds)) {
$permission = true;
}
}
// check permission for user
if ($permission || 'basic' === $this->_config->get('security.permLevel')) {
$userPermission = $this->faq->getPermission('user', $result->id);
if (in_array(-1, $userPermission) || in_array($this->user->getUserId(), $userPermission)) {
$permission = true;
} else {
$permission = false;
}
}
// check on duplicates
if (!isset($duplicateResults[$result->id])) {
$duplicateResults[$result->id] = 1;
} else {
++$duplicateResults[$result->id];
continue;
}
if ($permission) {
$this->reviewedResultset[] = $result;
}
}
$this->setNumberOfResults($this->reviewedResultset);
}
/**
* Returns an array of country codes for a specific FAQ record ID,
* specific category ID or all languages used by FAQ records , categories
*
* @param integer $id ID
* @param string $table Specifies table
*
* @return array
*/
public function languageAvailable($id, $table = 'faqdata')
{
$output = [];
if (isset($id)) {
if ($id == 0) {
// get languages for all ids
$distinct = ' DISTINCT ';
$where = '';
} else {
// get languages for specified id
$distinct = '';
$where = " WHERE id = " . $id;
}
$query = sprintf("\n SELECT %s\n lang\n FROM\n %s%s\n %s", $distinct, PMF_Db::getTablePrefix(), $table, $where);
$result = $this->config->getDb()->query($query);
if ($this->config->getDb()->numRows($result) > 0) {
while ($row = $this->config->getDb()->fetchObject($result)) {
$output[] = $row->lang;
}
}
}
return $output;
}
/**
* Generates the export
*
* @param integer $categoryId Category Id
* @param boolean $downwards If true, downwards, otherwise upward ordering
* @param string $language Language
*
* @return string
*/
public function generate($categoryId = 0, $downwards = true, $language = '')
{
// Initialize categories
$this->category->transform($categoryId);
$faqdata = $this->faq->get(FAQ_QUERY_TYPE_EXPORT_XML, $categoryId, $downwards, $language);
$version = PMF_Configuration::getInstance()->get('main.currentVersion');
$comment = sprintf('XML output by phpMyFAQ %s | Date: %s', $version, PMF_Date::createIsoDate(date("YmdHis")));
$this->xml->startDocument('1.0', 'utf-8', 'yes');
$this->xml->writeComment($comment);
$this->xml->startElement('phpmyfaq');
if (count($faqdata)) {
foreach ($faqdata as $data) {
// Build the <article/> node
$this->xml->startElement('article');
$this->xml->writeAttribute('id', $data['id']);
$this->xml->writeElement('language', $data['lang']);
$this->xml->writeElement('category', $this->category->getPath($data['category_id'], ' >> '));
if (!empty($data['keywords'])) {
$this->xml->writeElement('keywords', $data['keywords']);
} else {
$this->xml->writeElement('keywords');
}
$this->xml->writeElement('question', strip_tags($data['topic']));
$this->xml->writeElement('answer', PMF_String::htmlspecialchars($data['content']));
if (!empty($data['author_name'])) {
$this->xml->writeElement('author', $data['author_name']);
} else {
$this->xml->writeElement('author');
}
$this->xml->writeElement('data', PMF_Date::createIsoDate($data['lastmodified']));
$this->xml->endElement();
}
}
$this->xml->endElement();
header('Content-type: text/xml');
return $this->xml->outputMemory();
}
function sendAskedQuestion($username, $usermail, $usercat, $content)
{
global $PMF_LANG, $faq;
$retval = false;
$faqconfig = PMF_Configuration::getInstance();
$categoryNode = new PMF_Category_Node();
if ($faqconfig->get('records.enableVisibilityQuestions')) {
$visibility = 'N';
} else {
$visibility = 'Y';
}
$questionData = array('id' => null, 'username' => $username, 'email' => $usermail, 'category_id' => $usercat, 'question' => $content, 'date' => date('YmdHis'), 'is_visible' => $visibility);
list($user, $host) = explode("@", $questionData['email']);
if (PMF_Filter::filterVar($questionData['email'], FILTER_VALIDATE_EMAIL) != false) {
$faqQuestions = new PMF_Faq_Questions();
$faqQuestions->create($questionData);
$categoryData = $categoryNode->fetch($questionData['category_id']);
$questionMail = "User: "******", mailto:" . $questionData['email'] . "\n" . $PMF_LANG["msgCategory"] . ": " . $categoryData->name . "\n\n" . wordwrap($content, 72);
$userId = $categoryData->user_id;
$oUser = new PMF_User();
$oUser->getUserById($userId);
$userEmail = $oUser->getUserData('email');
$mainAdminEmail = $faqconfig->get('main.administrationMail');
$mail = new PMF_Mail();
$mail->unsetFrom();
$mail->setFrom($questionData['email'], $questionData['username']);
$mail->addTo($mainAdminEmail);
// Let the category owner get a copy of the message
if ($userEmail && $mainAdminEmail != $userEmail) {
$mail->addCc($userEmail);
}
$mail->subject = '%sitename%';
$mail->message = $questionMail;
$retval = $mail->send();
}
return $retval;
}
/**
* Returns all records from the current first letter
*
* @param string $letter Letter
* @return array
* @since 2007-03-30
* @author Thorsten Rinne <*****@*****.**>
*/
public function getRecordsFromLetter($letter = 'A')
{
global $sids, $PMF_LANG;
if ($this->groupSupport) {
$permPart = sprintf("( fdg.group_id IN (%s)\n OR\n (fdu.user_id = %d AND fdg.group_id IN (%s)))", implode(', ', $this->groups), $this->user, implode(', ', $this->groups));
} else {
$permPart = sprintf("( fdu.user_id = %d OR fdu.user_id = -1 )", $this->user);
}
$letter = PMF_String::strtoupper($this->_config->getDb()->escape(PMF_String::substr($letter, 0, 1)));
$writeMap = '';
switch ($this->type) {
case 'db2':
case 'sqlite':
$query = sprintf("\n SELECT\n fd.thema AS thema,\n fd.id AS id,\n fd.lang AS lang,\n fcr.category_id AS category_id,\n fd.content AS snap\n FROM\n %sfaqcategoryrelations fcr,\n %sfaqdata fd\n LEFT JOIN\n %sfaqdata_group AS fdg\n ON\n fd.id = fdg.record_id\n LEFT JOIN\n %sfaqdata_user AS fdu\n ON\n fd.id = fdu.record_id\n WHERE\n fd.id = fcr.record_id\n AND\n SUBSTR(fd.thema, 1, 1) = '%s'\n AND\n fd.lang = '%s'\n AND\n fd.active = 'yes'\n AND\n %s", PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), $letter, $this->_config->getLanguage()->getLanguage(), $permPart);
break;
default:
$query = sprintf("\n SELECT\n fd.thema AS thema,\n fd.id AS id,\n fd.lang AS lang,\n fcr.category_id AS category_id,\n fd.content AS snap\n FROM\n %sfaqcategoryrelations fcr,\n %sfaqdata fd\n LEFT JOIN\n %sfaqdata_group AS fdg\n ON\n fd.id = fdg.record_id\n LEFT JOIN\n %sfaqdata_user AS fdu\n ON\n fd.id = fdu.record_id\n WHERE\n fd.id = fcr.record_id\n AND\n SUBSTRING(fd.thema, 1, 1) = '%s'\n AND\n fd.lang = '%s'\n AND\n fd.active = 'yes'\n AND\n %s", PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), PMF_Db::getTablePrefix(), $letter, $this->_config->getLanguage()->getLanguage(), $permPart);
break;
}
$result = $this->_config->getDb()->query($query);
$oldId = 0;
while ($row = $this->_config->getDb()->fetchObject($result)) {
if ($oldId != $row->id) {
$title = PMF_String::htmlspecialchars($row->thema, ENT_QUOTES, 'utf-8');
$url = sprintf('%s?%saction=artikel&cat=%d&id=%d&artlang=%s', PMF_Link::getSystemRelativeUri(), $sids, $row->category_id, $row->id, $row->lang);
$oLink = new PMF_Link($url, $this->_config);
$oLink->itemTitle = $row->thema;
$oLink->text = $title;
$oLink->tooltip = $title;
$writeMap .= '<li>' . $oLink->toHtmlAnchor() . '<br />' . "\n";
$writeMap .= PMF_Utils::chopString(strip_tags($row->snap), 25) . " ...</li>\n";
}
$oldId = $row->id;
}
$writeMap = empty($writeMap) ? '' : '<ul>' . $writeMap . '</ul>';
return $writeMap;
}
/**
* Tracks the user and log what he did
*
* @param string $action String User action string
* @param integer $id ID
*
* @return void
*/
public function userTracking($action, $id = 0)
{
global $sid, $user, $botBlacklist;
$faqconfig = PMF_Configuration::getInstance();
if (!$faqconfig->get('main.enableUserTracking')) {
return;
}
$bots = 0;
$agent = $_SERVER['HTTP_USER_AGENT'];
$sid = PMF_Filter::filterInput(INPUT_GET, PMF_GET_KEY_NAME_SESSIONID, FILTER_VALIDATE_INT);
$sidc = PMF_Filter::filterInput(INPUT_COOKIE, PMF_COOKIE_NAME_SESSIONID, FILTER_VALIDATE_INT);
if (!is_null($sidc)) {
$sid = $sidc;
}
if ($action == "old_session") {
$sid = null;
}
foreach ($botBlacklist as $bot) {
if (strpos($agent, $bot)) {
$bots++;
}
}
if ($bots > 0) {
return;
}
if (!isset($sid)) {
$sid = $this->db->nextID(SQLPREFIX . "faqsessions", "sid");
// Sanity check: force the session cookie to contains the current $sid
if (!is_null($sidc) && !$sidc != $sid) {
self::setCookie($sid);
}
$query = sprintf("\n INSERT INTO \n %sfaqsessions\n (sid, user_id, ip, time)\n VALUES\n (%d, %d, '%s', %d)", SQLPREFIX, $sid, $user ? $user->getUserId() : -1, $_SERVER["REMOTE_ADDR"], $_SERVER['REQUEST_TIME']);
$this->db->query($query);
}
$data = $sid . ';' . str_replace(';', ',', $action) . ';' . $id . ';' . $_SERVER['REMOTE_ADDR'] . ';' . str_replace(';', ',', $_SERVER['QUERY_STRING']) . ';' . str_replace(';', ',', isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '') . ';' . str_replace(';', ',', urldecode($_SERVER['HTTP_USER_AGENT'])) . ';' . $_SERVER['REQUEST_TIME'] . ";\n";
file_put_contents('./data/tracking' . date('dmY'), $data, FILE_APPEND);
}
$comment = PMF_Filter::filterInput(INPUT_POST, 'comment', FILTER_SANITIZE_STRIPPED);
$message = '';
switch ($type) {
case 'news':
$id = $newsid;
$msgWriteComment = $PMF_LANG['newsWriteComment'];
break;
case 'faq':
default:
$id = $faqid;
$msgWriteComment = $PMF_LANG['msgWriteComment'];
break;
}
// If e-mail address is set to optional
if (!PMF_Configuration::getInstance()->get('main.optionalMailAddress') && is_null($mail)) {
$mail = PMF_Configuration::getInstance()->get('main.administrationMail');
}
if (!is_null($user) && !is_null($mail) && !is_null($comment) && checkBannedWord(PMF_String::htmlspecialchars($comment)) && IPCheck($_SERVER['REMOTE_ADDR']) && $captcha->checkCaptchaCode($code) && !$faq->commentDisabled($id, $LANGCODE, $type)) {
$faqsession->userTracking("save_comment", $id);
$commentData = array('record_id' => $id, 'type' => $type, 'username' => $user, 'usermail' => $mail, 'comment' => nl2br($comment), 'date' => $_SERVER['REQUEST_TIME'], 'helped' => '');
if ($faq->addComment($commentData)) {
$emailTo = $faqconfig->get('main.administrationMail');
$urlToContent = '';
if ('faq' == $type) {
$faq->getRecord($id);
if ($faq->faqRecord['email'] != '') {
$emailTo = $faq->faqRecord['email'];
}
$_faqUrl = sprintf('%saction=artikel&cat=%d&id=%d&artlang=%s', $sids, 0, $faq->faqRecord['id'], $faq->faqRecord['lang']);
$oLink = new PMF_Link(PMF_Link::getSystemUri() . '?' . $_faqUrl);
$oLink->itemTitle = $faq->faqRecord['title'];
