Esempio n. 1
0
 public function get_topics($catid, $page)
 {
     $topic = new \CODOF\Forum\Topic($this->db);
     $topics = array();
     $cid = (int) $catid;
     $num_pages = 'not_passed';
     if (isset($_GET['get_page_count']) && $_GET['get_page_count'] == 'yes') {
         $num_pages = 'calc_count';
     }
     $new_topics = array();
     $new_replies = array();
     if (isset($_GET['str']) && $_GET['str'] != "") {
         $user = \CODOF\User\User::get();
         if (!$user->can('use search')) {
             exit('permission denied');
         }
         $search = new \CODOF\Search\Search();
         $search->str = $_GET['str'];
         $search->num_results = \CODOF\Util::get_opt("num_posts_cat_topics");
         $search->from = ($page - 1) * $search->num_results;
         if ($num_pages == 'calc_count') {
             $search->count_rows = true;
         }
         $cats = (int) $_GET['catid'];
         $search->cats = $cats;
         $search->match_titles = $_GET['match_titles'];
         $search->order = $_GET['order'];
         $search->sort = $_GET['sort'];
         $search->time_within = $_GET['search_within'];
         $res = $search->search();
         if ($num_pages == 'calc_count') {
             $num_pages = $search->get_total_count();
         }
         $_topics = $topic->gen_topic_arr_all_topics($res, $search);
         $tids = array();
         foreach ($topics as $_topic) {
             $tids[] = $_topic['topic_id'];
         }
         //var_dump($topics);
     } else {
         //$num_pages = $topic->get_num_pages(
         //        $topic->get_num_topics($cid), \CODOF\Util::get_opt("num_posts_cat_topics")
         //);
         $num_pages = 'not_passed';
         $topics = $topic->get_topics($cid, $page);
         $tids = array();
         foreach ($topics as $_topic) {
             $tids[] = $_topic['topic_id'];
         }
         if (\CODOF\User\CurrentUser\CurrentUser::loggedIn()) {
             $tracker = new \CODOF\Forum\Tracker($this->db);
             $topic->new_topic_ids = $tracker->get_new_topic_ids($cid, $tids);
             $topic->new_replies = $tracker->get_new_reply_counts($tids);
         }
         $topic->tags = $topic->getAllTags($tids);
         $_topics = $topic->gen_topic_arr($topics, $cid);
     }
     return array("topics" => $_topics, "new_topics" => $topic->new_topic_ids, "page_no" => $page, "num_pages" => $num_pages);
 }
Esempio n. 2
0
 public function getCategoriesWhereUserCanCreateTopic()
 {
     $user = \CODOF\User\User::get();
     $rids = implode(",", $user->rids);
     $qry = 'SELECT cat_id, cat_pid, cat_name, cat_alias, no_topics, cat_img' . ' FROM ' . PREFIX . 'codo_categories' . ' INNER JOIN ' . PREFIX . 'codo_permissions ON cid=cat_id ' . ' WHERE permission=\'create new topic\'' . ' AND granted=1 ' . ' AND rid IN (' . $rids . ')' . ' ORDER BY cat_order';
     $ans = $this->db->query($qry);
     if ($ans) {
         $cats = $ans->fetchAll(\PDO::FETCH_CLASS);
     }
     $cats = \CODOF\Hook::call('on_get_categories_for_create_topic', $cats);
     return $cats;
 }
Esempio n. 3
0
 public function resend_mail()
 {
     $user = \CODOF\User\User::get();
     if ($user->loggedIn()) {
         $details = $user->getInfo();
         $errors = array();
         $reg = new \CODOF\User\Register($this->db);
         $reg->add_signup_attempt($details);
         $reg->send_mail($details, $errors);
         if (empty($errors)) {
             echo 'success';
         } else {
             echo $errors[0];
         }
     }
 }
Esempio n. 4
0
 public function req_pass()
 {
     $errors = array();
     $token = uniqid() . '&' . (time() + 3600);
     $mail = new \CODOF\Forum\Notification\Mail();
     //update the user's password with the generated password
     $user = \CODOF\User\User::getByMailOrUsername($_GET['ident'], $_GET['ident']);
     $gen = false;
     if (!$user) {
         $errors[] = _t("User does not exist with the given username/mail");
     } else {
         $old_token = $user->token;
         if ($old_token != null) {
             $parts = explode("&", $old_token);
             $expiry = (int) $parts[1];
             if ($expiry > time()) {
                 $gen = true;
             }
         } else {
             $gen = true;
         }
     }
     if (empty($errors) && $gen) {
         \DB::table(PREFIX . 'codo_users')->where('id', $user->id)->update(array('token' => $token));
         $body = \CODOF\Util::get_opt('password_reset_message');
         $sub = \CODOF\Util::get_opt('password_reset_subject');
         $mail->user = array("token" => $token, "link" => RURI . 'user/reset');
         $message = $mail->replace_tokens($body);
         $subject = $mail->replace_tokens($sub);
         $mail->to = $user->mail;
         $mail->subject = $subject;
         $mail->message = $message;
         $mail->send_mail();
         if (!$mail->sent) {
             $errors[] = $mail->error;
         }
     }
     $resp = array("status" => "success", "msg" => _t("E-mail sent successfully"));
     if (!empty($errors)) {
         $resp = array("status" => "fail", "msg" => $errors);
     }
     echo json_encode($resp);
 }
Esempio n. 5
0
 public function move($tids, $dest)
 {
     $user = \CODOF\User\User::get();
     if (!$user->can('move topics')) {
         exit('access denied');
     }
     $counts = \DB::table(PREFIX . 'codo_topics AS c')->select('cat_id', \DB::raw('COUNT(topic_id) AS count'))->whereIn('topic_id', $tids)->groupBy('cat_id')->get();
     foreach ($counts as $count) {
         \DB::table(PREFIX . 'codo_categories')->where('cat_id', $count['cat_id'])->decrement('no_topics', $count['count']);
     }
     \DB::table(PREFIX . 'codo_topics')->whereIn('topic_id', $tids)->update(array('cat_id' => $dest));
     $counts = \DB::table(PREFIX . 'codo_topics AS c')->select('cat_id', \DB::raw('COUNT(topic_id) AS count'))->whereIn('topic_id', $tids)->groupBy('cat_id')->get();
     foreach ($counts as $count) {
         \DB::table(PREFIX . 'codo_categories')->where('cat_id', $count['cat_id'])->increment('no_topics', $count['count']);
     }
 }
Esempio n. 6
0
 /**
  * Checks if particular topic can be viewed by current user or not
  * @param int $tuid topic creator's userid
  * @param int $cid
  * @param int $tid
  */
 public function canDeleteTopic($tuid, $cid, $tid)
 {
     $user = \CODOF\User\User::get();
     return $tuid == $user->id && $user->canAny(array('delete my topics', 'delete all topics'), $cid, $tid) || $tuid != $user->id && $user->can('delete all topics', $cid, $tid);
     //can i reply to others' topic ?
 }
Esempio n. 7
0
 /** private functions --------------------------------------------------------- */
 public function gen_posts_arr($posts, $search = false)
 {
     $_posts = array();
     $user = \CODOF\User\User::get();
     $uid = $user->id;
     $i = 0;
     foreach ($posts as $post) {
         $message = \CODOF\Format::message($post['message']);
         if ($search) {
             $message = $search->get_matching_str($message);
         }
         $_posts[$i] = array("id" => $post['id'], "avatar" => \CODOF\Util::get_avatar_path($post['avatar'], $post['id']), "name" => $post['name'], "post_created" => \CODOF\Time::get_pretty_time($post['post_created']), "post_modified" => \CODOF\Time::get_pretty_time($post['post_modified']), "post_id" => $post['post_id'], "message" => $message, "imessage" => $post['imessage'], "reputation" => $post['reputation'], "role" => \CODOF\User\User::getRoleName($post['rid']), "no_posts" => \CODOF\Util::abbrev_no($post['no_posts'], 1), "signature" => $post['signature']);
         $_posts[$i]['tid'] = $this->tid;
         $_posts[$i]['page'] = $this->from + 1;
         $_posts[$i]['safe_title'] = $this->safe_title;
         if ($this->topic_post_id == $post['post_id']) {
             //is a topic
             $_posts[$i]['is_topic'] = true;
             if ($post['id'] == $uid) {
                 //this topic belongs to current user
                 $_posts[$i]['can_edit_topic'] = $user->can(array('edit my topics', 'edit all topics'), $this->cat_id);
                 $_posts[$i]['can_delete_topic'] = $user->can(array('delete my topics', 'delete all topics'), $this->cat_id);
             } else {
                 $_posts[$i]['can_edit_topic'] = $user->can('edit all topics', $this->cat_id);
                 $_posts[$i]['can_delete_topic'] = $user->can('delete all topics', $this->cat_id);
             }
             $_posts[$i]['can_manage_topic'] = $_posts[$i]['can_edit_topic'] || $_posts[$i]['can_delete_topic'];
         } else {
             $_posts[$i]['is_topic'] = false;
             if ($post['id'] == $uid) {
                 //this topic belongs to current user
                 $_posts[$i]['can_edit_post'] = $user->can(array('edit my posts', 'edit all posts'), $this->cat_id);
                 $_posts[$i]['can_delete_post'] = $user->can(array('delete my posts', 'delete all posts'), $this->cat_id);
             } else {
                 $_posts[$i]['can_edit_post'] = $user->can('edit all posts', $this->cat_id);
                 $_posts[$i]['can_delete_post'] = $user->can('delete all posts', $this->cat_id);
             }
             $_posts[$i]['can_manage_post'] = $_posts[$i]['can_edit_post'] || $_posts[$i]['can_delete_post'];
         }
         $_posts[$i]['can_see_history'] = $user->can('see history', $this->cat_id);
         if ($this->tuid == $uid) {
             //if my topic
             $_posts[$i]['can_reply'] = true;
             //i can reply to my own topic
         } else {
             $_posts[$i]['can_reply'] = $user->can('reply to all topics', $this->cat_id, $this->tid);
         }
         if ($search) {
             $_posts[$i]['in_search'] = true;
         }
         $i++;
     }
     return $_posts;
 }
 public function get_user()
 {
     return \CODOF\User\User::get();
 }
Esempio n. 9
0
 /**
  * 
  * @param type $events
  * @return array
  * 
  * array(
  * 
  *      //mentions of topics/categories, i am not following
  *      //[User] mentioned you in [title]
  *      "rawMentions" => array (
  * 
  *           array (
  * 
  *              "title" //topic title
  *              "tid" //topic id
  *              "pid" //post id
  *              "uid" //user id
  *              "avatar" //absolute url
  *              "username"
  *          )         
  *      )
  * 
  *      //replies, mentions of my topics
  *      "myTopics" = array (
  * 
  * 
  *          "$tid" => array (
  * 
  *             "meta" => array (
  *              
  *                  "new_topic_pid" => $pid //point to post id of new topic
  *                  //other info
  *             ),
  *              
  *             "$pid" => array(
  *              
  *                 "mention" => true
  *                  ...other info
  *          )
  *      )
  * 
  *      //replies, mentions of topics of topics/categories i follow
  *      "following" = array (
  * 
  *          //similar to [myTopics]
  *      )
  * 
  * 
  *  
  * )
  * 
  *   //if event is of type "new_reply", it means either i have created that
  *   //topic or i am following that topic
  *   //if event is of type "new_topic", it means either i have created that
  *   //topic or i am following that category
  *   //if event is of type "mention" AND there is no corresponding "new_reply"
  *   //or "new_topic", it means it is a rawMention
  *   //so to segregate rawMentions i have to store topic ids of "new_reply"
  *   //& "new_topic" and then isset() to check is all that will be left
  */
 protected function sort($events)
 {
     $_events = array("rawMentions" => array(), "myTopics" => array(), "following" => array());
     $tids = array();
     //topic ids array
     $mentions = array();
     //
     $user = \CODOF\User\User::get();
     foreach ($events as $event) {
         $data = json_decode($event['data'], true);
         if ($event['type'] == 'new_reply' || $event['type'] == 'new_topic') {
             $tids[$data['tid']] = 1;
             //to use isset instead of in_array
             $type = $data['tuid'] == $user->id ? 'myTopics' : 'following';
             //store topic meta once to avoid redundant data
             if (!isset($_events[$type][$data['tid']])) {
                 $_events[$type][$data['tid']] = array("meta" => $this->getMetaInfo($data));
                 $_events[$type][$data['tid']]["replies"] = array();
             }
             //tell this topic is new
             if ($event['type'] == 'new_topic') {
                 $_events[$type][$data['tid']]['meta']['new_topic_pid'] = $data['pid'];
                 $this->newTopics++;
             } else {
                 $this->newPosts++;
             }
             $date = date('M-d-h-i-A', $event['created']);
             list($month, $day, $hour, $minute, $meridiem) = explode("-", $date);
             $time = array("month" => $month, "day" => $day, "hour" => $hour, "minute" => $minute, "meridiem" => $meridiem);
             $_events[$type][$data['tid']]["replies"][$data['pid']] = array("actor" => $data['actor'], "pid" => $data['pid'], "time" => $time, "message" => $data['message']);
         }
         if ($event['type'] == 'mention') {
             $mentions[] = $event;
         }
     }
     //now merge $mentions with $_events
     foreach ($mentions as $mention) {
         $data = json_decode($mention['data'], true);
         //if this mention exists in "new_reply" or "new_topic"
         if (isset($tids[$data['tid']])) {
             if ($data['tuid'] == $user->id) {
                 $_events['myTopics'][$data['tid']]['replies'][$data['pid']]['mention'] = true;
             } else {
                 $_events['following'][$data['tid']]['replies'][$data['pid']]['mention'] = true;
             }
         } else {
             $date = date('M-d-h-i-A', $mention['created']);
             list($month, $day, $hour, $minute, $meridiem) = explode("-", $date);
             $data['time'] = array("month" => $month, "day" => $day, "hour" => $hour, "minute" => $minute, "meridiem" => $meridiem);
             $_events['rawMentions'][] = $data;
         }
     }
     return $_events;
 }
Esempio n. 10
0
 /**
  * Saves permissions of all roles from the database
  */
 private static function getPermissions()
 {
     $db = \DB::getPDO();
     $user = \CODOF\User\User::get();
     $uid = $user->id;
     $rids = $user->rids;
     $qry = 'SELECT * FROM codo_permissions WHERE rid IN (' . implode(",", $rids) . ')';
     $obj = $db->query($qry);
     $result = $obj->fetchAll();
     $permissions = self::$permissions;
     foreach ($result as $res) {
         if (isset($permissions[$uid][$res['permission']][$res['cid']][$res['tid']])) {
             if ($res['granted'] == '1') {
                 //change only if higher priority i.e Granted
                 $permissions[$uid][$res['permission']][$res['cid']][$res['tid']] = 1;
             }
         } else {
             $permissions[$uid][$res['permission']][$res['cid']][$res['tid']] = (int) $res['granted'];
         }
     }
     self::$permissions = $permissions;
 }
Esempio n. 11
0
 /**
  *
  * Marks entire forum as read
  */
 public function mark_forum_as_read()
 {
     $me = \CODOF\User\User::get();
     if ($me->loggedIn()) {
         $uid = $me->id;
         //set the user last read time as current time
         $me->set(array("read_time" => time()));
         $del_cats = "DELETE FROM " . PREFIX . "codo_unread_categories WHERE uid={$uid}";
         $this->db->query($del_cats);
         $del_topics = "DELETE FROM " . PREFIX . "codo_unread_topics WHERE uid={$uid}";
         $this->db->query($del_topics);
     }
 }
Esempio n. 12
0
     $secret = CODOF\Util::get_opt('sso_secret');
     if (!empty($user)) {
         unset($user['token']);
         $sso_token = md5(urlencode(json_encode($user)) . $secret . $_POST['timestamp']);
     }
     $username = $user['name'];
     $mail = $user['mail'];
     if ($sso_token != $posted_token) {
         echo 'error';
         exit;
     }
     $db = DB::getPDO();
     if (!CODOF\User\User::mailExists($mail)) {
         //this user does not have an account in codoforum
         $reg = new \CODOF\User\Register($db);
         if (\CODOF\User\User::usernameExists($username)) {
             $username .= time();
         }
         $reg->username = $username;
         $reg->name = $username;
         $reg->mail = $mail;
         $reg->user_status = 1;
         $ret = $reg->register_user();
         $reg->login();
         if (!empty($ret)) {
             echo "error";
         }
     } else {
         CODOF\User\User::loginByMail($mail);
     }
 }
Esempio n. 13
0
    return $mentioner->find($q, $cid, $tid);
});
dispatch_get('Ajax/cron/run/:name', function ($name) {
    $user = CODOF\User\User::get();
    if (Request::valid($_GET['token']) && $user->hasRoleId(ROLE_ADMIN)) {
        $cron = new \CODOF\Cron\Cron();
        if (!$cron->run($name)) {
            echo 'Unable to run cron ' . $name . ' because another cron is already running';
        }
    }
    //exit;
});
//-------------PAGES--------------------------
dispatch_get('/page/:id/:url', function ($id, $url) {
    $pid = (int) $id;
    $user = \CODOF\User\User::get();
    $qry = 'SELECT title, content FROM ' . PREFIX . 'codo_pages p ' . ' LEFT JOIN ' . PREFIX . 'codo_page_roles r ON r.pid=p.id ' . ' WHERE (r.rid IS NULL OR  (r.rid IS NOT NULL AND r.rid IN (' . implode($user->rids) . ')))' . ' AND p.id=' . $pid;
    $res = \DB::getPDO()->query($qry);
    $row = $res->fetch();
    if ($row) {
        $title = $row['title'];
        $content = $row['content'];
        $smarty = CODOF\Smarty\Single::get_instance();
        $smarty->assign('contents', $content);
        \CODOF\Store::set('sub_title', $title);
        \CODOF\Smarty\Layout::load('page');
        \CODOF\Hook::call('on_page_load', array($id));
    } else {
        $page = \DB::table(PREFIX . 'codo_pages')->where('id', $id)->first();
        if ($page == null) {
            \CODOF\Smarty\Layout::not_found();
Esempio n. 14
0
 public function can_down($pid, $to_id)
 {
     $user = \CODOF\User\User::get();
     $res = \DB::table(PREFIX . 'codo_daily_rep_log')->select('rep_count', 'start_rep_time')->where('uid', '=', $user->id)->first();
     if (!$res) {
         $res['rep_count'] = 0;
         $res['start_rep_time'] = time();
         \DB::table(PREFIX . 'codo_daily_rep_log')->insert(array("uid" => $user->id, "rep_count" => 0, "start_rep_time" => time()));
     }
     $max_rep_allowed = \CODOF\Util::get_opt('max_rep_per_day');
     //RULE 1: User can give max X rep per day
     $one_day = 24 * 60 * 60;
     $within_one_day = time() - $res['start_rep_time'] < $one_day;
     $this->max_rep_count_reached = $res['rep_count'] == $max_rep_allowed;
     $this->rule1 = !($this->max_rep_count_reached && $within_one_day);
     //RULE 2: User must have X reputation points or Y posts to increment reputation
     $rep_to_inc = \CODOF\Util::get_opt('rep_req_to_dec');
     $posts_to_inc = \CODOF\Util::get_opt('posts_req_to_dec');
     $this->rule2 = $user->reputation >= $rep_to_inc && $user->no_posts >= $posts_to_inc;
     //RULE 3: Reputation cannot be given/taken to same user more N times
     //        until X hours have passed
     $rep_times_same_user = \CODOF\Util::get_opt('rep_times_same_user');
     $rep_hours_same_user = \CODOF\Util::get_opt('rep_hours_same_user');
     $rep_seconds_same_user = $rep_hours_same_user * 60;
     $rows = \DB::table(PREFIX . 'codo_reputation')->where('from_id', '=', $user->id)->where('to_id', '=', $to_id)->where('post_id', '=', $pid)->where('rep_time', '>', time() - $rep_seconds_same_user)->select('points')->get();
     $numbers_of_reps = count($rows);
     $this->rule3 = $numbers_of_reps < $rep_times_same_user;
     //RULE 4: User cannot give reputation to the same post more than once
     $has_rep = \DB::table(PREFIX . 'codo_reputation')->where('from_id', '=', $user->id)->where('post_id', '=', $pid)->where('points', '=', 1)->get();
     $this->rule4 = !$has_rep;
     $this->rule5 = $user->id != $to_id;
     return $this->rule1 && $this->rule2 && $this->rule3 && $this->rule4 && $this->rule5 && $user->can('rep up');
 }
Esempio n. 15
0
 /**
  * 
  * @param array $data
  * @return bool
  */
 public function queueNotify($type, $data)
 {
     if (!isset($data['actor'])) {
         $user = \CODOF\User\User::get();
         $data["actor"] = array("username" => $user->username, "id" => $user->id, "role" => \CODOF\User\User::getRoleName($user->rid), "avatar" => $user->rawAvatar);
     }
     //Insert notification data JSON encoded
     $nid = \DB::table(PREFIX . 'codo_notify_text')->insertGetId(array("data" => json_encode($data)));
     //queue notification
     $qry = "INSERT INTO " . PREFIX . "codo_notify_queue (type, nid) " . " VALUES(:type, :nid)";
     $stmt = $this->db->prepare($qry);
     $created = $stmt->execute(array("type" => $type, "nid" => $nid));
     $cron = new \CODOF\Cron\Cron();
     $cron->setOnce('notify', 0);
     return $created;
 }
Esempio n. 16
0
 public function deleteReply($_tid)
 {
     $db = \DB::getPDO();
     $pid = (int) $_tid;
     $qry = 'SELECT p.post_status, p.cat_id, p.topic_id,p.uid, p.imessage FROM ' . PREFIX . 'codo_posts AS p' . ' WHERE p.post_id=' . $pid;
     $res = $db->query($qry);
     if ($res) {
         $row = $res->fetch();
         $status = $row['post_status'];
         $cid = $row['cat_id'];
         $text = $row['imessage'];
         $user = \CODOF\User\User::get();
         if ($user->can('moderate posts', $cid)) {
             $qry = 'UPDATE ' . PREFIX . 'codo_posts SET post_status=' . \CODOF\Forum\Forum::DELETED . ' WHERE post_id=' . $pid;
             $db->query($qry);
             if ($status == \CODOF\Forum\Forum::PRE_MODERATION) {
                 $filter = new \CODOF\SpamFilter();
                 $filter->spam($text);
             }
         }
     }
 }
Esempio n. 17
0
 public function topic($tid, $page)
 {
     $topic = new \CODOF\Forum\Topic($this->db);
     $post = new \CODOF\Forum\Post($this->db);
     $topic_info = $topic->get_topic_info($tid);
     if ($topic_info['topic_status'] == \CODOF\Forum\Forum::MERGED_REDIRECT_ONLY) {
         $tid = $topic_info['redirect_to'];
         $topic_info = $topic->get_topic_info($tid);
     }
     if ($topic_info['topic_status'] == \CODOF\Forum\Forum::MODERATION_BY_FILTER) {
         $topic_is_spam = true;
     } else {
         $topic_is_spam = false;
     }
     $this->smarty->assign('topic_is_spam', $topic_is_spam);
     $user = \CODOF\User\User::get();
     if ($topic_is_spam) {
         if (!($user->can('moderate topics') || $user->id == $topic_info['uid'])) {
             $this->view = 'access_denied';
             return false;
         }
     }
     if (!$topic->canViewTopic($topic_info['uid'], $topic_info['cat_id'], $topic_info['topic_id'])) {
         //\CODOF\Hook::call('page not found', array('type' => 'topic', 'id' => $tid));
         \CODOF\Store::set('sub_title', _t('Access denied'));
         $this->view = 'access_denied';
         return;
     }
     $tracker = new \CODOF\Forum\Tracker($this->db);
     $tracker->mark_topic_as_read($topic_info['cat_id'], $tid);
     if (!$topic_info) {
         $this->view = 'not_found';
     } else {
         $posts_per_page = \CODOF\Util::get_opt("num_posts_per_topic");
         if (strpos($page, "post-") !== FALSE) {
             $pid = (int) str_replace("post-", "", $page);
             $prev_posts = $post->get_num_prev_posts($tid, $pid);
             $from = floor($prev_posts / $posts_per_page);
         } else {
             $from = (int) $page - 1;
         }
         $topic_info['no_replies'] = $topic_info['no_posts'] - 1;
         $name = \CODOF\Filter::URL_safe($topic_info['title']);
         $subscriber = new \CODOF\Forum\Notification\Subscriber();
         $this->smarty->assign('no_followers', $subscriber->followersOfTopic($topic_info['topic_id']));
         if (\CODOF\User\CurrentUser\CurrentUser::loggedIn()) {
             $this->smarty->assign('my_subscription_type', $subscriber->levelForTopic($topic_info['topic_id']));
         }
         $this->smarty->assign('tags', $topic->getTags($topic_info['topic_id']));
         $api = new Ajax\forum\topic();
         $posts_data = $api->get_posts($tid, $from, $topic_info);
         $num_pages = $posts_data['num_pages'];
         $posts = $posts_data['posts'];
         $posts_tpl = \CODOF\HB\Render::tpl('forum/topic', $posts_data);
         $this->smarty->assign('posts', $posts_tpl);
         $this->smarty->assign('topic_info', $topic_info);
         $this->smarty->assign('title', htmlentities($topic_info['title'], ENT_QUOTES, "UTF-8"));
         $search_data = array();
         if (isset($_GET['str'])) {
             $search_data = array('str' => strip_tags($_GET['str']));
         }
         $this->smarty->assign('search_data', json_encode($search_data));
         $url = 'topic/' . $topic_info['topic_id'] . '/' . $name . '/';
         $this->smarty->assign('pagination', $post->paginate($num_pages, $from + 1, $url, false, $search_data));
         if (ceil(($topic_info['no_posts'] + 1) / $posts_per_page) > $num_pages) {
             //next reply will go to next page
             $this->smarty->assign('new_page', 'yes');
         } else {
             $this->smarty->assign('new_page', 'nope');
         }
         $cat = new \CODOF\Forum\Category($this->db);
         $cats = $cat->get_categories();
         $cid = $topic_info['cat_id'];
         $parents = $cat->find_parents($cats, $cid);
         array_push($parents, array("name" => $topic_info['cat_name'], "alias" => $topic_info['cat_alias']));
         $this->smarty->assign('can_search', $user->can('use search'));
         $this->smarty->assign('parents', $parents);
         $this->smarty->assign('num_pages', $num_pages);
         $this->smarty->assign('curr_page', $from + 1);
         //starts from 1
         $this->smarty->assign('url', RURI . $url);
         $this->assign_editor_vars();
         $tuid = $topic_info['uid'];
         $this->assign_admin_vars($tuid);
         $this->css_files = array('topic', 'editor', 'jquery.textcomplete');
         $arr = array(array('topic/topic.js', array('type' => 'defer')), array('modal.js', array('type' => 'defer')), array('bootstrap-slider.js', array('type' => 'defer')));
         $this->js_files = array_merge($arr, $post->get_js_editor_files());
         \CODOF\Hook::call('on_topic_view', array($topic_info));
         $this->view = 'forum/topic';
         \CODOF\Store::set('sub_title', $topic_info['title']);
         \CODOF\Store::set('og:type', 'article');
         \CODOF\Store::set('og:title', $topic_info['title']);
         \CODOF\Store::set('og:url', RURI . $url);
         $mesg = $posts[0]['imessage'];
         \CODOF\Store::set('og:desc', strlen($mesg) > 200 ? substr($mesg, 0, 197) . "..." : $mesg);
         if ($from > 0) {
             //previous page exists
             \CODOF\Store::set('rel:prev', RURI . $url . $from);
         }
         $curr_page = $from + 1;
         if ($curr_page < $num_pages) {
             //next page exists
             \CODOF\Store::set('rel:next', RURI . $url . ($curr_page + 1));
         }
         \CODOF\Store::set('article:published', date('c', $topic_info['topic_created']));
         if ($topic_info['topic_updated'] > 0) {
             \CODOF\Store::set('article:modified', date('c', $topic_info['topic_updated']));
         }
     }
 }
Esempio n. 18
0
 public function confirm()
 {
     $this->view = 'user/confirm';
     $action = array();
     if (empty($_GET['user']) || empty($_GET['token'])) {
         $action['result'] = 'VAR_NOT_PASSED';
         //$action['text'] = 'We are missing variables. Please double check your email.';
     } else {
         //cleanup the variables
         $username = $_GET['user'];
         $token = $_GET['token'];
         //check if the key is in the database
         $qry = "SELECT username FROM  " . PREFIX . "codo_signups WHERE username=:username AND token=:token LIMIT 1 OFFSET 0";
         $stmt = $this->db->prepare($qry);
         $result = $stmt->execute(array("username" => $username, "token" => $token));
         if ($result) {
             //get the confirm info
             $res = $stmt->fetch();
             $reg_req_admin = \CODOF\Util::get_opt('reg_req_admin');
             $user_status = 1;
             if ($reg_req_admin == 'yes') {
                 $user_status = 2;
             }
             //confirm the email and update the users database
             $qry = "UPDATE " . PREFIX . "codo_users SET user_status={$user_status} WHERE username=:username";
             $stmt = $this->db->prepare($qry);
             $stmt->execute(array("username" => $username));
             if ($reg_req_admin == 'no') {
                 $user = \CODOF\User\User::getByUsername($username);
                 $qry = "UPDATE " . PREFIX . "codo_user_roles SET rid=:rid WHERE uid=" . $user->id;
                 $stmt = $this->db->prepare($qry);
                 $stmt->execute(array("rid" => ROLE_USER));
             }
             //delete the signup rows associated with the selected username
             $qry = "DELETE FROM " . PREFIX . "codo_signups WHERE username = '******'username'] . "'";
             $this->db->query($qry);
             $action['result'] = 'SUCCESS';
         } else {
             $action['result'] = 'VAR_NOT_FOUND';
         }
     }
     \CODOF\Store::set('sub_title', _t('Confirm user'));
     $this->smarty->assign('result', $action['result']);
 }
Esempio n. 19
0
 public function reset_admin_account($admin_mail)
 {
     $admin = $_SESSION['backup_admin_account'];
     //we need to preserve the imported user id, the no of posts and
     //profile views
     unset($admin['id'], $admin['no_posts'], $admin['profile_views'], $admin['signature'], $admin['rawAvatar'], $admin['rid'], $admin['rids']);
     \DB::table('codo_user_roles')->where('uid', $_SESSION['new_admin_uid'])->update(array('rid' => ROLE_ADMIN));
     $me = \CODOF\User\User::getByMail($admin_mail);
     //update user with $admin where mail=$admin_mail
     $me->set($admin);
     //reset admin userid
     $_SESSION[UID . 'USER']['id'] = $_SESSION['new_admin_uid'];
 }
Esempio n. 20
0
 /**
  * 
  * Ajax/topics/get_topics/:page/filter=[str=:str,]/sort=[title,created]
  * 
  */
 public function get_topics($from, $search = false)
 {
     $from = (int) $from;
     $num_pages = 0;
     $num_posts = \CODOF\Util::get_opt('num_posts_all_topics');
     /* if(!$from) {
     
               $from = \CODOF\Util::get_opt('num_posts_all_topics');
               } */
     $topic = new \CODOF\Forum\Topic($this->db);
     $topic->ajax = true;
     $topics = array();
     if ($search) {
         $user = \CODOF\User\User::get();
         if (!$user->can('use search')) {
             exit('permission denied');
         }
         $search = new \CODOF\Search\Search();
         $search->str = $_GET['str'];
         $search->from = $from;
         $search->num_results = $num_posts;
         $search->count_rows = true;
         //include sub categories ?
         /* if ($_GET['search_subcats'] == 'Yes') {
         
                       $cat = new \CODOF\Forum\Category($this->db);
                       //get sub categories of all selected categories
                       $tree = $cat->generate_tree($cat->get_categories());
                       foreach ($tree as $branch) {
         
                       $this->get_children($branch, $_GET['cats']);
                       }
                       } */
         //$cat_ids = array_merge($this->ids, $_GET['cats']);
         //$cats = implode(",", $cat_ids);
         $search->cats = null;
         $search->match_titles = $_GET['match_titles'];
         $search->order = $_GET['order'];
         $search->sort = $_GET['sort'];
         $search->time_within = $_GET['search_within'];
         $res = $search->search($from);
         $num_pages = $search->get_total_count();
         $topics = $topic->gen_topic_arr_all_topics($res, $search);
         //var_dump($topics);
     } else {
         $_topics = $topic->get_all_topics($from);
         $tids = array();
         foreach ($_topics as $one_topic) {
             $tids[] = $one_topic['topic_id'];
         }
         if (\CODOF\User\CurrentUser\CurrentUser::loggedIn()) {
             $tracker = new \CODOF\Forum\Tracker($this->db);
             //0.76 = 3 queries
             $topic->new_topic_ids = $tracker->get_all_new_topic_ids($tids);
             $topic->new_replies = $tracker->get_new_reply_counts($tids);
         }
         $topic->tags = $topic->getAllTags($tids);
         $topics = $topic->gen_topic_arr_all_topics($_topics);
     }
     return array("topics" => $topics, "page_no" => $from ? $from / $num_posts : 1, "num_posts" => $num_posts, "num_pages" => $num_pages);
 }
Esempio n. 21
0
 public static function load($tpl, $css_files = array(), $js_files = array())
 {
     \CODOF\Util::inc_global_views();
     //This sets all variables which will be used by the theme
     require CURR_THEME_PATH . 'theme.php';
     $page = array();
     \CODOF\Hook::call('before_site_head');
     \CODOF\Hook::call('tpl_before_' . str_replace("/", "_", $tpl));
     $asset = new \CODOF\Asset\Stream();
     $page["head"]["css"] = $asset->dumpCSS();
     //\CODOF\Theme\Js::sort_js();
     $page["head"]["js"] = $asset->dumpJS('head');
     $page["body"]["js"] = $asset->dumpJS('body');
     $page["defer"] = json_encode($asset->deferred());
     //after all modification its time for smarty to display the mod data
     $smarty = Single::get_instance();
     $site_title = \CODOF\Util::get_opt('site_title');
     $sub_title = \CODOF\Store::get('sub_title');
     $smarty->assign('site_title', $site_title);
     $smarty->assign('sub_title', $sub_title);
     $smarty->assign('home_title', \CODOF\Store::get('home_title', _t('All topics')));
     $smarty->assign('site_url', \CODOF\Util::get_opt('site_url'));
     $smarty->assign('logged_in', \CODOF\User\CurrentUser\CurrentUser::loggedIn());
     $smarty->assign('login_url', \CODOF\User\User::getLoginUrl());
     $smarty->assign('logout_url', \CODOF\User\User::getLogoutUrl());
     $smarty->assign('register_url', \CODOF\User\User::getRegisterUrl());
     $smarty->assign('profile_url', \CODOF\User\User::getProfileUrl());
     $smarty->assign('page', $page);
     $smarty->assign('CSRF_token', \CODOF\Access\CSRF::get_token());
     $smarty->assign('php_time_now', time());
     $category = new \CODOF\Forum\Category();
     $canCreateTopicInAtleastOneCategory = $category->canCreateTopicInAtleastOne();
     $smarty->assign('canCreateTopicInAtleastOneCategory', $canCreateTopicInAtleastOneCategory);
     $page = \CODOF\Store::get('rel:canonical_page', isset($_GET['u']) ? $_GET['u'] : '');
     $smarty->assign('canonical', rtrim(RURI, '/') . strip_tags($page));
     if (\CODOF\Store::has('rel:prev')) {
         $smarty->assign('rel_prev', \CODOF\Store::get('rel:prev'));
     }
     if (\CODOF\Store::has('rel:next')) {
         $smarty->assign('rel_next', \CODOF\Store::get('rel:next'));
     }
     if (\CODOF\Store::has('meta:robots')) {
         $smarty->assign('meta_robots', \CODOF\Store::get('meta:robots'));
     }
     $og = array("type" => \CODOF\Store::get('og:type', 'website'), "title" => \CODOF\Store::get('og:title', $sub_title . ' | ' . $site_title));
     if (\CODOF\Store::has('og:url')) {
         $og['url'] = \CODOF\Store::get('og:url');
     }
     if (\CODOF\Store::has('og:desc')) {
         $og['desc'] = \CODOF\Store::get('og:desc');
     } else {
         $og['desc'] = \CODOF\Util::get_opt('site_description');
     }
     if (\CODOF\Store::has('og:image')) {
         $og['image'] = \CODOF\Store::get('og:image');
     }
     $smarty->assign('og', $og);
     if (\CODOF\Store::has('article:published')) {
         $smarty->assign('article_published', \CODOF\Store::get('article:published'));
     }
     if (\CODOF\Store::has('article:modified')) {
         $smarty->assign('article_modified', \CODOF\Store::get('article:modified'));
     }
     $I = \CODOF\User\User::get();
     //current user details
     $smarty->assign('I', $I);
     $smarty->assign('can_moderate_posts', $I->can('moderate posts'));
     if (\CODOF\User\CurrentUser\CurrentUser::loggedIn()) {
         $notifier = new \CODOF\Forum\Notification\Notifier();
         $smarty->assign('unread_notifications', $notifier->getNoOfUnread());
     }
     $html = $smarty->fetch("{$tpl}.tpl");
     require_once SYSPATH . 'Ext/simplehtmldom/simple_html_dom.php';
     $dom = new \simple_html_dom();
     $dom->load($html, true, false);
     //let plugins modify html
     \CODOF\Hook::call('tpl_after_' . str_replace("/", "_", $tpl), $dom);
     \CODOF\Hook::call('after_site_head', $dom);
     echo $dom->save();
 }
Esempio n. 22
0
 public function mail($mail)
 {
     $errors = array();
     if (!filter_var($mail, FILTER_VALIDATE_EMAIL)) {
         $errors[] = _t("email address not formatted correctly");
     }
     if (\CODOF\User\User::mailExists($mail)) {
         $errors[] = _t("email address is already registered");
     }
     $this->errors = array_merge($errors, $this->errors);
     if (empty($errors)) {
         \CODOF\Hook::call('on_mail_ok');
         return TRUE;
         //passed
     }
     \CODOF\Hook::call('on_mail_fail');
     return FALSE;
     //Fail
 }
Esempio n. 23
0
 public function makeContentAnonymous()
 {
     $user = User::getByMail("anonymous@localhost");
     \DB::table(PREFIX . 'codo_topics')->where('uid', $this->user->id)->update(array('uid' => $user->id));
     \DB::table(PREFIX . 'codo_posts')->where('uid', $this->user->id)->update(array('uid' => $user->id));
     //delete unwanted records
     \DB::table(PREFIX . "codo_user_roles")->where('uid', '=', $this->user->id)->delete();
     \DB::table(PREFIX . "codo_user_preferences")->where('uid', '=', $this->user->id)->delete();
     \DB::table(PREFIX . 'codo_unread_topics')->where('uid', $this->user->id)->delete();
     \DB::table(PREFIX . 'codo_unread_categories')->where('uid', $this->user->id)->delete();
     \DB::table(PREFIX . 'codo_notify_subscribers')->where('uid', $this->user->id)->delete();
 }
Esempio n. 24
0
 /**
  * Conditionns of SQL query that restrict users to view topics
  * based on user roles/groups assigned to them
  */
 protected function getPermissionConditions($permission, $alias = 't')
 {
     $user = \CODOF\User\User::get();
     $rids = implode(",", $user->rids);
     /**
      * 
      * 0   0   view all topics  0
      * 0   0   view my  topics  1
      * 3   0   view all topics  1
      * 3   0   view my  topics  0
      * 
      * 
      */
     //NOTE: 'view my topics' & 'view all topics' are mutuall exclusive
     //      so they both cannot be set as granted at once.
     //TODO: Is topic level permission really required ?
     $conditions = ' ' . 'EXISTS (SELECT 1 FROM codo_permissions AS permission  ' . ' WHERE  permission.rid IN (' . $rids . ') ' . ' AND ' . '  (' . '    (' . '      permission.cid = ' . $alias . '.cat_id' . '      AND permission.tid=0 ' . '    )' . '    OR ' . '    permission.tid=' . $alias . '.topic_id' . '  ) ' . ' AND permission.granted=1 ' . ' AND ' . '  (' . '    permission.permission=\'' . $permission . '\' OR ' . '    (permission.permission=\'' . $permission . '\' AND ' . $alias . '.uid=' . $user->id . ') ' . '  ) ' . ' )';
     return $conditions;
 }