public function get_topics($catid, $page)
{
$topic = new \CODOF\Forum\Topic($this->db);
$topics = array();
$cid = (int) $catid;
$num_pages = 'not_passed';
if (isset($_GET['get_page_count']) && $_GET['get_page_count'] == 'yes') {
$num_pages = 'calc_count';
}
$new_topics = array();
$new_replies = array();
if (isset($_GET['str']) && $_GET['str'] != "") {
$user = \CODOF\User\User::get();
if (!$user->can('use search')) {
exit('permission denied');
}
$search = new \CODOF\Search\Search();
$search->str = $_GET['str'];
$search->num_results = \CODOF\Util::get_opt("num_posts_cat_topics");
$search->from = ($page - 1) * $search->num_results;
if ($num_pages == 'calc_count') {
$search->count_rows = true;
}
$cats = (int) $_GET['catid'];
$search->cats = $cats;
$search->match_titles = $_GET['match_titles'];
$search->order = $_GET['order'];
$search->sort = $_GET['sort'];
$search->time_within = $_GET['search_within'];
$res = $search->search();
if ($num_pages == 'calc_count') {
$num_pages = $search->get_total_count();
}
$_topics = $topic->gen_topic_arr_all_topics($res, $search);
$tids = array();
foreach ($topics as $_topic) {
$tids[] = $_topic['topic_id'];
}
//var_dump($topics);
} else {
//$num_pages = $topic->get_num_pages(
// $topic->get_num_topics($cid), \CODOF\Util::get_opt("num_posts_cat_topics")
//);
$num_pages = 'not_passed';
$topics = $topic->get_topics($cid, $page);
$tids = array();
foreach ($topics as $_topic) {
$tids[] = $_topic['topic_id'];
}
if (\CODOF\User\CurrentUser\CurrentUser::loggedIn()) {
$tracker = new \CODOF\Forum\Tracker($this->db);
$topic->new_topic_ids = $tracker->get_new_topic_ids($cid, $tids);
$topic->new_replies = $tracker->get_new_reply_counts($tids);
}
$topic->tags = $topic->getAllTags($tids);
$_topics = $topic->gen_topic_arr($topics, $cid);
}
return array("topics" => $_topics, "new_topics" => $topic->new_topic_ids, "page_no" => $page, "num_pages" => $num_pages);
}
public function getCategoriesWhereUserCanCreateTopic()
{
$user = \CODOF\User\User::get();
$rids = implode(",", $user->rids);
$qry = 'SELECT cat_id, cat_pid, cat_name, cat_alias, no_topics, cat_img' . ' FROM ' . PREFIX . 'codo_categories' . ' INNER JOIN ' . PREFIX . 'codo_permissions ON cid=cat_id ' . ' WHERE permission=\'create new topic\'' . ' AND granted=1 ' . ' AND rid IN (' . $rids . ')' . ' ORDER BY cat_order';
$ans = $this->db->query($qry);
if ($ans) {
$cats = $ans->fetchAll(\PDO::FETCH_CLASS);
}
$cats = \CODOF\Hook::call('on_get_categories_for_create_topic', $cats);
return $cats;
}
public function resend_mail()
{
$user = \CODOF\User\User::get();
if ($user->loggedIn()) {
$details = $user->getInfo();
$errors = array();
$reg = new \CODOF\User\Register($this->db);
$reg->add_signup_attempt($details);
$reg->send_mail($details, $errors);
if (empty($errors)) {
echo 'success';
} else {
echo $errors[0];
}
}
}
public function req_pass()
{
$errors = array();
$token = uniqid() . '&' . (time() + 3600);
$mail = new \CODOF\Forum\Notification\Mail();
//update the user's password with the generated password
$user = \CODOF\User\User::getByMailOrUsername($_GET['ident'], $_GET['ident']);
$gen = false;
if (!$user) {
$errors[] = _t("User does not exist with the given username/mail");
} else {
$old_token = $user->token;
if ($old_token != null) {
$parts = explode("&", $old_token);
$expiry = (int) $parts[1];
if ($expiry > time()) {
$gen = true;
}
} else {
$gen = true;
}
}
if (empty($errors) && $gen) {
\DB::table(PREFIX . 'codo_users')->where('id', $user->id)->update(array('token' => $token));
$body = \CODOF\Util::get_opt('password_reset_message');
$sub = \CODOF\Util::get_opt('password_reset_subject');
$mail->user = array("token" => $token, "link" => RURI . 'user/reset');
$message = $mail->replace_tokens($body);
$subject = $mail->replace_tokens($sub);
$mail->to = $user->mail;
$mail->subject = $subject;
$mail->message = $message;
$mail->send_mail();
if (!$mail->sent) {
$errors[] = $mail->error;
}
}
$resp = array("status" => "success", "msg" => _t("E-mail sent successfully"));
if (!empty($errors)) {
$resp = array("status" => "fail", "msg" => $errors);
}
echo json_encode($resp);
}
public function move($tids, $dest)
{
$user = \CODOF\User\User::get();
if (!$user->can('move topics')) {
exit('access denied');
}
$counts = \DB::table(PREFIX . 'codo_topics AS c')->select('cat_id', \DB::raw('COUNT(topic_id) AS count'))->whereIn('topic_id', $tids)->groupBy('cat_id')->get();
foreach ($counts as $count) {
\DB::table(PREFIX . 'codo_categories')->where('cat_id', $count['cat_id'])->decrement('no_topics', $count['count']);
}
\DB::table(PREFIX . 'codo_topics')->whereIn('topic_id', $tids)->update(array('cat_id' => $dest));
$counts = \DB::table(PREFIX . 'codo_topics AS c')->select('cat_id', \DB::raw('COUNT(topic_id) AS count'))->whereIn('topic_id', $tids)->groupBy('cat_id')->get();
foreach ($counts as $count) {
\DB::table(PREFIX . 'codo_categories')->where('cat_id', $count['cat_id'])->increment('no_topics', $count['count']);
}
}
/**
* Checks if particular topic can be viewed by current user or not
* @param int $tuid topic creator's userid
* @param int $cid
* @param int $tid
*/
public function canDeleteTopic($tuid, $cid, $tid)
{
$user = \CODOF\User\User::get();
return $tuid == $user->id && $user->canAny(array('delete my topics', 'delete all topics'), $cid, $tid) || $tuid != $user->id && $user->can('delete all topics', $cid, $tid);
//can i reply to others' topic ?
}
/** private functions --------------------------------------------------------- */
public function gen_posts_arr($posts, $search = false)
{
$_posts = array();
$user = \CODOF\User\User::get();
$uid = $user->id;
$i = 0;
foreach ($posts as $post) {
$message = \CODOF\Format::message($post['message']);
if ($search) {
$message = $search->get_matching_str($message);
}
$_posts[$i] = array("id" => $post['id'], "avatar" => \CODOF\Util::get_avatar_path($post['avatar'], $post['id']), "name" => $post['name'], "post_created" => \CODOF\Time::get_pretty_time($post['post_created']), "post_modified" => \CODOF\Time::get_pretty_time($post['post_modified']), "post_id" => $post['post_id'], "message" => $message, "imessage" => $post['imessage'], "reputation" => $post['reputation'], "role" => \CODOF\User\User::getRoleName($post['rid']), "no_posts" => \CODOF\Util::abbrev_no($post['no_posts'], 1), "signature" => $post['signature']);
$_posts[$i]['tid'] = $this->tid;
$_posts[$i]['page'] = $this->from + 1;
$_posts[$i]['safe_title'] = $this->safe_title;
if ($this->topic_post_id == $post['post_id']) {
//is a topic
$_posts[$i]['is_topic'] = true;
if ($post['id'] == $uid) {
//this topic belongs to current user
$_posts[$i]['can_edit_topic'] = $user->can(array('edit my topics', 'edit all topics'), $this->cat_id);
$_posts[$i]['can_delete_topic'] = $user->can(array('delete my topics', 'delete all topics'), $this->cat_id);
} else {
$_posts[$i]['can_edit_topic'] = $user->can('edit all topics', $this->cat_id);
$_posts[$i]['can_delete_topic'] = $user->can('delete all topics', $this->cat_id);
}
$_posts[$i]['can_manage_topic'] = $_posts[$i]['can_edit_topic'] || $_posts[$i]['can_delete_topic'];
} else {
$_posts[$i]['is_topic'] = false;
if ($post['id'] == $uid) {
//this topic belongs to current user
$_posts[$i]['can_edit_post'] = $user->can(array('edit my posts', 'edit all posts'), $this->cat_id);
$_posts[$i]['can_delete_post'] = $user->can(array('delete my posts', 'delete all posts'), $this->cat_id);
} else {
$_posts[$i]['can_edit_post'] = $user->can('edit all posts', $this->cat_id);
$_posts[$i]['can_delete_post'] = $user->can('delete all posts', $this->cat_id);
}
$_posts[$i]['can_manage_post'] = $_posts[$i]['can_edit_post'] || $_posts[$i]['can_delete_post'];
}
$_posts[$i]['can_see_history'] = $user->can('see history', $this->cat_id);
if ($this->tuid == $uid) {
//if my topic
$_posts[$i]['can_reply'] = true;
//i can reply to my own topic
} else {
$_posts[$i]['can_reply'] = $user->can('reply to all topics', $this->cat_id, $this->tid);
}
if ($search) {
$_posts[$i]['in_search'] = true;
}
$i++;
}
return $_posts;
}
public function get_user()
{
return \CODOF\User\User::get();
}
/**
*
* @param type $events
* @return array
*
* array(
*
* //mentions of topics/categories, i am not following
* //[User] mentioned you in [title]
* "rawMentions" => array (
*
* array (
*
* "title" //topic title
* "tid" //topic id
* "pid" //post id
* "uid" //user id
* "avatar" //absolute url
* "username"
* )
* )
*
* //replies, mentions of my topics
* "myTopics" = array (
*
*
* "$tid" => array (
*
* "meta" => array (
*
* "new_topic_pid" => $pid //point to post id of new topic
* //other info
* ),
*
* "$pid" => array(
*
* "mention" => true
* ...other info
* )
* )
*
* //replies, mentions of topics of topics/categories i follow
* "following" = array (
*
* //similar to [myTopics]
* )
*
*
*
* )
*
* //if event is of type "new_reply", it means either i have created that
* //topic or i am following that topic
* //if event is of type "new_topic", it means either i have created that
* //topic or i am following that category
* //if event is of type "mention" AND there is no corresponding "new_reply"
* //or "new_topic", it means it is a rawMention
* //so to segregate rawMentions i have to store topic ids of "new_reply"
* //& "new_topic" and then isset() to check is all that will be left
*/
protected function sort($events)
{
$_events = array("rawMentions" => array(), "myTopics" => array(), "following" => array());
$tids = array();
//topic ids array
$mentions = array();
//
$user = \CODOF\User\User::get();
foreach ($events as $event) {
$data = json_decode($event['data'], true);
if ($event['type'] == 'new_reply' || $event['type'] == 'new_topic') {
$tids[$data['tid']] = 1;
//to use isset instead of in_array
$type = $data['tuid'] == $user->id ? 'myTopics' : 'following';
//store topic meta once to avoid redundant data
if (!isset($_events[$type][$data['tid']])) {
$_events[$type][$data['tid']] = array("meta" => $this->getMetaInfo($data));
$_events[$type][$data['tid']]["replies"] = array();
}
//tell this topic is new
if ($event['type'] == 'new_topic') {
$_events[$type][$data['tid']]['meta']['new_topic_pid'] = $data['pid'];
$this->newTopics++;
} else {
$this->newPosts++;
}
$date = date('M-d-h-i-A', $event['created']);
list($month, $day, $hour, $minute, $meridiem) = explode("-", $date);
$time = array("month" => $month, "day" => $day, "hour" => $hour, "minute" => $minute, "meridiem" => $meridiem);
$_events[$type][$data['tid']]["replies"][$data['pid']] = array("actor" => $data['actor'], "pid" => $data['pid'], "time" => $time, "message" => $data['message']);
}
if ($event['type'] == 'mention') {
$mentions[] = $event;
}
}
//now merge $mentions with $_events
foreach ($mentions as $mention) {
$data = json_decode($mention['data'], true);
//if this mention exists in "new_reply" or "new_topic"
if (isset($tids[$data['tid']])) {
if ($data['tuid'] == $user->id) {
$_events['myTopics'][$data['tid']]['replies'][$data['pid']]['mention'] = true;
} else {
$_events['following'][$data['tid']]['replies'][$data['pid']]['mention'] = true;
}
} else {
$date = date('M-d-h-i-A', $mention['created']);
list($month, $day, $hour, $minute, $meridiem) = explode("-", $date);
$data['time'] = array("month" => $month, "day" => $day, "hour" => $hour, "minute" => $minute, "meridiem" => $meridiem);
$_events['rawMentions'][] = $data;
}
}
return $_events;
}
/**
* Saves permissions of all roles from the database
*/
private static function getPermissions()
{
$db = \DB::getPDO();
$user = \CODOF\User\User::get();
$uid = $user->id;
$rids = $user->rids;
$qry = 'SELECT * FROM codo_permissions WHERE rid IN (' . implode(",", $rids) . ')';
$obj = $db->query($qry);
$result = $obj->fetchAll();
$permissions = self::$permissions;
foreach ($result as $res) {
if (isset($permissions[$uid][$res['permission']][$res['cid']][$res['tid']])) {
if ($res['granted'] == '1') {
//change only if higher priority i.e Granted
$permissions[$uid][$res['permission']][$res['cid']][$res['tid']] = 1;
}
} else {
$permissions[$uid][$res['permission']][$res['cid']][$res['tid']] = (int) $res['granted'];
}
}
self::$permissions = $permissions;
}
/**
*
* Marks entire forum as read
*/
public function mark_forum_as_read()
{
$me = \CODOF\User\User::get();
if ($me->loggedIn()) {
$uid = $me->id;
//set the user last read time as current time
$me->set(array("read_time" => time()));
$del_cats = "DELETE FROM " . PREFIX . "codo_unread_categories WHERE uid={$uid}";
$this->db->query($del_cats);
$del_topics = "DELETE FROM " . PREFIX . "codo_unread_topics WHERE uid={$uid}";
$this->db->query($del_topics);
}
}
$secret = CODOF\Util::get_opt('sso_secret');
if (!empty($user)) {
unset($user['token']);
$sso_token = md5(urlencode(json_encode($user)) . $secret . $_POST['timestamp']);
}
$username = $user['name'];
$mail = $user['mail'];
if ($sso_token != $posted_token) {
echo 'error';
exit;
}
$db = DB::getPDO();
if (!CODOF\User\User::mailExists($mail)) {
//this user does not have an account in codoforum
$reg = new \CODOF\User\Register($db);
if (\CODOF\User\User::usernameExists($username)) {
$username .= time();
}
$reg->username = $username;
$reg->name = $username;
$reg->mail = $mail;
$reg->user_status = 1;
$ret = $reg->register_user();
$reg->login();
if (!empty($ret)) {
echo "error";
}
} else {
CODOF\User\User::loginByMail($mail);
}
}
return $mentioner->find($q, $cid, $tid);
});
dispatch_get('Ajax/cron/run/:name', function ($name) {
$user = CODOF\User\User::get();
if (Request::valid($_GET['token']) && $user->hasRoleId(ROLE_ADMIN)) {
$cron = new \CODOF\Cron\Cron();
if (!$cron->run($name)) {
echo 'Unable to run cron ' . $name . ' because another cron is already running';
}
}
//exit;
});
//-------------PAGES--------------------------
dispatch_get('/page/:id/:url', function ($id, $url) {
$pid = (int) $id;
$user = \CODOF\User\User::get();
$qry = 'SELECT title, content FROM ' . PREFIX . 'codo_pages p ' . ' LEFT JOIN ' . PREFIX . 'codo_page_roles r ON r.pid=p.id ' . ' WHERE (r.rid IS NULL OR (r.rid IS NOT NULL AND r.rid IN (' . implode($user->rids) . ')))' . ' AND p.id=' . $pid;
$res = \DB::getPDO()->query($qry);
$row = $res->fetch();
if ($row) {
$title = $row['title'];
$content = $row['content'];
$smarty = CODOF\Smarty\Single::get_instance();
$smarty->assign('contents', $content);
\CODOF\Store::set('sub_title', $title);
\CODOF\Smarty\Layout::load('page');
\CODOF\Hook::call('on_page_load', array($id));
} else {
$page = \DB::table(PREFIX . 'codo_pages')->where('id', $id)->first();
if ($page == null) {
\CODOF\Smarty\Layout::not_found();
public function can_down($pid, $to_id)
{
$user = \CODOF\User\User::get();
$res = \DB::table(PREFIX . 'codo_daily_rep_log')->select('rep_count', 'start_rep_time')->where('uid', '=', $user->id)->first();
if (!$res) {
$res['rep_count'] = 0;
$res['start_rep_time'] = time();
\DB::table(PREFIX . 'codo_daily_rep_log')->insert(array("uid" => $user->id, "rep_count" => 0, "start_rep_time" => time()));
}
$max_rep_allowed = \CODOF\Util::get_opt('max_rep_per_day');
//RULE 1: User can give max X rep per day
$one_day = 24 * 60 * 60;
$within_one_day = time() - $res['start_rep_time'] < $one_day;
$this->max_rep_count_reached = $res['rep_count'] == $max_rep_allowed;
$this->rule1 = !($this->max_rep_count_reached && $within_one_day);
//RULE 2: User must have X reputation points or Y posts to increment reputation
$rep_to_inc = \CODOF\Util::get_opt('rep_req_to_dec');
$posts_to_inc = \CODOF\Util::get_opt('posts_req_to_dec');
$this->rule2 = $user->reputation >= $rep_to_inc && $user->no_posts >= $posts_to_inc;
//RULE 3: Reputation cannot be given/taken to same user more N times
// until X hours have passed
$rep_times_same_user = \CODOF\Util::get_opt('rep_times_same_user');
$rep_hours_same_user = \CODOF\Util::get_opt('rep_hours_same_user');
$rep_seconds_same_user = $rep_hours_same_user * 60;
$rows = \DB::table(PREFIX . 'codo_reputation')->where('from_id', '=', $user->id)->where('to_id', '=', $to_id)->where('post_id', '=', $pid)->where('rep_time', '>', time() - $rep_seconds_same_user)->select('points')->get();
$numbers_of_reps = count($rows);
$this->rule3 = $numbers_of_reps < $rep_times_same_user;
//RULE 4: User cannot give reputation to the same post more than once
$has_rep = \DB::table(PREFIX . 'codo_reputation')->where('from_id', '=', $user->id)->where('post_id', '=', $pid)->where('points', '=', 1)->get();
$this->rule4 = !$has_rep;
$this->rule5 = $user->id != $to_id;
return $this->rule1 && $this->rule2 && $this->rule3 && $this->rule4 && $this->rule5 && $user->can('rep up');
}
/**
*
* @param array $data
* @return bool
*/
public function queueNotify($type, $data)
{
if (!isset($data['actor'])) {
$user = \CODOF\User\User::get();
$data["actor"] = array("username" => $user->username, "id" => $user->id, "role" => \CODOF\User\User::getRoleName($user->rid), "avatar" => $user->rawAvatar);
}
//Insert notification data JSON encoded
$nid = \DB::table(PREFIX . 'codo_notify_text')->insertGetId(array("data" => json_encode($data)));
//queue notification
$qry = "INSERT INTO " . PREFIX . "codo_notify_queue (type, nid) " . " VALUES(:type, :nid)";
$stmt = $this->db->prepare($qry);
$created = $stmt->execute(array("type" => $type, "nid" => $nid));
$cron = new \CODOF\Cron\Cron();
$cron->setOnce('notify', 0);
return $created;
}
public function deleteReply($_tid)
{
$db = \DB::getPDO();
$pid = (int) $_tid;
$qry = 'SELECT p.post_status, p.cat_id, p.topic_id,p.uid, p.imessage FROM ' . PREFIX . 'codo_posts AS p' . ' WHERE p.post_id=' . $pid;
$res = $db->query($qry);
if ($res) {
$row = $res->fetch();
$status = $row['post_status'];
$cid = $row['cat_id'];
$text = $row['imessage'];
$user = \CODOF\User\User::get();
if ($user->can('moderate posts', $cid)) {
$qry = 'UPDATE ' . PREFIX . 'codo_posts SET post_status=' . \CODOF\Forum\Forum::DELETED . ' WHERE post_id=' . $pid;
$db->query($qry);
if ($status == \CODOF\Forum\Forum::PRE_MODERATION) {
$filter = new \CODOF\SpamFilter();
$filter->spam($text);
}
}
}
}
public function topic($tid, $page)
{
$topic = new \CODOF\Forum\Topic($this->db);
$post = new \CODOF\Forum\Post($this->db);
$topic_info = $topic->get_topic_info($tid);
if ($topic_info['topic_status'] == \CODOF\Forum\Forum::MERGED_REDIRECT_ONLY) {
$tid = $topic_info['redirect_to'];
$topic_info = $topic->get_topic_info($tid);
}
if ($topic_info['topic_status'] == \CODOF\Forum\Forum::MODERATION_BY_FILTER) {
$topic_is_spam = true;
} else {
$topic_is_spam = false;
}
$this->smarty->assign('topic_is_spam', $topic_is_spam);
$user = \CODOF\User\User::get();
if ($topic_is_spam) {
if (!($user->can('moderate topics') || $user->id == $topic_info['uid'])) {
$this->view = 'access_denied';
return false;
}
}
if (!$topic->canViewTopic($topic_info['uid'], $topic_info['cat_id'], $topic_info['topic_id'])) {
//\CODOF\Hook::call('page not found', array('type' => 'topic', 'id' => $tid));
\CODOF\Store::set('sub_title', _t('Access denied'));
$this->view = 'access_denied';
return;
}
$tracker = new \CODOF\Forum\Tracker($this->db);
$tracker->mark_topic_as_read($topic_info['cat_id'], $tid);
if (!$topic_info) {
$this->view = 'not_found';
} else {
$posts_per_page = \CODOF\Util::get_opt("num_posts_per_topic");
if (strpos($page, "post-") !== FALSE) {
$pid = (int) str_replace("post-", "", $page);
$prev_posts = $post->get_num_prev_posts($tid, $pid);
$from = floor($prev_posts / $posts_per_page);
} else {
$from = (int) $page - 1;
}
$topic_info['no_replies'] = $topic_info['no_posts'] - 1;
$name = \CODOF\Filter::URL_safe($topic_info['title']);
$subscriber = new \CODOF\Forum\Notification\Subscriber();
$this->smarty->assign('no_followers', $subscriber->followersOfTopic($topic_info['topic_id']));
if (\CODOF\User\CurrentUser\CurrentUser::loggedIn()) {
$this->smarty->assign('my_subscription_type', $subscriber->levelForTopic($topic_info['topic_id']));
}
$this->smarty->assign('tags', $topic->getTags($topic_info['topic_id']));
$api = new Ajax\forum\topic();
$posts_data = $api->get_posts($tid, $from, $topic_info);
$num_pages = $posts_data['num_pages'];
$posts = $posts_data['posts'];
$posts_tpl = \CODOF\HB\Render::tpl('forum/topic', $posts_data);
$this->smarty->assign('posts', $posts_tpl);
$this->smarty->assign('topic_info', $topic_info);
$this->smarty->assign('title', htmlentities($topic_info['title'], ENT_QUOTES, "UTF-8"));
$search_data = array();
if (isset($_GET['str'])) {
$search_data = array('str' => strip_tags($_GET['str']));
}
$this->smarty->assign('search_data', json_encode($search_data));
$url = 'topic/' . $topic_info['topic_id'] . '/' . $name . '/';
$this->smarty->assign('pagination', $post->paginate($num_pages, $from + 1, $url, false, $search_data));
if (ceil(($topic_info['no_posts'] + 1) / $posts_per_page) > $num_pages) {
//next reply will go to next page
$this->smarty->assign('new_page', 'yes');
} else {
$this->smarty->assign('new_page', 'nope');
}
$cat = new \CODOF\Forum\Category($this->db);
$cats = $cat->get_categories();
$cid = $topic_info['cat_id'];
$parents = $cat->find_parents($cats, $cid);
array_push($parents, array("name" => $topic_info['cat_name'], "alias" => $topic_info['cat_alias']));
$this->smarty->assign('can_search', $user->can('use search'));
$this->smarty->assign('parents', $parents);
$this->smarty->assign('num_pages', $num_pages);
$this->smarty->assign('curr_page', $from + 1);
//starts from 1
$this->smarty->assign('url', RURI . $url);
$this->assign_editor_vars();
$tuid = $topic_info['uid'];
$this->assign_admin_vars($tuid);
$this->css_files = array('topic', 'editor', 'jquery.textcomplete');
$arr = array(array('topic/topic.js', array('type' => 'defer')), array('modal.js', array('type' => 'defer')), array('bootstrap-slider.js', array('type' => 'defer')));
$this->js_files = array_merge($arr, $post->get_js_editor_files());
\CODOF\Hook::call('on_topic_view', array($topic_info));
$this->view = 'forum/topic';
\CODOF\Store::set('sub_title', $topic_info['title']);
\CODOF\Store::set('og:type', 'article');
\CODOF\Store::set('og:title', $topic_info['title']);
\CODOF\Store::set('og:url', RURI . $url);
$mesg = $posts[0]['imessage'];
\CODOF\Store::set('og:desc', strlen($mesg) > 200 ? substr($mesg, 0, 197) . "..." : $mesg);
if ($from > 0) {
//previous page exists
\CODOF\Store::set('rel:prev', RURI . $url . $from);
}
$curr_page = $from + 1;
if ($curr_page < $num_pages) {
//next page exists
\CODOF\Store::set('rel:next', RURI . $url . ($curr_page + 1));
}
\CODOF\Store::set('article:published', date('c', $topic_info['topic_created']));
if ($topic_info['topic_updated'] > 0) {
\CODOF\Store::set('article:modified', date('c', $topic_info['topic_updated']));
}
}
}
public function confirm()
{
$this->view = 'user/confirm';
$action = array();
if (empty($_GET['user']) || empty($_GET['token'])) {
$action['result'] = 'VAR_NOT_PASSED';
//$action['text'] = 'We are missing variables. Please double check your email.';
} else {
//cleanup the variables
$username = $_GET['user'];
$token = $_GET['token'];
//check if the key is in the database
$qry = "SELECT username FROM " . PREFIX . "codo_signups WHERE username=:username AND token=:token LIMIT 1 OFFSET 0";
$stmt = $this->db->prepare($qry);
$result = $stmt->execute(array("username" => $username, "token" => $token));
if ($result) {
//get the confirm info
$res = $stmt->fetch();
$reg_req_admin = \CODOF\Util::get_opt('reg_req_admin');
$user_status = 1;
if ($reg_req_admin == 'yes') {
$user_status = 2;
}
//confirm the email and update the users database
$qry = "UPDATE " . PREFIX . "codo_users SET user_status={$user_status} WHERE username=:username";
$stmt = $this->db->prepare($qry);
$stmt->execute(array("username" => $username));
if ($reg_req_admin == 'no') {
$user = \CODOF\User\User::getByUsername($username);
$qry = "UPDATE " . PREFIX . "codo_user_roles SET rid=:rid WHERE uid=" . $user->id;
$stmt = $this->db->prepare($qry);
$stmt->execute(array("rid" => ROLE_USER));
}
//delete the signup rows associated with the selected username
$qry = "DELETE FROM " . PREFIX . "codo_signups WHERE username = '******'username'] . "'";
$this->db->query($qry);
$action['result'] = 'SUCCESS';
} else {
$action['result'] = 'VAR_NOT_FOUND';
}
}
\CODOF\Store::set('sub_title', _t('Confirm user'));
$this->smarty->assign('result', $action['result']);
}
public function reset_admin_account($admin_mail)
{
$admin = $_SESSION['backup_admin_account'];
//we need to preserve the imported user id, the no of posts and
//profile views
unset($admin['id'], $admin['no_posts'], $admin['profile_views'], $admin['signature'], $admin['rawAvatar'], $admin['rid'], $admin['rids']);
\DB::table('codo_user_roles')->where('uid', $_SESSION['new_admin_uid'])->update(array('rid' => ROLE_ADMIN));
$me = \CODOF\User\User::getByMail($admin_mail);
//update user with $admin where mail=$admin_mail
$me->set($admin);
//reset admin userid
$_SESSION[UID . 'USER']['id'] = $_SESSION['new_admin_uid'];
}
/**
*
* Ajax/topics/get_topics/:page/filter=[str=:str,]/sort=[title,created]
*
*/
public function get_topics($from, $search = false)
{
$from = (int) $from;
$num_pages = 0;
$num_posts = \CODOF\Util::get_opt('num_posts_all_topics');
/* if(!$from) {
$from = \CODOF\Util::get_opt('num_posts_all_topics');
} */
$topic = new \CODOF\Forum\Topic($this->db);
$topic->ajax = true;
$topics = array();
if ($search) {
$user = \CODOF\User\User::get();
if (!$user->can('use search')) {
exit('permission denied');
}
$search = new \CODOF\Search\Search();
$search->str = $_GET['str'];
$search->from = $from;
$search->num_results = $num_posts;
$search->count_rows = true;
//include sub categories ?
/* if ($_GET['search_subcats'] == 'Yes') {
$cat = new \CODOF\Forum\Category($this->db);
//get sub categories of all selected categories
$tree = $cat->generate_tree($cat->get_categories());
foreach ($tree as $branch) {
$this->get_children($branch, $_GET['cats']);
}
} */
//$cat_ids = array_merge($this->ids, $_GET['cats']);
//$cats = implode(",", $cat_ids);
$search->cats = null;
$search->match_titles = $_GET['match_titles'];
$search->order = $_GET['order'];
$search->sort = $_GET['sort'];
$search->time_within = $_GET['search_within'];
$res = $search->search($from);
$num_pages = $search->get_total_count();
$topics = $topic->gen_topic_arr_all_topics($res, $search);
//var_dump($topics);
} else {
$_topics = $topic->get_all_topics($from);
$tids = array();
foreach ($_topics as $one_topic) {
$tids[] = $one_topic['topic_id'];
}
if (\CODOF\User\CurrentUser\CurrentUser::loggedIn()) {
$tracker = new \CODOF\Forum\Tracker($this->db);
//0.76 = 3 queries
$topic->new_topic_ids = $tracker->get_all_new_topic_ids($tids);
$topic->new_replies = $tracker->get_new_reply_counts($tids);
}
$topic->tags = $topic->getAllTags($tids);
$topics = $topic->gen_topic_arr_all_topics($_topics);
}
return array("topics" => $topics, "page_no" => $from ? $from / $num_posts : 1, "num_posts" => $num_posts, "num_pages" => $num_pages);
}
public static function load($tpl, $css_files = array(), $js_files = array())
{
\CODOF\Util::inc_global_views();
//This sets all variables which will be used by the theme
require CURR_THEME_PATH . 'theme.php';
$page = array();
\CODOF\Hook::call('before_site_head');
\CODOF\Hook::call('tpl_before_' . str_replace("/", "_", $tpl));
$asset = new \CODOF\Asset\Stream();
$page["head"]["css"] = $asset->dumpCSS();
//\CODOF\Theme\Js::sort_js();
$page["head"]["js"] = $asset->dumpJS('head');
$page["body"]["js"] = $asset->dumpJS('body');
$page["defer"] = json_encode($asset->deferred());
//after all modification its time for smarty to display the mod data
$smarty = Single::get_instance();
$site_title = \CODOF\Util::get_opt('site_title');
$sub_title = \CODOF\Store::get('sub_title');
$smarty->assign('site_title', $site_title);
$smarty->assign('sub_title', $sub_title);
$smarty->assign('home_title', \CODOF\Store::get('home_title', _t('All topics')));
$smarty->assign('site_url', \CODOF\Util::get_opt('site_url'));
$smarty->assign('logged_in', \CODOF\User\CurrentUser\CurrentUser::loggedIn());
$smarty->assign('login_url', \CODOF\User\User::getLoginUrl());
$smarty->assign('logout_url', \CODOF\User\User::getLogoutUrl());
$smarty->assign('register_url', \CODOF\User\User::getRegisterUrl());
$smarty->assign('profile_url', \CODOF\User\User::getProfileUrl());
$smarty->assign('page', $page);
$smarty->assign('CSRF_token', \CODOF\Access\CSRF::get_token());
$smarty->assign('php_time_now', time());
$category = new \CODOF\Forum\Category();
$canCreateTopicInAtleastOneCategory = $category->canCreateTopicInAtleastOne();
$smarty->assign('canCreateTopicInAtleastOneCategory', $canCreateTopicInAtleastOneCategory);
$page = \CODOF\Store::get('rel:canonical_page', isset($_GET['u']) ? $_GET['u'] : '');
$smarty->assign('canonical', rtrim(RURI, '/') . strip_tags($page));
if (\CODOF\Store::has('rel:prev')) {
$smarty->assign('rel_prev', \CODOF\Store::get('rel:prev'));
}
if (\CODOF\Store::has('rel:next')) {
$smarty->assign('rel_next', \CODOF\Store::get('rel:next'));
}
if (\CODOF\Store::has('meta:robots')) {
$smarty->assign('meta_robots', \CODOF\Store::get('meta:robots'));
}
$og = array("type" => \CODOF\Store::get('og:type', 'website'), "title" => \CODOF\Store::get('og:title', $sub_title . ' | ' . $site_title));
if (\CODOF\Store::has('og:url')) {
$og['url'] = \CODOF\Store::get('og:url');
}
if (\CODOF\Store::has('og:desc')) {
$og['desc'] = \CODOF\Store::get('og:desc');
} else {
$og['desc'] = \CODOF\Util::get_opt('site_description');
}
if (\CODOF\Store::has('og:image')) {
$og['image'] = \CODOF\Store::get('og:image');
}
$smarty->assign('og', $og);
if (\CODOF\Store::has('article:published')) {
$smarty->assign('article_published', \CODOF\Store::get('article:published'));
}
if (\CODOF\Store::has('article:modified')) {
$smarty->assign('article_modified', \CODOF\Store::get('article:modified'));
}
$I = \CODOF\User\User::get();
//current user details
$smarty->assign('I', $I);
$smarty->assign('can_moderate_posts', $I->can('moderate posts'));
if (\CODOF\User\CurrentUser\CurrentUser::loggedIn()) {
$notifier = new \CODOF\Forum\Notification\Notifier();
$smarty->assign('unread_notifications', $notifier->getNoOfUnread());
}
$html = $smarty->fetch("{$tpl}.tpl");
require_once SYSPATH . 'Ext/simplehtmldom/simple_html_dom.php';
$dom = new \simple_html_dom();
$dom->load($html, true, false);
//let plugins modify html
\CODOF\Hook::call('tpl_after_' . str_replace("/", "_", $tpl), $dom);
\CODOF\Hook::call('after_site_head', $dom);
echo $dom->save();
}
public function mail($mail)
{
$errors = array();
if (!filter_var($mail, FILTER_VALIDATE_EMAIL)) {
$errors[] = _t("email address not formatted correctly");
}
if (\CODOF\User\User::mailExists($mail)) {
$errors[] = _t("email address is already registered");
}
$this->errors = array_merge($errors, $this->errors);
if (empty($errors)) {
\CODOF\Hook::call('on_mail_ok');
return TRUE;
//passed
}
\CODOF\Hook::call('on_mail_fail');
return FALSE;
//Fail
}
public function makeContentAnonymous()
{
$user = User::getByMail("anonymous@localhost");
\DB::table(PREFIX . 'codo_topics')->where('uid', $this->user->id)->update(array('uid' => $user->id));
\DB::table(PREFIX . 'codo_posts')->where('uid', $this->user->id)->update(array('uid' => $user->id));
//delete unwanted records
\DB::table(PREFIX . "codo_user_roles")->where('uid', '=', $this->user->id)->delete();
\DB::table(PREFIX . "codo_user_preferences")->where('uid', '=', $this->user->id)->delete();
\DB::table(PREFIX . 'codo_unread_topics')->where('uid', $this->user->id)->delete();
\DB::table(PREFIX . 'codo_unread_categories')->where('uid', $this->user->id)->delete();
\DB::table(PREFIX . 'codo_notify_subscribers')->where('uid', $this->user->id)->delete();
}
/**
* Conditionns of SQL query that restrict users to view topics
* based on user roles/groups assigned to them
*/
protected function getPermissionConditions($permission, $alias = 't')
{
$user = \CODOF\User\User::get();
$rids = implode(",", $user->rids);
/**
*
* 0 0 view all topics 0
* 0 0 view my topics 1
* 3 0 view all topics 1
* 3 0 view my topics 0
*
*
*/
//NOTE: 'view my topics' & 'view all topics' are mutuall exclusive
// so they both cannot be set as granted at once.
//TODO: Is topic level permission really required ?
$conditions = ' ' . 'EXISTS (SELECT 1 FROM codo_permissions AS permission ' . ' WHERE permission.rid IN (' . $rids . ') ' . ' AND ' . ' (' . ' (' . ' permission.cid = ' . $alias . '.cat_id' . ' AND permission.tid=0 ' . ' )' . ' OR ' . ' permission.tid=' . $alias . '.topic_id' . ' ) ' . ' AND permission.granted=1 ' . ' AND ' . ' (' . ' permission.permission=\'' . $permission . '\' OR ' . ' (permission.permission=\'' . $permission . '\' AND ' . $alias . '.uid=' . $user->id . ') ' . ' ) ' . ' )';
return $conditions;
}