/**
* Used to determine if difference between positive and negative ratings changes, and makes appropriate changes to the rating given to user.
*
* @param $to_user_id
* @param $from_user_id
* @param $current_score
* @param $new_score
* @param $action
*/
private function setUserRating($to_user_id, $from_user_id, $current_score, $new_score, $sql_ary, $action)
{
$to_user_id = (int) $to_user_id;
$from_user_id = (int) $from_user_id;
$current_score = (int) $current_score;
$new_score = (int) $new_score;
$difference = $this->countFeedbackType($to_user_id, $from_user_id);
$insert = true;
switch ($action) {
case 'add':
$new_difference = $difference + $new_score;
$insert = $this->db->sql_query('INSERT INTO ' . $this->tables['feedback'] . ' ' . $this->db->sql_build_array('INSERT', $sql_ary));
$next_id = $this->db->sql_nextid();
break;
case 'revert':
$new_difference = $difference + $current_score;
break;
case 'edit':
$new_difference = $difference - $current_score + $new_score;
break;
case 'delete':
$new_difference = $difference - $current_score;
break;
}
if ($this->normalize($difference) != $this->normalize($new_difference) && $insert) {
$this->removeUserRating($to_user_id, $this->normalize($difference));
$this->giveUserRating($to_user_id, $this->normalize($new_difference));
} else {
if ($this->get_users_feedback_count($to_user_id) == 1 && $this->normalize($new_difference) == 0 && $insert) {
$this->giveUserRating($to_user_id, self::RATE_NEUTRAL);
}
}
return $next_id;
}
/**
* Set own position on map
*
* @return type
*/
public function position()
{
if ($this->user->data['user_id'] == ANONYMOUS || !$this->auth->acl_get('u_usermap_add')) {
trigger_error('NOT_AUTHORISED');
}
$data = array('user_usermap_lon' => substr($this->request->variable('lon', ''), 0, 10), 'user_usermap_lat' => substr($this->request->variable('lat', ''), 0, 10));
if (confirm_box(true)) {
if (!function_exists('validate_data')) {
include $this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext;
}
$error = validate_data($data, array('user_usermap_lon' => array('match', false, self::REGEX_LON), 'user_usermap_lat' => array('match', false, self::REGEX_LAT)));
if (sizeof($error)) {
$error = array_map(array($this->user, 'lang'), $error);
trigger_error(implode('<br>', $error));
}
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $this->db->sql_build_array('UPDATE', $data) . '
WHERE user_id = ' . (int) $this->user->data['user_id'];
$this->db->sql_query($sql);
trigger_error('POSITION_SET');
} else {
confirm_box(false, $this->user->lang('CONFIRM_COORDINATES_SET', $data['user_usermap_lon'], $data['user_usermap_lat']), build_hidden_fields(array('lon' => $data['user_usermap_lon'], 'lat' => $data['user_usermap_lat'])));
}
return $this->index();
}
public function position()
{
if ($this->user->data['user_id'] == ANONYMOUS || !$this->auth->acl_get('u_usermap_add')) {
trigger_error('NOT_AUTHORISED');
}
$lon = substr($this->request->variable('lon', ''), 0, 10);
$lat = substr($this->request->variable('lat', ''), 0, 10);
if (confirm_box(true)) {
$data = array('user_usermap_lon' => $lon, 'user_usermap_lat' => $lat);
if (!function_exists('validate_data')) {
include $this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext;
}
$error = validate_data($data, array('user_usermap_lon' => array(array('string', true, 5, 10)), 'user_usermap_lat' => array(array('string', true, 5, 10))));
$error = array_map(array($this->user, 'lang'), $error);
if (sizeof($error)) {
trigger_error(implode('<br>', $error) . '<br><br><a href="' . $this->helper->route('tas2580_usermap_index', array()) . '">' . $this->user->lang('BACK_TO_USERMAP') . '</a>');
}
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $this->db->sql_build_array('UPDATE', $data) . '
WHERE user_id = ' . (int) $this->user->data['user_id'];
$this->db->sql_query($sql);
trigger_error('POSITION_SET');
} else {
confirm_box(false, $this->user->lang('CONFIRM_COORDINATES_SET', $lon, $lat), build_hidden_fields(array('lon' => $lon, 'lat' => $lat)));
}
return $this->index();
}
/**
* {@inheritDoc}
*/
public function add($mode, $user_id, $log_ip, $log_operation, $log_time = false, $additional_data = array())
{
if (!$this->is_enabled($mode)) {
return false;
}
if ($log_time === false) {
$log_time = time();
}
$sql_ary = array('user_id' => !empty($user_id) ? $user_id : ANONYMOUS, 'log_ip' => !empty($log_ip) ? $log_ip : '', 'log_time' => $log_time, 'log_operation' => $log_operation);
switch ($mode) {
case 'admin':
$sql_ary += array('log_type' => LOG_ADMIN, 'log_data' => !empty($additional_data) ? serialize($additional_data) : '');
break;
case 'mod':
$forum_id = isset($additional_data['forum_id']) ? (int) $additional_data['forum_id'] : 0;
unset($additional_data['forum_id']);
$topic_id = isset($additional_data['topic_id']) ? (int) $additional_data['topic_id'] : 0;
unset($additional_data['topic_id']);
$post_id = isset($additional_data['post_id']) ? (int) $additional_data['post_id'] : 0;
unset($additional_data['post_id']);
$sql_ary += array('log_type' => LOG_MOD, 'forum_id' => $forum_id, 'topic_id' => $topic_id, 'post_id' => $post_id, 'log_data' => !empty($additional_data) ? serialize($additional_data) : '');
break;
case 'user':
$reportee_id = (int) $additional_data['reportee_id'];
unset($additional_data['reportee_id']);
$sql_ary += array('log_type' => LOG_USERS, 'reportee_id' => $reportee_id, 'log_data' => !empty($additional_data) ? serialize($additional_data) : '');
break;
case 'critical':
$sql_ary += array('log_type' => LOG_CRITICAL, 'log_data' => !empty($additional_data) ? serialize($additional_data) : '');
break;
}
/**
* Allows to modify log data before we add it to the database
*
* NOTE: if sql_ary does not contain a log_type value, the entry will
* not be stored in the database. So ensure to set it, if needed.
*
* @event core.add_log
* @var string mode Mode of the entry we log
* @var int user_id ID of the user who triggered the log
* @var string log_ip IP of the user who triggered the log
* @var string log_operation Language key of the log operation
* @var int log_time Timestamp, when the log was added
* @var array additional_data Array with additional log data
* @var array sql_ary Array with log data we insert into the
* database. If sql_ary[log_type] is not set,
* we won't add the entry to the database.
* @since 3.1.0-a1
*/
$vars = array('mode', 'user_id', 'log_ip', 'log_operation', 'log_time', 'additional_data', 'sql_ary');
extract($this->dispatcher->trigger_event('core.add_log', compact($vars)));
// We didn't find a log_type, so we don't save it in the database.
if (!isset($sql_ary['log_type'])) {
return false;
}
$this->db->sql_query('INSERT INTO ' . $this->log_table . ' ' . $this->db->sql_build_array('INSERT', $sql_ary));
return $this->db->sql_nextid();
}
/**
*
* https://github.com/paypal/ipn-code-samples/blob/master/paypal_ipn.php
*
* @return boolean
*/
public function ipn()
{
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
$keyval = explode('=', $keyval);
if (count($keyval) == 2) {
$myPost[$keyval[0]] = urldecode($keyval[1]);
}
}
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
if (function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
if ($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&{$key}={$value}";
}
$sql = 'SELECT paypal_sandbox
FROM ' . $this->table_config;
$result = $this->db->sql_query($sql);
$row = $this->db->sql_fetchrow($result);
$paypal_url = $row['paypal_sandbox'] == 1 ? 'https://www.sandbox.paypal.com/cgi-bin/webscr' : 'https://www.paypal.com/cgi-bin/webscr';
$ch = curl_init($paypal_url);
if ($ch == false) {
return false;
}
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
$res = curl_exec($ch);
curl_close($ch);
// Inspect IPN validation result and act accordingly
// Split response headers and payload, a better way for strcmp
$tokens = explode("\r\n\r\n", trim($res));
$res = trim(end($tokens));
if (strcmp($res, 'VERIFIED') == 0) {
$sql_data = array('user_id' => (int) $this->request->variable('custom', '0'), 'item_id' => (int) $this->request->variable('item_number', '0'), 'item_name' => $this->request->variable('item_number', '', true), 'donation_time' => time(), 'donation_amount' => $this->request->variable('mc_gross', '0'));
$sql = 'INSERT INTO ' . $this->table_donations . '
' . $this->db->sql_build_array('INSERT', $sql_data);
$this->db->sql_query($sql);
}
$headers = array('Content-Type' => 'application/xml; charset=UTF-8');
return new Response('', '200', $headers);
}
/**
* Update a blog post using the given information
*
* @param int $id
* @param string $title
* @param string $slug
* @param int $time
* @param int $edit_time
* @param string $edit_reason
* @param bool $status
* @param bool $locked
* @param int $poster_id
* @param int $comment_count
* @param string $content
* @param string $bbcode_uid
* @param string $bbcode_bitfield
* @param array $categories Array of category IDs
* @param array $tags Array of tag IDs
* @return bool
*/
public function update($id, $title, $slug, $time, $edit_time, $edit_reason, $status, $locked, $poster_id, $comment_count, $content, $bbcode_uid, $bbcode_bitfield, array $categories, array $tags)
{
$sql = 'UPDATE ' . $this->blog_posts_table . ' SET ' . $this->db->sql_build_array('UPDATE', array('title' => $title, 'slug' => $slug, 'time' => (int) $time, 'edit_time' => (int) $edit_time, 'edit_reason' => $edit_reason, 'status' => (bool) $status, 'locked' => (bool) $locked, 'poster_id' => (int) $poster_id, 'comment_count' => (int) $comment_count, 'content' => $content, 'bbcode_uid' => $bbcode_uid, 'bbcode_bitfield' => $bbcode_bitfield)) . ' WHERE id = ' . (int) $id;
$this->db->sql_query($sql);
// Handle category changes
$sql = 'SELECT category_id FROM ' . $this->blog_post_categories_table . ' WHERE post_id = ' . (int) $id;
$result = $this->db->sql_query($sql);
$current_categories = array();
while ($row = $this->db->sql_fetchrow($result)) {
$current_categories[] = $row['category_id'];
}
$this->db->sql_freeresult($result);
$added_categories = array_diff($categories, $current_categories);
$removed_categories = array_diff($current_categories, $categories);
foreach ($added_categories as $added_category) {
$sql = 'INSERT INTO ' . $this->blog_post_categories_table . ' ' . $this->db->sql_build_array('INSERT', array('post_id' => (int) $post_id, 'category_id' => (int) $added_category));
$this->db->sql_query($sql);
$sql = 'UPDATE ' . $this->blog_categories_table . ' SET post_count = post_count + 1 WHERE id = ' . (int) $category_id;
$this->db->sql_query($sql);
}
foreach ($removed_categories as $removed_category) {
$sql = 'DELETE FROM ' . $this->blog_post_categories_table . '
WHERE post_id = ' . (int) $id . '
AND category_id = ' . (int) $removed_category;
$this->db->sql_query($sql);
$sql = 'UPDATE ' . $this->blog_categories_table . ' SET post_count = post_count - 1 WHERE id = ' . (int) $category_id;
$this->db->sql_query($sql);
}
// Handle tag changes
$sql = 'SELECT tag_id FROM ' . $this->blog_post_tags_table . ' WHERE post_id = ' . (int) $id;
$result = $this->db->sql_query($sql);
$current_tags = array();
while ($row = $this->db->sql_fetchrow($result)) {
$current_tags[] = $row['tag_id'];
}
$this->db->sql_freeresult($result);
$added_tags = array_diff($tags, $current_tags);
$removed_categories = array_diff($current_tags, $tags);
foreach ($added_tags as $added_tag) {
$sql = 'INSERT INTO ' . $this->blog_post_tags_table . ' ' . $this->db->sql_build_array('INSERT', array('post_id' => (int) $post_id, 'category_id' => (int) $added_tag));
}
foreach ($removed_tags as $removed_tag) {
$sql = 'DELETE FROM ' . $this->blog_post_tags_table . '
WHERE post_id = ' . (int) $id . '
AND category_id = ' . (int) $removed_tag;
$this->db->sql_query($sql);
}
return true;
}
/**
* Update topics table
* @param object $user_colour The colour of the user chosen in the UCP
* @return null
* @access private
*/
private function update_tables($user_colour)
{
$sql_ary = array('topic_last_poster_colour' => $user_colour);
$sql = 'UPDATE ' . TOPICS_TABLE . ' SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . ' WHERE topic_last_poster_id = ' . $this->user->data['user_id'];
$this->db->sql_query($sql);
$sql_ary = array('topic_first_poster_colour' => $user_colour);
$sql = 'UPDATE ' . TOPICS_TABLE . ' SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . ' WHERE topic_poster = ' . $this->user->data['user_id'];
$this->db->sql_query($sql);
$sql_ary = array('forum_last_poster_colour' => $user_colour);
$sql = 'UPDATE ' . FORUMS_TABLE . ' SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . ' WHERE forum_last_poster_id = ' . $this->user->data['user_id'];
$this->db->sql_query($sql);
if ($this->config['newest_user_id'] == $this->user->data['user_id']) {
$this->config->set('newest_user_colour', $user_colour, true);
}
return;
}
/**
* The main function for recording reputation vote.
*
* @param array $data Reputation data
* @access public
* @return null
*/
public function store_reputation($data)
{
$data['reputation_time'] = time();
$fields = array('user_id_from' => 'integer', 'user_id_to' => 'integer', 'reputation_time' => 'integer', 'reputation_type' => 'string', 'reputation_item_id' => 'integer', 'reputation_points' => 'integer', 'reputation_comment' => 'string');
foreach ($fields as $field => $type) {
if (!isset($data[$field])) {
throw new \pico\reputation\exception\invalid_argument(array($field, 'FIELD_MISSING'));
}
$value = $data[$field];
settype($value, $type);
$data[$field] = $value;
}
// Get reputation type id
$data['reputation_type_id'] = $this->get_reputation_type_id($data['reputation_type']);
// Unset reputation type - it is not stored in DB
unset($data['reputation_type']);
$validate_unsigned = array('user_id_from', 'user_id_to', 'reputation_time', 'reputation_type_id', 'reputation_item_id');
foreach ($validate_unsigned as $field) {
if ($data[$field] < 0) {
throw new \pico\reputation\exception\out_of_bounds($field);
}
}
// Save reputation vote
$sql = 'INSERT INTO ' . $this->reputations_table . ' ' . $this->db->sql_build_array('INSERT', $data);
$this->db->sql_query($sql);
unset($this->reputation_id);
$this->reputation_id = $this->db->sql_nextid();
// Update post reputation
if ($data['reputation_type_id'] == $this->get_reputation_type_id('post')) {
$sql = 'UPDATE ' . POSTS_TABLE . "\n\t\t\t\tSET post_reputation = post_reputation + {$data['reputation_points']}\n\t\t\t\tWHERE post_id = {$data['reputation_item_id']}";
$this->db->sql_query($sql);
}
// Update user reputation
$sql = 'UPDATE ' . USERS_TABLE . "\n\t\t\tSET user_reputation = user_reputation + {$data['reputation_points']}\n\t\t\tWHERE user_id = {$data['user_id_to']}";
$this->db->sql_query($sql);
// Check max/min user points
if ($this->config['rs_max_point'] || $this->config['rs_min_point']) {
$this->check_max_min($data['user_id_to']);
}
}
/**
* Update a blog post using the given information
*
* @param int $id
* @param int $post_id
* @param int $time
* @param int $edit_time
* @param string $edit_reason
* @param bool $status
* @param int $poster_id
* @param int $comment_count
* @param string $content
* @param string $bbcode_uid
* @param string $bbcode_bitfield
* @return bool
*/
public function update($id, $title, $slug, $time, $edit_time, $edit_reason, $status, $locked, $poster_id, $comment_count, $content, $bbcode_uid, $bbcode_bitfield)
{
$sql = 'UPDATE ' . $this->blog_posts_table . ' SET ' . $this->db->sql_build_array('UPDATE', array('title' => $title, 'slug' => $slug, 'time' => (int) $time, 'edit_time' => (int) $edit_time, 'edit_reason' => $edit_reason, 'status' => (bool) $status, 'locked' => (bool) $locked, 'poster_id' => (int) $poster_id, 'comment_count' => (int) $comment_count, 'content' => $content, 'bbcode_uid' => $bbcode_uid, 'bbcode_bitfield' => $bbcode_bitfield)) . ' WHERE id = ' . (int) $id;
$this->db->sql_query($sql);
return true;
}
