function qa_create_new_user($email, $password, $handle, $level = QA_USER_LEVEL_BASIC, $confirmed = false)
{
require_once QA_INCLUDE_DIR . 'qa-db-users.php';
require_once QA_INCLUDE_DIR . 'qa-db-points.php';
require_once QA_INCLUDE_DIR . 'qa-app-options.php';
require_once QA_INCLUDE_DIR . 'qa-app-emails.php';
require_once QA_INCLUDE_DIR . 'qa-app-cookies.php';
$userid = qa_db_user_create($email, $password, $handle, $level, qa_remote_ip_address());
qa_db_points_update_ifuser($userid, null);
qa_db_uapprovecount_update();
if ($confirmed) {
qa_db_user_set_flag($userid, QA_USER_FLAGS_EMAIL_CONFIRMED, true);
}
if (qa_opt('show_notice_welcome')) {
qa_db_user_set_flag($userid, QA_USER_FLAGS_WELCOME_NOTICE, true);
}
$custom = qa_opt('show_custom_welcome') ? trim(qa_opt('custom_welcome')) : '';
if (qa_opt('confirm_user_emails') && $level < QA_USER_LEVEL_EXPERT && !$confirmed) {
$confirm = strtr(qa_lang('emails/welcome_confirm'), array('^url' => qa_get_new_confirm_url($userid, $handle)));
if (qa_opt('confirm_user_required')) {
qa_db_user_set_flag($userid, QA_USER_FLAGS_MUST_CONFIRM, true);
}
} else {
$confirm = '';
}
if (qa_opt('moderate_users') && qa_opt('approve_user_required') && $level < QA_USER_LEVEL_EXPERT) {
qa_db_user_set_flag($userid, QA_USER_FLAGS_MUST_APPROVE, true);
}
qw_send_notification($userid, $email, $handle, qa_lang('emails/welcome_subject'), nl2br(qa_lang('emails/welcome_body')), array('^password' => isset($password) ? qa_lang('main/hidden') : qa_lang('users/password_to_set'), '^url' => qa_opt('site_url'), '^custom' => strlen($custom) ? $custom . "\n\n" : '', '^confirm' => $confirm));
qa_report_event('u_register', $userid, $handle, qa_cookie_get(), array('email' => $email, 'level' => $level));
return $userid;
}
function mp_announcement_create($userid, $handle, $cookieid, $title, $content, $format, $text, $notify, $categoryid)
{
/*
* Proceeds to create an announcement
*
*/
require_once QA_INCLUDE_DIR . 'qa-db-post-create.php';
require_once QA_INCLUDE_DIR . 'qa-app-emails.php';
require_once QA_INCLUDE_DIR . 'mp-app-users.php';
// persist data to database
$postid = qa_db_post_create('AN', null, $userid, $cookieid, qa_remote_ip_address(), $title, $content, $format, null, $notify, $categoryid);
qa_user_report_action(qa_get_logged_in_userid(), null, null, null, null);
// update new post with category path hierarchy
qa_db_posts_calc_category_path($postid);
// send notifications
if ($notify && isset($postid)) {
$category = mp_get_categoryinfo($categoryid);
$recipients = mp_get_category_userids($categoryid);
foreach ($recipients as $recipient) {
// retrieve the user flags
$userflags = mp_get_user_flags($recipient['userid']);
// check user flags to determine whether user should be notified or not
// of the new answer post
if (!($userflags & QA_USER_FLAGS_NOTIFY_ANNOUNCEMENTS)) {
qa_send_notification($recipient['userid'], null, null, qa_lang('emails/an_posted_subject'), qa_lang('emails/an_posted_body'), array('^an_handle' => $handle, '^category_title' => $category['title'], '^an_title' => $title, '^an_url' => qa_path('mp-announcements-page', null, qa_opt('site_url'), null, null)));
}
}
}
// report announcement create event
qa_report_event('an_post', $userid, $handle, $cookieid, array('postid' => $postid, 'title' => $title, 'content' => $content, 'format' => $format, 'text' => $text, 'categoryid' => $categoryid, 'notify' => $notify));
return $postid;
}
function process_event($event, $userid, $handle, $cookieid, $params)
{
qw_do_action('qw_event_' . $event, $event, $userid, $handle, $cookieid, $params);
if (qa_opt('event_logger_to_database')) {
$paramstring = '';
foreach ($params as $key => $value) {
$value_to_text = $this->value_to_text($value, $key);
$value = is_array($value) ? 'array(' . count($value) . ')' . "\t" . $value_to_text : $value_to_text;
$paramstring .= (strlen($paramstring) ? "\t" : '') . $key . '=' . $value;
}
$paramstring = strtr($paramstring, "\n\r", ' ');
qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $userid, $handle, $cookieid, $event, $paramstring);
}
if (qa_opt('event_logger_to_files')) {
// Substitute some placeholders if certain information is missing
if (!strlen($userid)) {
$userid = 'no_userid';
}
if (!strlen($handle)) {
$handle = 'no_handle';
}
if (!strlen($cookieid)) {
$cookieid = 'no_cookieid';
}
$ip = qa_remote_ip_address();
if (!strlen($ip)) {
$ip = 'no_ipaddress';
}
// Build the log file line to be written
$fixedfields = array('Date' => date('Y\\-m\\-d'), 'Time' => date('H\\:i\\:s'), 'IPaddress' => $ip, 'UserID' => $userid, 'Username' => $handle, 'CookieID' => $cookieid, 'Event' => $event);
$fields = $fixedfields;
foreach ($params as $key => $value) {
$fields['param_' . $key] = $key . '=' . $this->value_to_text($value, $key);
}
$string = implode("\t", $fields);
// Build the full path and file name
$directory = qa_opt('event_logger_directory');
if (substr($directory, -1) != '/') {
$directory .= '/';
}
$filename = $directory . 'q2a-log-' . date('Y\\-m\\-d') . '.txt';
// Open, lock, write, unlock, close (to prevent interference between multiple writes)
$exists = file_exists($filename);
$file = @fopen($filename, 'a');
if (is_resource($file)) {
if (flock($file, LOCK_EX)) {
if (!$exists && filesize($filename) === 0 && !qa_opt('event_logger_hide_header')) {
$string = "Question2Answer " . QA_VERSION . " log file generated by Event Logger plugin.\n" . "This file is formatted as tab-delimited text with UTF-8 encoding.\n\n" . implode("\t", array_keys($fixedfields)) . "\textras...\n\n" . $string;
}
fwrite($file, $string . "\n");
flock($file, LOCK_UN);
}
fclose($file);
}
}
}
function validate_post(&$error)
{
if (!empty($_POST['recaptcha_challenge_field']) && !empty($_POST['recaptcha_response_field'])) {
require_once $this->directory . 'recaptchalib.php';
$answer = recaptcha_check_answer(qa_opt('recaptcha_private_key'), qa_remote_ip_address(), $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);
if ($answer->is_valid) {
return true;
}
$error = @$answer->error;
}
return false;
}
/**
* Check that the CAPTCHA was entered correctly. reCAPTCHA sets a long string in 'g-recaptcha-response'
* when the CAPTCHA is completed; we check that with the reCAPTCHA API.
*/
public function validate_post(&$error)
{
require_once $this->directory . 'recaptchalib.php';
$recaptcha = new ReCaptcha(qa_opt('recaptcha_private_key'));
$remoteIp = qa_remote_ip_address();
$userResponse = qa_post_text('g-recaptcha-response');
$recResponse = $recaptcha->verifyResponse($remoteIp, $userResponse);
foreach ($recResponse->errorCodes as $code) {
if (isset($this->errorCodeMessages[$code])) {
$error .= $this->errorCodeMessages[$code] . "\n";
}
}
return $recResponse->success;
}
function qa_db_hotness_update($firstpostid, $lastpostid = null, $viewincrement = false)
{
if (qa_should_update_counts()) {
if (!isset($lastpostid)) {
$lastpostid = $firstpostid;
}
$query = 'UPDATE ^posts AS x, (SELECT parents.postid, parents.created AS qcreated, COALESCE(MAX(children.created), parents.created) as acreated, COUNT(children.postid) AS acount, parents.netvotes, parents.views FROM ^posts AS parents LEFT JOIN ^posts AS children ON parents.postid=children.parentid AND children.type=\'A\' WHERE parents.postid>=# AND parents.postid<=# AND parents.type=\'Q\' GROUP BY postid) AS a SET x.hotness=(' . '((TO_DAYS(a.qcreated)-734138)*86400.0+TIME_TO_SEC(a.qcreated))*# + ' . '((TO_DAYS(a.acreated)-734138)*86400.0+TIME_TO_SEC(a.acreated))*# + ' . '(a.acount+0.0)*# + ' . '(a.netvotes+0.0)*# + ' . '(a.views+0.0+#)*#' . ')' . ($viewincrement ? ', x.views=x.views+1, x.lastviewip=INET_ATON($)' : '') . ' WHERE x.postid=a.postid';
// Additional multiples based on empirical analysis of activity on Q2A meta site to give approx equal influence for all factors
$arguments = array($firstpostid, $lastpostid, qa_opt('hot_weight_q_age'), qa_opt('hot_weight_a_age'), qa_opt('hot_weight_answers') * 160000, qa_opt('hot_weight_votes') * 160000, $viewincrement ? 1 : 0, qa_opt('hot_weight_views') * 4000);
if ($viewincrement) {
$arguments[] = qa_remote_ip_address();
}
qa_db_query_raw(qa_db_apply_sub($query, $arguments));
}
}
function qa_captcha_validate($form, &$errors)
{
if (qa_captcha_possible()) {
require_once QA_INCLUDE_DIR . 'qa-recaptchalib.php';
if (!empty($form['recaptcha_challenge_field']) && !empty($form['recaptcha_response_field'])) {
$answer = recaptcha_check_answer(qa_opt('recaptcha_private_key'), qa_remote_ip_address(), @$form['recaptcha_challenge_field'], @$form['recaptcha_response_field']);
if (!$answer->is_valid) {
$errors['captcha'] = @$answer->error;
}
} else {
$errors['captcha'] = true;
}
// empty error but still set it
}
}
function process_event($event, $userid, $handle, $cookieid, $params)
{
if (!qa_opt('event_logger_to_database')) {
return;
}
$twoway = array('a_select', 'a_unselect', 'q_vote_up', 'a_vote_up', 'q_vote_down', 'a_vote_down', 'q_vote_nil', 'a_vote_nil', 'q_flag', 'a_flag', 'c_flag', 'q_unflag', 'a_unflag', 'c_unflag', 'u_edit', 'u_level', 'u_block', 'u_unblock');
$special = array('a_post', 'c_post');
if (in_array($event, $twoway)) {
if (strpos($event, 'u_') === 0) {
$uid = $params['userid'];
} else {
$uid = qa_db_read_one_value(qa_db_query_sub('SELECT userid FROM ^posts WHERE postid=#', $params['postid']), true);
}
if ($uid != $userid) {
$ohandle = $this->getHandleFromId($uid);
$oevent = 'in_' . $event;
$paramstring = '';
foreach ($params as $key => $value) {
$paramstring .= (strlen($paramstring) ? "\t" : '') . $key . '=' . $this->value_to_text($value);
}
qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $uid, $ohandle, $cookieid, $oevent, $paramstring);
}
}
// comments and answers
if (in_array($event, $special)) {
$pid = qa_db_read_one_value(qa_db_query_sub('SELECT userid FROM ^posts WHERE postid=#', $params['parentid']), true);
if ($pid != $userid) {
$ohandle = $this->getHandleFromId($pid);
switch ($event) {
case 'a_post':
$oevent = 'in_a_question';
break;
case 'c_post':
if ($params['parenttype'] == 'Q') {
$oevent = 'in_c_question';
} else {
$oevent = 'in_c_answer';
}
break;
}
$paramstring = '';
foreach ($params as $key => $value) {
$paramstring .= (strlen($paramstring) ? "\t" : '') . $key . '=' . $this->value_to_text($value);
}
qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $pid, $ohandle, $cookieid, $oevent, $paramstring);
}
}
}
function qa_page_queue_pending()
{
if (qa_to_override(__FUNCTION__)) {
$args = func_get_args();
return qa_call_override(__FUNCTION__, $args);
}
qa_preload_options();
$loginuserid = qa_get_logged_in_userid();
if (isset($loginuserid)) {
if (!QA_FINAL_EXTERNAL_USERS) {
qa_db_queue_pending_select('loggedinuser', qa_db_user_account_selectspec($loginuserid, true));
}
qa_db_queue_pending_select('notices', qa_db_user_notices_selectspec($loginuserid));
qa_db_queue_pending_select('favoritenonqs', qa_db_user_favorite_non_qs_selectspec($loginuserid));
qa_db_queue_pending_select('userlimits', qa_db_user_limits_selectspec($loginuserid));
qa_db_queue_pending_select('userlevels', qa_db_user_levels_selectspec($loginuserid, true));
}
qa_db_queue_pending_select('iplimits', qa_db_ip_limits_selectspec(qa_remote_ip_address()));
qa_db_queue_pending_select('navpages', qa_db_pages_selectspec(array('B', 'M', 'O', 'F')));
qa_db_queue_pending_select('widgets', qa_db_widgets_selectspec());
}
function process_event($event, $userid, $handle, $cookieid, $params)
{
if (!qa_opt('event_logger_to_database')) {
return;
}
// needed for function qa_post_userid_to_handle()
require_once QA_INCLUDE_DIR . 'qa-app-posts.php';
$twoway = array('a_select', 'q_vote_up', 'a_vote_up', 'q_vote_down', 'a_vote_down');
$special = array('a_post', 'c_post');
if (in_array($event, $twoway)) {
if (strpos($event, 'u_') === 0) {
$uid = $params['userid'];
} else {
$uid = qa_db_read_one_value(qa_db_query_sub('SELECT userid FROM ^posts WHERE postid=#', $params['postid']), true);
}
if ($uid != $userid) {
$ohandle = qa_post_userid_to_handle($uid);
$oevent = 'in_' . $event;
$paramstring = '';
foreach ($params as $key => $value) {
$paramstring .= (strlen($paramstring) ? "\t" : '') . $key . '=' . $this->value_to_text($value);
}
// write in_ events to qa_eventlog
qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $uid, $ohandle, $cookieid, $oevent, $paramstring);
}
}
// comments and answers
if (in_array($event, $special)) {
// userid (recent C)
$uid = qa_db_read_one_value(qa_db_query_sub('SELECT userid FROM ^posts WHERE postid=#', $params['postid']), true);
// userid (QA)
$pid = qa_db_read_one_value(qa_db_query_sub('SELECT userid FROM ^posts WHERE postid=#', $params['parentid']), true);
// if QA poster is not the same as commenter
if ($pid != $userid) {
$ohandle = qa_post_userid_to_handle($pid);
switch ($event) {
case 'a_post':
$oevent = 'in_a_question';
break;
case 'c_post':
if ($params['parenttype'] == 'Q') {
$oevent = 'in_c_question';
} else {
$oevent = 'in_c_answer';
}
break;
}
$paramstring = '';
foreach ($params as $key => $value) {
$paramstring .= (strlen($paramstring) ? "\t" : '') . $key . '=' . $this->value_to_text($value);
}
qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $pid, $ohandle, $cookieid, $oevent, $paramstring);
}
// q2apro: added logging for comments in thread
if ($event == 'c_post') {
$oevent = 'in_c_comment';
// check if we have more comments to the parent
// DISTINCT: if a user has more than 1 comment just select him unique to inform him only once
$precCommentsQuery = qa_db_query_sub('SELECT DISTINCT userid FROM `^posts`
WHERE `parentid` = #
AND `type` = "C"
AND `userid` IS NOT NULL
', $params['parentid']);
while (($comment = qa_db_read_one_assoc($precCommentsQuery, true)) !== null) {
$userid_CommThr = $comment['userid'];
// unique
// don't inform user that comments, and don't inform user that comments on his own question/answer
if ($userid_CommThr != $uid && $userid_CommThr != $pid) {
$ohandle = qa_post_userid_to_handle($userid_CommThr);
$paramstring = '';
foreach ($params as $key => $value) {
$paramstring .= (strlen($paramstring) ? "\t" : '') . $key . '=' . $this->value_to_text($value);
}
qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $userid_CommThr, $ohandle, $cookieid, $oevent, $paramstring);
}
}
}
// end in_c_comment
}
// end in_array
}
function qa_user_report_action($userid, $action, $questionid, $answerid, $commentid)
{
require_once QA_INCLUDE_DIR . 'qa-db-users.php';
qa_db_user_written($userid, qa_remote_ip_address());
}
function qa_limits_increment($userid, $action)
{
if (qa_to_override(__FUNCTION__)) {
$args = func_get_args();
return qa_call_override(__FUNCTION__, $args);
}
require_once QA_INCLUDE_DIR . 'qa-db-limits.php';
$period = (int) (qa_opt('db_time') / 3600);
if (isset($userid)) {
qa_db_limits_user_add($userid, $action, $period, 1);
}
qa_db_limits_ip_add(qa_remote_ip_address(), $action, $period, 1);
}
function award_badge($object_id, $user_id, $badge_slug, $badge_badge = false)
{
if (!$user_id) {
return;
}
// add badge to userbadges
qa_db_query_sub('INSERT INTO ^userbadges (awarded_at, notify, object_id, user_id, badge_slug, id) ' . 'VALUES (NOW(), 1, #, #, $, 0)', $object_id, $user_id, $badge_slug);
if (qa_opt('event_logger_to_database')) {
// add event
$handle = qa_getHandleFromId($user_id);
qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $user_id, $handle, qa_cookie_get_create(), 'badge_awarded', 'badge_slug=' . $badge_slug . ($object_id ? "\t" . 'postid=' . $object_id : ''));
}
if (qa_opt('badge_email_notify')) {
qa_badge_notification($user_id, $object_id, $badge_slug);
}
// check for sheer number of badges, unless this badge was for number of badges (avoid recursion!)
if (!$badge_badge) {
$this->check_badges($user_id);
}
}
function qa_cookie_report_action($cookieid, $action)
{
require_once QA_INCLUDE_DIR . 'qa-db-cookies.php';
qa_db_cookie_written($cookieid, qa_remote_ip_address());
}
function qa_comment_set_hidden($oldcomment, $hidden, $userid, $handle, $cookieid, $question, $answer)
{
qa_post_unindex($oldcomment['postid']);
qa_db_post_set_type($oldcomment['postid'], $hidden ? 'C_HIDDEN' : 'C', $userid, qa_remote_ip_address());
qa_db_points_update_ifuser($oldcomment['userid'], array('cposts'));
qa_db_ccount_update();
if (!($hidden || $question['hidden'] || @$answer['hidden'])) {
// only index if none of the things it depends on are hidden
require_once QA_INCLUDE_DIR . 'qa-app-format.php';
qa_post_index($oldcomment['postid'], 'C', $question['postid'], null, qa_viewer_text($oldcomment['content'], $oldcomment['format']), null);
}
qa_report_event($hidden ? 'c_hide' : 'c_reshow', $userid, $handle, $cookieid, array('postid' => $oldcomment['postid'], 'parentid' => $oldcomment['parentid'], 'parenttype' => isset($answer) ? $answer['basetype'] : $question['basetype'], 'questionid' => $question['postid']));
}
function qa_badge_award_check($badges, $var, $uid, $oid = NULL, $notify = 1)
{
// oid is the postid (if), notify = 1 for email and popup, 2 for just popup.
if (!$uid) {
return;
}
$awarded = array();
foreach ($badges as $badge_slug) {
if (($var === false || (int) $var >= (int) qa_opt('badge_' . $badge_slug . '_var')) && qa_opt('badge_' . $badge_slug . '_enabled') !== '0') {
if ($oid) {
$result = @qa_db_read_one_value(qa_db_query_sub('SELECT badge_slug FROM ^userbadges WHERE user_id=# AND badge_slug=$ AND object_id=#', $uid, $badge_slug, $oid), true);
} else {
$result = @qa_db_read_one_value(qa_db_query_sub('SELECT badge_slug FROM ^userbadges WHERE user_id=# AND badge_slug=$', $uid, $badge_slug), true);
}
if ($result == null) {
// not already awarded this badge
qa_db_query_sub('INSERT INTO ^userbadges (awarded_at, notify, object_id, user_id, badge_slug, id) ' . 'VALUES (NOW(), #, #, #, #, 0)', $notify, $oid, $uid, $badge_slug);
if ($notify > 0) {
//qa_db_usernotice_create($uid, $content, 'html');
if (qa_opt('badge_email_notify') && $notify == 1) {
qa_badge_notification($uid, $oid, $badge_slug);
}
if (qa_opt('event_logger_to_database')) {
// add event
$handle = qa_getHandleFromId($uid);
qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $uid, $handle, qa_cookie_get_create(), 'badge_awarded', 'badge_slug=' . $badge_slug . ($oid ? "\t" . 'postid=' . $oid : ''));
}
}
array_push($awarded, $badge_slug);
}
}
}
return $awarded;
}
}
if ($question['basetype'] == 'Q') {
$qa_content['a_list']['title_tags'] = 'id="a_list_title"';
if ($countfortitle > 0) {
$split = $countfortitle == 1 ? qa_lang_html_sub_split('question/1_answer_title', '1', '1') : qa_lang_html_sub_split('question/x_answers_title', $countfortitle);
if ($microdata) {
$split['data'] = '<span itemprop="answerCount">' . $split['data'] . '</span>';
}
$qa_content['a_list']['title'] = $split['prefix'] . $split['data'] . $split['suffix'];
} else {
$qa_content['a_list']['title_tags'] .= ' style="display:none;" ';
}
}
if (!$formrequested) {
$qa_content['page_links'] = qa_html_page_links(qa_request(), $pagestart, $pagesize, $countforpages, qa_opt('pages_prev_next'), array(), false, 'a_list_title');
}
// Some generally useful stuff
if (qa_using_categories() && count($categories)) {
$qa_content['navigation']['cat'] = qa_category_navigation($categories, $question['categoryid']);
}
if (isset($jumptoanchor)) {
$qa_content['script_onloads'][] = array('qa_scroll_page_to($("#"+' . qa_js($jumptoanchor) . ').offset().top);');
}
// Determine whether this request should be counted for page view statistics
if (qa_opt('do_count_q_views') && !$formrequested && !qa_is_http_post() && qa_is_human_probably() && (!$question['views'] || ($question['lastviewip'] != qa_remote_ip_address() || !isset($question['lastviewip'])) && ($question['createip'] != qa_remote_ip_address() || !isset($question['createip'])) && ($question['userid'] != $userid || !isset($question['userid'])) && ($question['cookieid'] != $cookieid || !isset($question['cookieid'])))) {
$qa_content['inc_views_postid'] = $questionid;
}
return $qa_content;
/*
Omit PHP closing tag to help avoid accidental output
*/
/**
* Outputs cache to the user
*/
private function get_cache()
{
global $qa_usage;
qa_db_connect('qa_page_db_fail_handler');
qa_page_queue_pending();
qa_load_state();
qa_check_login_modules();
qa_check_page_clicks();
$contents = @file_get_contents($this->cache_file);
if (!$contents) {
return;
}
//cache failure, graceful exit
$qa_content = array();
// Dummy contents
$userid = qa_get_logged_in_userid();
$questionid = qa_request_part(0);
$cookieid = qa_cookie_get(true);
if (is_numeric($questionid)) {
$question = qa_db_select_with_pending(qa_db_full_post_selectspec($userid, $questionid));
if (is_numeric($questionid) && qa_opt('do_count_q_views') && !$this->post_method && !qa_is_http_post() && qa_is_human_probably() && (!$question['views'] || ($question['lastviewip'] != qa_remote_ip_address() || !isset($question['lastviewip'])) && ($question['createip'] != qa_remote_ip_address() || !isset($question['createip'])) && ($question['userid'] != $userid || !isset($question['userid'])) && ($question['cookieid'] != $cookieid || !isset($question['cookieid'])))) {
$qa_content['inc_views_postid'] = $questionid;
} else {
$qa_content['inc_views_postid'] = null;
}
qa_do_content_stats($qa_content);
}
if (QA_DEBUG_PERFORMANCE) {
ob_start();
$qa_usage->output();
$contents .= ob_get_contents();
ob_end_clean();
}
qa_db_disconnect();
exit($contents);
}
function qa_comment_set_hidden($oldcomment, $hidden, $userid, $handle, $cookieid, $question, $parent)
{
require_once QA_INCLUDE_DIR . 'qa-app-format.php';
if (!isset($parent)) {
$parent = $question;
}
// for backwards compatibility with old answer parameter
$wasqueued = $oldcomment['type'] == 'C_QUEUED';
qa_post_unindex($oldcomment['postid']);
$setupdated = $hidden || !$wasqueued;
// don't record approval of a post as an update action...
qa_db_post_set_type($oldcomment['postid'], $hidden ? 'C_HIDDEN' : 'C', $setupdated ? $userid : null, $setupdated ? qa_remote_ip_address() : null, QA_UPDATE_VISIBLE);
if (!$setupdated) {
// ... for approval of a post, set created time to now instead
qa_db_post_set_created($oldcomment['postid'], null);
}
qa_db_points_update_ifuser($oldcomment['userid'], array('cposts'));
qa_db_ccount_update();
if ($question['type'] == 'Q' && ($parent['type'] == 'Q' || $parent['type'] == 'A') && !$hidden) {
// only index if none of the things it depends on are hidden or queued
qa_post_index($oldcomment['postid'], 'C', $question['postid'], $oldcomment['parentid'], null, $oldcomment['content'], $oldcomment['format'], qa_viewer_text($oldcomment['content'], $oldcomment['format']), null, $oldcomment['categoryid']);
}
qa_report_event($wasqueued ? $hidden ? 'c_reject' : 'c_approve' : ($hidden ? 'c_hide' : 'c_reshow'), $userid, $handle, $cookieid, array('postid' => $oldcomment['postid'], 'parentid' => $oldcomment['parentid'], 'oldcomment' => $oldcomment, 'parenttype' => $parent['basetype'], 'questionid' => $question['postid']));
if ($wasqueued && !$hidden) {
require_once QA_INCLUDE_DIR . 'qa-db-selects.php';
require_once QA_INCLUDE_DIR . 'qa-util-string.php';
$commentsfollows = qa_db_single_select(qa_db_full_child_posts_selectspec(null, $oldcomment['parentid']));
$thread = array();
foreach ($commentsfollows as $comment) {
if ($comment['type'] == 'C' && $comment['parentid'] == $parent['postid']) {
$thread[] = $comment;
}
}
qa_report_event('c_post', $oldcomment['userid'], $oldcomment['handle'], $oldcomment['cookieid'], array('postid' => $oldcomment['postid'], 'parentid' => $oldcomment['parentid'], 'parenttype' => $parent['basetype'], 'parent' => $parent, 'questionid' => $question['postid'], 'question' => $question, 'thread' => $thread, 'content' => $oldcomment['content'], 'format' => $oldcomment['format'], 'text' => qa_viewer_text($oldcomment['content'], $oldcomment['format']), 'categoryid' => $oldcomment['categoryid'], 'notify' => isset($oldcomment['notify']), 'email' => qa_email_validate($oldcomment['notify']) ? $oldcomment['notify'] : null, 'delayed' => $oldcomment['created']));
}
}
$feedbacksent = false;
if (qa_clicked('dofeedback')) {
require_once QA_INCLUDE_DIR . 'qa-util-emailer.php';
require_once QA_INCLUDE_DIR . 'qa-util-string.php';
$inmessage = qa_post_text('message');
$inname = qa_post_text('name');
$inemail = qa_post_text('email');
$inreferer = qa_post_text('referer');
if (empty($inmessage)) {
$errors['message'] = qa_lang('misc/feedback_empty');
}
if ($usecaptcha) {
qa_captcha_validate($_POST, $errors);
}
if (empty($errors)) {
$subs = array('^message' => $inmessage, '^name' => empty($inname) ? '-' : $inname, '^email' => empty($inemail) ? '-' : $inemail, '^previous' => empty($inreferer) ? '-' : $inreferer, '^url' => isset($qa_login_userid) ? qa_path('user/' . qa_get_logged_in_handle(), null, qa_opt('site_url')) : '-', '^ip' => qa_remote_ip_address(), '^browser' => @$_SERVER['HTTP_USER_AGENT']);
if (qa_send_email(array('fromemail' => qa_email_validate(@$inemail) ? $inemail : qa_opt('from_email'), 'fromname' => $inname, 'toemail' => qa_opt('feedback_email'), 'toname' => qa_opt('site_title'), 'subject' => qa_lang_sub('emails/feedback_subject', qa_opt('site_title')), 'body' => strtr(qa_lang('emails/feedback_body'), $subs), 'html' => false))) {
$feedbacksent = true;
} else {
$page_error = qa_lang_html('main/general_error');
}
qa_report_event('feedback', $qa_login_userid, qa_get_logged_in_handle(), $qa_cookieid, array('email' => $inemail, 'name' => $inname, 'message' => $inmessage, 'previous' => $inreferer, 'browser' => @$_SERVER['HTTP_USER_AGENT']));
}
}
// Prepare content for theme
$qa_content = qa_content_prepare();
$qa_content['title'] = qa_lang_html('misc/feedback_title');
$qa_content['error'] = @$page_error;
$qa_content['form'] = array('tags' => 'METHOD="POST" ACTION="' . qa_self_html() . '"', 'style' => 'tall', 'fields' => array('message' => array('type' => $feedbacksent ? 'static' : '', 'label' => qa_lang_html_sub('misc/feedback_message', qa_opt('site_title')), 'tags' => 'NAME="message" ID="message"', 'value' => qa_html(@$inmessage), 'rows' => 8, 'error' => qa_html(@$errors['message'])), 'name' => array('type' => $feedbacksent ? 'static' : '', 'label' => qa_lang_html('misc/feedback_name'), 'tags' => 'NAME="name"', 'value' => qa_html(isset($inname) ? $inname : @$userprofile['name'])), 'email' => array('type' => $feedbacksent ? 'static' : '', 'label' => qa_lang_html('misc/feedback_email'), 'tags' => 'NAME="email"', 'value' => qa_html(isset($inemail) ? $inemail : qa_get_logged_in_email()), 'note' => $feedbacksent ? null : qa_opt('email_privacy'))), 'buttons' => array('send' => array('label' => qa_lang_html('main/send_button'))), 'hidden' => array('dofeedback' => '1', 'referer' => qa_html(isset($inreferer) ? $inreferer : @$_SERVER['HTTP_REFERER'])));
if ($usecaptcha && !$feedbacksent) {
qa_set_up_captcha_field($qa_content, $qa_content['form']['fields'], @$errors);
/**
* Outputs cache to the user
*/
private function get_cache()
{
qa_report_process_stage('init_page');
qa_db_connect('qa_page_db_fail_handler');
qa_page_queue_pending();
qa_load_state();
qa_check_login_modules();
if (QA_DEBUG_PERFORMANCE) {
if (qa_qa_version_below('1.7')) {
qa_usage_mark('setup');
} else {
//global $qa_usage;
//$qa_usage->mark('setup');
null;
}
}
qa_check_page_clicks();
qa_set_form_security_key();
if (!QA_CACHING_FILE) {
$contents = $this->get_cache_db();
} else {
$contents = $this->get_cache_file();
}
$qa_content = array();
// Dummy contents
$userid = qa_get_logged_in_userid();
$questionid = qa_request_part(0);
$cookieid = qa_cookie_get(true);
if (is_numeric($questionid)) {
$question = qa_db_select_with_pending(qa_db_full_post_selectspec($userid, $questionid));
if (is_numeric($questionid) && qa_opt('do_count_q_views') && !preg_match("/^(?:POST|PUT)\$/i", $_SERVER["REQUEST_METHOD"]) && !qa_is_http_post() && qa_is_human_probably() && (!$question['views'] || ($question['lastviewip'] != qa_remote_ip_address() || !isset($question['lastviewip'])) && ($question['createip'] != qa_remote_ip_address() || !isset($question['createip'])) && ($question['userid'] != $userid || !isset($question['userid'])) && ($question['cookieid'] != $cookieid || !isset($question['cookieid'])))) {
$qa_content['inc_views_postid'] = $questionid;
} else {
$qa_content['inc_views_postid'] = null;
}
qa_do_content_stats($qa_content);
}
if (QA_DEBUG_PERFORMANCE) {
ob_start();
if (qa_qa_version_below('1.7')) {
qa_usage_output();
} else {
global $qa_usage;
$qa_usage->output();
}
$contents .= ob_get_contents();
ob_end_clean();
}
qa_db_disconnect();
header('Content-type: ' . strtr('^type/^format; charset=utf-8', array('^type' => 'text', '^format' => $this->get_cache_file_extension())));
exit($contents);
}
function qa_comment_create($userid, $handle, $cookieid, $content, $format, $text, $notify, $email, $question, $parent, $commentsfollows, $queued = false)
{
require_once QA_INCLUDE_DIR . 'qa-app-emails.php';
require_once QA_INCLUDE_DIR . 'qa-app-options.php';
require_once QA_INCLUDE_DIR . 'qa-app-format.php';
require_once QA_INCLUDE_DIR . 'qa-util-string.php';
if (!isset($parent)) {
$parent = $question;
}
// for backwards compatibility with old answer parameter
$postid = qa_db_post_create($queued ? 'C_QUEUED' : 'C', $parent['postid'], $userid, isset($userid) ? null : $cookieid, qa_remote_ip_address(), null, $content, $format, null, qa_combine_notify_email($userid, $notify, $email), $question['categoryid']);
qa_db_posts_calc_category_path($postid);
if (!$queued) {
if ($question['type'] == 'Q' && ($parent['type'] == 'Q' || $parent['type'] == 'A')) {
// only index if antecedents fully visible
qa_post_index($postid, 'C', $question['postid'], $parent['postid'], null, $content, $format, $text, null, $question['categoryid']);
}
qa_db_points_update_ifuser($userid, 'cposts');
qa_db_ccount_update();
}
$thread = array();
foreach ($commentsfollows as $comment) {
if ($comment['type'] == 'C' && $comment['parentid'] == $parent['postid']) {
// find just those for this parent, fully visible
$thread[] = $comment;
}
}
qa_report_event($queued ? 'c_queue' : 'c_post', $userid, $handle, $cookieid, array('postid' => $postid, 'parentid' => $parent['postid'], 'parenttype' => $parent['basetype'], 'parent' => $parent, 'questionid' => $question['postid'], 'question' => $question, 'thread' => $thread, 'content' => $content, 'format' => $format, 'text' => $text, 'categoryid' => $question['categoryid'], 'notify' => $notify, 'email' => $email));
return $postid;
}
function qa_comment_create($userid, $handle, $cookieid, $content, $format, $text, $notify, $email, $question, $answer, $commentsfollows)
{
require_once QA_INCLUDE_DIR . 'qa-app-emails.php';
require_once QA_INCLUDE_DIR . 'qa-app-options.php';
require_once QA_INCLUDE_DIR . 'qa-app-format.php';
require_once QA_INCLUDE_DIR . 'qa-util-string.php';
$parent = isset($answer) ? $answer : $question;
$postid = qa_db_post_create('C', $parent['postid'], $userid, isset($userid) ? null : $cookieid, qa_remote_ip_address(), null, $content, $format, null, qa_combine_notify_email($userid, $notify, $email), $question['categoryid']);
qa_db_posts_calc_category_path($postid);
if (!($question['hidden'] || @$answer['hidden'])) {
// don't index comment if parent or parent of parent is hidden
qa_post_index($postid, 'C', $question['postid'], null, $text, null);
}
qa_db_points_update_ifuser($userid, 'cposts');
qa_db_ccount_update();
// $senttoemail and $senttouserid ensure each user or email gets only one notification about an added comment,
// even if they have several previous comments in the same thread and asked for notifications for the parent.
// Still, if a person posted some comments as a registered user and some others anonymously,
// they could get two emails about a subsequent comment. Shouldn't be much of a problem in practice.
$senttoemail = array();
$senttouserid = array();
switch ($parent['basetype']) {
case 'Q':
$subject = qa_lang('emails/q_commented_subject');
$body = qa_lang('emails/q_commented_body');
$context = $parent['title'];
break;
case 'A':
$subject = qa_lang('emails/a_commented_subject');
$body = qa_lang('emails/a_commented_body');
$context = qa_viewer_text($parent['content'], $parent['format']);
break;
}
$blockwordspreg = qa_get_block_words_preg();
$sendhandle = isset($handle) ? $handle : qa_lang('main/anonymous');
$sendcontext = qa_block_words_replace($context, $blockwordspreg);
$sendtext = qa_block_words_replace($text, $blockwordspreg);
$sendtitle = qa_block_words_replace($question['title'], $blockwordspreg);
$sendurl = qa_path(qa_q_request($question['postid'], $sendtitle), null, qa_opt('site_url'), null, qa_anchor($parent['basetype'], $parent['postid']));
if (isset($parent['notify']) && !qa_post_is_by_user($parent, $userid, $cookieid)) {
$senduserid = $parent['userid'];
$sendemail = @$parent['notify'];
if (qa_email_validate($sendemail)) {
$senttoemail[$sendemail] = true;
} elseif (isset($senduserid)) {
$senttouserid[$senduserid] = true;
}
qa_send_notification($senduserid, $sendemail, @$parent['handle'], $subject, $body, array('^c_handle' => $sendhandle, '^c_context' => $sendcontext, '^c_content' => $sendtext, '^url' => $sendurl));
}
foreach ($commentsfollows as $comment) {
if ($comment['basetype'] == 'C' && $comment['parentid'] == $parent['postid'] && !$comment['hidden']) {
// find just those for this parent
if (isset($comment['notify']) && !qa_post_is_by_user($comment, $userid, $cookieid)) {
$senduserid = $comment['userid'];
$sendemail = @$comment['notify'];
if (qa_email_validate($sendemail)) {
if (@$senttoemail[$sendemail]) {
continue;
}
$senttoemail[$sendemail] = true;
} elseif (isset($senduserid)) {
if (@$senttouserid[$senduserid]) {
continue;
}
$senttouserid[$senduserid] = true;
}
qa_send_notification($senduserid, $sendemail, @$comment['handle'], qa_lang('emails/c_commented_subject'), qa_lang('emails/c_commented_body'), array('^c_handle' => $sendhandle, '^c_context' => $sendcontext, '^c_content' => $sendtext, '^url' => $sendurl));
}
}
}
qa_report_event('c_post', $userid, $handle, $cookieid, array('postid' => $postid, 'parentid' => $parent['postid'], 'parenttype' => $parent['basetype'], 'questionid' => $question['postid'], 'content' => $content, 'format' => $format, 'text' => $text, 'categoryid' => $question['categoryid'], 'notify' => $notify, 'email' => $email));
return $postid;
}
function qa_limits_increment($userid, $actioncode)
{
require_once QA_INCLUDE_DIR . 'qa-db-limits.php';
$period = (int) (qa_opt('db_time') / 3600);
if (isset($userid)) {
qa_db_limits_user_add($userid, $actioncode, $period, 1);
}
qa_db_limits_ip_add(qa_remote_ip_address(), $actioncode, $period, 1);
}
function qa_set_user_avatar($userid, $imagedata, $oldblobid = null)
{
if (qa_to_override(__FUNCTION__)) {
$args = func_get_args();
return qa_call_override(__FUNCTION__, $args);
}
require_once QA_INCLUDE_DIR . 'qa-util-image.php';
$imagedata = qa_image_constrain_data($imagedata, $width, $height, qa_opt('avatar_store_size'));
if (isset($imagedata)) {
require_once QA_INCLUDE_DIR . 'qa-db-blobs.php';
$newblobid = qa_db_blob_create($imagedata, 'jpeg', null, $userid, null, qa_remote_ip_address());
if (isset($newblobid)) {
qa_db_user_set($userid, 'avatarblobid', $newblobid);
qa_db_user_set($userid, 'avatarwidth', $width);
qa_db_user_set($userid, 'avatarheight', $height);
qa_db_user_set_flag($userid, QA_USER_FLAGS_SHOW_AVATAR, true);
qa_db_user_set_flag($userid, QA_USER_FLAGS_SHOW_GRAVATAR, false);
if (isset($oldblobid)) {
qa_db_blob_delete($oldblobid);
}
return true;
}
}
return false;
}
function qa_comment_set_status($oldcomment, $status, $userid, $handle, $cookieid, $question, $parent)
{
require_once QA_INCLUDE_DIR . 'qa-app-format.php';
if (!isset($parent)) {
$parent = $question;
}
// for backwards compatibility with old answer parameter
$washidden = $oldcomment['type'] == 'C_HIDDEN';
$wasqueued = $oldcomment['type'] == 'C_QUEUED';
$wasrequeued = $wasqueued && isset($oldcomment['updated']);
qa_post_unindex($oldcomment['postid']);
$setupdated = false;
$event = null;
if ($status == QA_POST_STATUS_QUEUED) {
$newtype = 'C_QUEUED';
if (!$wasqueued) {
$event = 'c_requeue';
}
// same event whether it was hidden or shown before
} elseif ($status == QA_POST_STATUS_HIDDEN) {
$newtype = 'C_HIDDEN';
if (!$washidden) {
$event = $wasqueued ? 'c_reject' : 'c_hide';
if (!$wasqueued) {
$setupdated = true;
}
}
} elseif ($status == QA_POST_STATUS_NORMAL) {
$newtype = 'C';
if ($wasqueued) {
$event = 'c_approve';
} elseif ($washidden) {
$event = 'c_reshow';
$setupdated = true;
}
} else {
qa_fatal_error('Unknown status in qa_comment_set_status(): ' . $status);
}
qa_db_post_set_type($oldcomment['postid'], $newtype, $setupdated ? $userid : null, $setupdated ? qa_remote_ip_address() : null, QA_UPDATE_VISIBLE);
if ($wasqueued && $status == QA_POST_STATUS_NORMAL && qa_opt('moderate_update_time')) {
// ... for approval of a post, can set time to now instead
if ($wasrequeued) {
qa_db_post_set_updated($oldcomment['postid'], null);
} else {
qa_db_post_set_created($oldcomment['postid'], null);
}
}
qa_db_ccount_update();
qa_db_points_update_ifuser($oldcomment['userid'], array('cposts'));
if ($wasqueued || $status == QA_POST_STATUS_QUEUED) {
qa_db_queuedcount_update();
}
if ($oldcomment['flagcount']) {
qa_db_flaggedcount_update();
}
if ($question['type'] == 'Q' && ($parent['type'] == 'Q' || $parent['type'] == 'A') && $status == QA_POST_STATUS_NORMAL) {
// only index if none of the things it depends on are hidden or queued
qa_post_index($oldcomment['postid'], 'C', $question['postid'], $oldcomment['parentid'], null, $oldcomment['content'], $oldcomment['format'], qa_viewer_text($oldcomment['content'], $oldcomment['format']), null, $oldcomment['categoryid']);
}
$eventparams = array('postid' => $oldcomment['postid'], 'parentid' => $oldcomment['parentid'], 'parenttype' => $parent['basetype'], 'parent' => $parent, 'questionid' => $question['postid'], 'question' => $question, 'content' => $oldcomment['content'], 'format' => $oldcomment['format'], 'text' => qa_viewer_text($oldcomment['content'], $oldcomment['format']), 'categoryid' => $oldcomment['categoryid'], 'name' => $oldcomment['name']);
if (isset($event)) {
qa_report_event($event, $userid, $handle, $cookieid, $eventparams + array('oldcomment' => $oldcomment));
}
if ($wasqueued && $status == QA_POST_STATUS_NORMAL && !$wasrequeued) {
require_once QA_INCLUDE_DIR . 'qa-db-selects.php';
require_once QA_INCLUDE_DIR . 'qa-util-string.php';
$commentsfollows = qa_db_single_select(qa_db_full_child_posts_selectspec(null, $oldcomment['parentid']));
$thread = array();
foreach ($commentsfollows as $comment) {
if ($comment['type'] == 'C' && $comment['parentid'] == $parent['postid']) {
$thread[] = $comment;
}
}
qa_report_event('c_post', $oldcomment['userid'], $oldcomment['handle'], $oldcomment['cookieid'], $eventparams + array('thread' => $thread, 'notify' => isset($oldcomment['notify']), 'email' => qa_email_validate($oldcomment['notify']) ? $oldcomment['notify'] : null, 'delayed' => $oldcomment['created']));
}
}
function process_request($request)
{
$message = '';
$url = '';
if (is_array($_FILES) && count($_FILES)) {
// Check that we're allowed to upload images (if not, no other uploads are allowed either)
if (!qa_opt('wysiwyg_editor_upload_images')) {
$message = qa_lang('users/no_permission');
}
// Check that we haven't reached the upload limit and are not blocked
if (empty($message)) {
require_once QA_INCLUDE_DIR . 'qa-app-users.php';
require_once QA_INCLUDE_DIR . 'qa-app-limits.php';
switch (qa_user_permit_error(null, QA_LIMIT_UPLOADS)) {
case 'limit':
$message = qa_lang('main/upload_limit');
break;
case false:
qa_limits_increment(qa_get_logged_in_userid(), QA_LIMIT_UPLOADS);
break;
default:
$message = qa_lang('users/no_permission');
break;
}
}
// Find out some information about the uploaded file and check it's not too large
if (empty($message)) {
require_once QA_INCLUDE_DIR . 'qa-app-blobs.php';
$file = reset($_FILES);
$pathinfo = pathinfo($file['name']);
$extension = strtolower(@$pathinfo['extension']);
$filesize = $file['size'];
$maxsize = min(qa_opt('wysiwyg_editor_upload_max_size'), qa_get_max_upload_size());
if ($filesize <= 0 || $filesize > $maxsize) {
// if file was too big for PHP, $filesize will be zero
$message = qa_lang_sub('main/max_upload_size_x', number_format($maxsize / 1048576, 1) . 'MB');
}
}
// If it's only allowed to be an image, check it's an image
if (empty($message)) {
if (qa_get('qa_only_image') || !qa_opt('wysiwyg_editor_upload_all')) {
// check if we need to confirm it's an image
switch ($extension) {
case 'png':
// these are allowed image extensions
// these are allowed image extensions
case 'gif':
case 'jpeg':
case 'jpg':
if (function_exists('getimagesize')) {
// getimagesize() does not require GD library
if (!is_array(@getimagesize($file['tmp_name']))) {
$message = qa_lang_sub('main/image_not_read', 'GIF, JPG, PNG');
}
}
break;
default:
$message = qa_lang_sub('main/image_not_read', 'GIF, JPG, PNG');
break;
}
}
}
// If there have been no errors, looks like we're all set...
if (empty($message)) {
require_once QA_INCLUDE_DIR . 'qa-db-blobs.php';
$userid = qa_get_logged_in_userid();
$cookieid = isset($userid) ? qa_cookie_get() : qa_cookie_get_create();
$blobid = qa_db_blob_create(file_get_contents($file['tmp_name']), $extension, @$file['name'], $userid, $cookieid, qa_remote_ip_address());
if (isset($blobid)) {
$url = qa_get_blob_url($blobid, true);
} else {
$message = 'Failed to create object in database - please try again';
}
}
}
echo "<script type='text/javascript'>window.parent.CKEDITOR.tools.callFunction(" . qa_js(qa_get('CKEditorFuncNum')) . ", " . qa_js($url) . ", " . qa_js($message) . ");</script>";
return null;
}
function qa_user_report_action($userid, $action)
{
if (qa_to_override(__FUNCTION__)) {
$args = func_get_args();
return qa_call_override(__FUNCTION__, $args);
}
require_once QA_INCLUDE_DIR . 'db/users.php';
qa_db_user_written($userid, qa_remote_ip_address());
}
function qa_upload_file($localfilename, $sourcefilename, $maxfilesize = null, $onlyimage = false, $imagemaxwidth = null, $imagemaxheight = null)
{
if (qa_to_override(__FUNCTION__)) {
$args = func_get_args();
return qa_call_override(__FUNCTION__, $args);
}
$result = array();
// Check per-user upload limits
require_once QA_INCLUDE_DIR . 'qa-app-users.php';
require_once QA_INCLUDE_DIR . 'qa-app-limits.php';
switch (qa_user_permit_error(null, QA_LIMIT_UPLOADS)) {
case 'limit':
$result['error'] = qa_lang('main/upload_limit');
return $result;
case false:
qa_limits_increment(qa_get_logged_in_userid(), QA_LIMIT_UPLOADS);
break;
default:
$result['error'] = qa_lang('users/no_permission');
return $result;
}
// Check the uploaded file is not too large
$filesize = filesize($localfilename);
if (isset($maxfilesize)) {
$maxfilesize = min($maxfilesize, qa_get_max_upload_size());
} else {
$maxfilesize = qa_get_max_upload_size();
}
if ($filesize <= 0 || $filesize > $maxfilesize) {
// if file was too big for PHP, $filesize will be zero
$result['error'] = qa_lang_sub('main/max_upload_size_x', number_format($maxfilesize / 1048576, 1) . 'MB');
return $result;
}
// Find out what type of source file was uploaded and if appropriate, check it's an image and get preliminary size measure
$pathinfo = pathinfo($sourcefilename);
$format = strtolower(@$pathinfo['extension']);
$isimage = $format == 'png' || $format == 'gif' || $format == 'jpeg' || $format == 'jpg';
// allowed image extensions
if ($isimage) {
$imagesize = @getimagesize($localfilename);
if (is_array($imagesize)) {
$result['width'] = $imagesize[0];
$result['height'] = $imagesize[1];
switch ($imagesize['2']) {
// reassign format based on actual content, if we can
case IMAGETYPE_GIF:
$format = 'gif';
break;
case IMAGETYPE_JPEG:
$format = 'jpeg';
break;
case IMAGETYPE_PNG:
$format = 'png';
break;
}
}
}
$result['format'] = $format;
if ($onlyimage) {
if (!$isimage || !is_array($imagesize)) {
$result['error'] = qa_lang_sub('main/image_not_read', 'GIF, JPG, PNG');
return $result;
}
}
// Read in the raw file contents
$content = file_get_contents($localfilename);
// If appropriate, get more accurate image size and apply constraints to it
require_once QA_INCLUDE_DIR . 'qa-util-image.php';
if ($isimage && qa_has_gd_image()) {
$image = @imagecreatefromstring($content);
if (is_resource($image)) {
$result['width'] = $width = imagesx($image);
$result['height'] = $height = imagesy($image);
if (isset($imagemaxwidth) || isset($imagemaxheight)) {
if (qa_image_constrain($width, $height, isset($imagemaxwidth) ? $imagemaxwidth : $width, isset($imagemaxheight) ? $imagemaxheight : $height)) {
qa_gd_image_resize($image, $width, $height);
if (is_resource($image)) {
$content = qa_gd_image_jpeg($image);
$result['format'] = $format = 'jpeg';
$result['width'] = $width;
$result['height'] = $height;
}
}
}
if (is_resource($image)) {
// might have been lost
imagedestroy($image);
}
}
}
// Create the blob and return
require_once QA_INCLUDE_DIR . 'qa-app-blobs.php';
$userid = qa_get_logged_in_userid();
$cookieid = isset($userid) ? qa_cookie_get() : qa_cookie_get_create();
$result['blobid'] = qa_create_blob($content, $format, $sourcefilename, $userid, $cookieid, qa_remote_ip_address());
if (!isset($result['blobid'])) {
$result['error'] = qa_lang('main/general_error');
return $result;
}
$result['bloburl'] = qa_get_blob_url($result['blobid'], true);
return $result;
}
