public function create() { //hacking attempt if ($_POST['end_of_line'] != "") { exit; } if (isset($_POST['title']) && isset($_POST['cat']) && isset($_POST['imesg']) && isset($_POST['omesg'])) { $catid = (int) $_POST['cat']; $category = new \CODOF\Forum\Category($this->db); if (!$category->exists($catid) || !$category->canCreateTopicIn($catid)) { exit(_t("No such category exists!")); } $post = new \CODOF\Forum\Post($this->db); $topic = new \CODOF\Forum\Topic($this->db); $notifier = new \CODOF\Forum\Notification\Notifier(); $subscriber = new \CODOF\Forum\Notification\Subscriber(); $title = \CODOF\Format::title($_POST['title']); $filter = new \CODOF\SpamFilter(); $needsModeration = false; $sticky = $_POST['sticky'] === "true" ? 'yes' : 'no'; $frontpage = $_POST['frontpage'] === "true" ? 'yes' : 'no'; if ($filter->isSpam($_POST['imesg'])) { $needsModeration = true; } $user = \CODOF\User\User::get(); if ($sticky == 'yes' && $user->can('make sticky')) { if ($frontpage == 'yes') { $tid = $topic->ins_topic($catid, $title, $needsModeration, \CODOF\Forum\Forum::STICKY); } else { $tid = $topic->ins_topic($catid, $title, $needsModeration, \CODOF\Forum\Forum::STICKY_ONLY_CATEGORY); } } else { $tid = $topic->ins_topic($catid, $title, $needsModeration, \CODOF\Forum\Forum::APPROVED); } $pid = $post->ins_post($catid, $tid, $_POST['imesg'], $_POST['omesg']); $topic->link_topic_post($pid, $tid); //get any @mentions from the topic post $mentions = $subscriber->getMentions($_POST['imesg']); //get userids from mentions that actually exists in the database $ids = $subscriber->getIdsThatExisits($mentions); //subscribe self to topic as a Subscriber::NOTIFIED $subscriber->toTopic($catid, $tid, \CODOF\Forum\Notification\Subscriber::$NOTIFIED); //if post was inserted successfully if ($pid) { $topicData = array("label" => 'New topic', "cid" => $catid, "tid" => $tid, "tuid" => $user->id, "pid" => $pid, "mentions" => $ids, "message" => \CODOF\Util::start_cut(\CODOF\Format::imessage($_POST['imesg']), 120), "notification" => "%actor% created <b>%title%</b>", "bindings" => array("title" => \CODOF\Util::start_cut($title, 100))); $notifier->queueNotify('new_topic', $topicData); //$notifier->dequeueNotify(); \CODOF\Hook::call('after_topic_insert', $topicData); } //insert tags if any present in the topic if (isset($_POST['tags']) && $user->can('add tags')) { //the method does the filtering $topic->insertTags($tid, $_POST['tags']); } echo json_encode(array('tid' => $tid)); } }
}); dispatch_get('Ajax/digest', function () { if (Request::valid($_GET['token']) && \CODOF\User\CurrentUser\CurrentUser::loggedIn()) { $digest = new \CODOF\Forum\Notification\Digest\Digest(); $ion = $digest->fetch(); echo json_encode($ion); } //exit; }); Request::get('Ajax/subscribe/:cid/:level', function ($cid, $level) { $subscribe = new CODOF\Forum\Notification\Subscriber(); $subscribe->toCategory($cid, $level); }); Request::get('Ajax/subscribe/:cid/:tid/:level', function ($cid, $tid, $level) { $subscribe = new CODOF\Forum\Notification\Subscriber(); $subscribe->toTopic($cid, $tid, $level); }); Request::get('Ajax/mentions/validate', function () { $mentioner = new CODOF\Forum\Notification\Mention(); $_mentions = $_GET['mentions']; return $mentioner->getValid($_mentions); }); Request::get('Ajax/mentions/mentionable/:cid', function ($cid) { $mentioner = new CODOF\Forum\Notification\Mention(); return $mentioner->getNotMentionable($cid); }); Request::get('Ajax/mentions/:q/:cid/:tid', function ($q, $cid = 0, $tid = 0) { $mentioner = new CODOF\Forum\Notification\Mention(); return $mentioner->find($q, $cid, $tid); }); dispatch_get('Ajax/cron/run/:name', function ($name) {