public function create()
{
//hacking attempt
if ($_POST['end_of_line'] != "") {
exit;
}
if (isset($_POST['title']) && isset($_POST['cat']) && isset($_POST['imesg']) && isset($_POST['omesg'])) {
$catid = (int) $_POST['cat'];
$category = new \CODOF\Forum\Category($this->db);
if (!$category->exists($catid) || !$category->canCreateTopicIn($catid)) {
exit(_t("No such category exists!"));
}
$post = new \CODOF\Forum\Post($this->db);
$topic = new \CODOF\Forum\Topic($this->db);
$notifier = new \CODOF\Forum\Notification\Notifier();
$subscriber = new \CODOF\Forum\Notification\Subscriber();
$title = \CODOF\Format::title($_POST['title']);
$filter = new \CODOF\SpamFilter();
$needsModeration = false;
$sticky = $_POST['sticky'] === "true" ? 'yes' : 'no';
$frontpage = $_POST['frontpage'] === "true" ? 'yes' : 'no';
if ($filter->isSpam($_POST['imesg'])) {
$needsModeration = true;
}
$user = \CODOF\User\User::get();
if ($sticky == 'yes' && $user->can('make sticky')) {
if ($frontpage == 'yes') {
$tid = $topic->ins_topic($catid, $title, $needsModeration, \CODOF\Forum\Forum::STICKY);
} else {
$tid = $topic->ins_topic($catid, $title, $needsModeration, \CODOF\Forum\Forum::STICKY_ONLY_CATEGORY);
}
} else {
$tid = $topic->ins_topic($catid, $title, $needsModeration, \CODOF\Forum\Forum::APPROVED);
}
$pid = $post->ins_post($catid, $tid, $_POST['imesg'], $_POST['omesg']);
$topic->link_topic_post($pid, $tid);
//get any @mentions from the topic post
$mentions = $subscriber->getMentions($_POST['imesg']);
//get userids from mentions that actually exists in the database
$ids = $subscriber->getIdsThatExisits($mentions);
//subscribe self to topic as a Subscriber::NOTIFIED
$subscriber->toTopic($catid, $tid, \CODOF\Forum\Notification\Subscriber::$NOTIFIED);
//if post was inserted successfully
if ($pid) {
$topicData = array("label" => 'New topic', "cid" => $catid, "tid" => $tid, "tuid" => $user->id, "pid" => $pid, "mentions" => $ids, "message" => \CODOF\Util::start_cut(\CODOF\Format::imessage($_POST['imesg']), 120), "notification" => "%actor% created <b>%title%</b>", "bindings" => array("title" => \CODOF\Util::start_cut($title, 100)));
$notifier->queueNotify('new_topic', $topicData);
//$notifier->dequeueNotify();
\CODOF\Hook::call('after_topic_insert', $topicData);
}
//insert tags if any present in the topic
if (isset($_POST['tags']) && $user->can('add tags')) {
//the method does the filtering
$topic->insertTags($tid, $_POST['tags']);
}
echo json_encode(array('tid' => $tid));
}
}
public function ins_topics($topic_info, $pid, $use_passed_pid)
{
$cats = array();
$i = 0;
$defs = array("last_post_id" => 0, "topic_updated" => 0);
foreach ($topic_info as $cat) {
$cats[$i] = $this->set_value($cat, $defs);
$cats[$i] += $cat;
//$cats[$i]['topic_id'] = $tid;
if ($use_passed_pid) {
$cats[$i]['post_id'] = ++$pid;
}
$cats[$i]['title'] = Format::title($cat['title']);
//does all last post details exist ?
if (\CODOF\Util::is_set($cat, array('last_post_id', 'last_post_uid', 'last_post_name', 'last_post_time'))) {
//correct last post time
if ($cat['last_post_time'] == null || $cat['last_post_time'] == 0) {
$cats[$i]['last_post_time'] = $cat['topic_created'];
}
} else {
$cats[$i]['last_post_id'] = 0;
$cats[$i]['last_post_uid'] = NULL;
$cats[$i]['last_post_name'] = NULL;
$cats[$i]['last_post_time'] = $cat['topic_created'];
}
if (isset($cat['no_views'])) {
$cats[$i]['no_views'] = $cat['no_views'];
} else {
$cats[$i]['no_views'] = 0;
}
$i++;
}
// var_dump($cats);
$attrs = array("topic_id", "title", "cat_id", "post_id", "uid", "last_post_id", "last_post_uid", "last_post_name", "topic_created", "topic_updated", "last_post_time", "no_views");
$qry = $this->prepare_ins_qry($cats, $attrs, "codo_topics");
$this->query .= $qry;
return $pid;
}
/**
*
* Edits current topic
*/
public function edit_topic($cid, $tid, $pid, $title, $imessage, $omessage, $topic_status = Forum::APPROVED)
{
$tid = (int) $tid;
$pid = (int) $pid;
$title = \CODOF\Format::title($title);
$qry = 'UPDATE ' . PREFIX . 'codo_topics SET cat_id=:cat_id, title=:title, topic_updated=:time, topic_status=:topic_status ' . 'WHERE topic_id=:tid';
$t_stmt = $this->db->prepare($qry);
$t_stmt->execute(array(":cat_id" => $cid, ":title" => $title, ":time" => time(), ":tid" => $tid, ":topic_status" => $topic_status));
$qry = 'UPDATE ' . PREFIX . 'codo_posts SET cat_id=:cat_id,imessage=:imesg, omessage=:omesg,' . 'post_modified=:time WHERE post_id=:pid';
$p_stmt = $this->db->prepare($qry);
$p_stmt->execute(array(":cat_id" => $cid, ":imesg" => \CODOF\Format::imessage($imessage), ":omesg" => \CODOF\Format::omessage($omessage), ":time" => time(), ":pid" => $pid));
}
