/** * Used to determine if difference between positive and negative ratings changes, and makes appropriate changes to the rating given to user. * * @param $to_user_id * @param $from_user_id * @param $current_score * @param $new_score * @param $action */ private function setUserRating($to_user_id, $from_user_id, $current_score, $new_score, $sql_ary, $action) { $to_user_id = (int) $to_user_id; $from_user_id = (int) $from_user_id; $current_score = (int) $current_score; $new_score = (int) $new_score; $difference = $this->countFeedbackType($to_user_id, $from_user_id); $insert = true; switch ($action) { case 'add': $new_difference = $difference + $new_score; $insert = $this->db->sql_query('INSERT INTO ' . $this->tables['feedback'] . ' ' . $this->db->sql_build_array('INSERT', $sql_ary)); $next_id = $this->db->sql_nextid(); break; case 'revert': $new_difference = $difference + $current_score; break; case 'edit': $new_difference = $difference - $current_score + $new_score; break; case 'delete': $new_difference = $difference - $current_score; break; } if ($this->normalize($difference) != $this->normalize($new_difference) && $insert) { $this->removeUserRating($to_user_id, $this->normalize($difference)); $this->giveUserRating($to_user_id, $this->normalize($new_difference)); } else { if ($this->get_users_feedback_count($to_user_id) == 1 && $this->normalize($new_difference) == 0 && $insert) { $this->giveUserRating($to_user_id, self::RATE_NEUTRAL); } } return $next_id; }
/** * Set own position on map * * @return type */ public function position() { if ($this->user->data['user_id'] == ANONYMOUS || !$this->auth->acl_get('u_usermap_add')) { trigger_error('NOT_AUTHORISED'); } $data = array('user_usermap_lon' => substr($this->request->variable('lon', ''), 0, 10), 'user_usermap_lat' => substr($this->request->variable('lat', ''), 0, 10)); if (confirm_box(true)) { if (!function_exists('validate_data')) { include $this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext; } $error = validate_data($data, array('user_usermap_lon' => array('match', false, self::REGEX_LON), 'user_usermap_lat' => array('match', false, self::REGEX_LAT))); if (sizeof($error)) { $error = array_map(array($this->user, 'lang'), $error); trigger_error(implode('<br>', $error)); } $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $this->db->sql_build_array('UPDATE', $data) . ' WHERE user_id = ' . (int) $this->user->data['user_id']; $this->db->sql_query($sql); trigger_error('POSITION_SET'); } else { confirm_box(false, $this->user->lang('CONFIRM_COORDINATES_SET', $data['user_usermap_lon'], $data['user_usermap_lat']), build_hidden_fields(array('lon' => $data['user_usermap_lon'], 'lat' => $data['user_usermap_lat']))); } return $this->index(); }
public function position() { if ($this->user->data['user_id'] == ANONYMOUS || !$this->auth->acl_get('u_usermap_add')) { trigger_error('NOT_AUTHORISED'); } $lon = substr($this->request->variable('lon', ''), 0, 10); $lat = substr($this->request->variable('lat', ''), 0, 10); if (confirm_box(true)) { $data = array('user_usermap_lon' => $lon, 'user_usermap_lat' => $lat); if (!function_exists('validate_data')) { include $this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext; } $error = validate_data($data, array('user_usermap_lon' => array(array('string', true, 5, 10)), 'user_usermap_lat' => array(array('string', true, 5, 10)))); $error = array_map(array($this->user, 'lang'), $error); if (sizeof($error)) { trigger_error(implode('<br>', $error) . '<br><br><a href="' . $this->helper->route('tas2580_usermap_index', array()) . '">' . $this->user->lang('BACK_TO_USERMAP') . '</a>'); } $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $this->db->sql_build_array('UPDATE', $data) . ' WHERE user_id = ' . (int) $this->user->data['user_id']; $this->db->sql_query($sql); trigger_error('POSITION_SET'); } else { confirm_box(false, $this->user->lang('CONFIRM_COORDINATES_SET', $lon, $lat), build_hidden_fields(array('lon' => $lon, 'lat' => $lat))); } return $this->index(); }
/** * {@inheritDoc} */ public function add($mode, $user_id, $log_ip, $log_operation, $log_time = false, $additional_data = array()) { if (!$this->is_enabled($mode)) { return false; } if ($log_time === false) { $log_time = time(); } $sql_ary = array('user_id' => !empty($user_id) ? $user_id : ANONYMOUS, 'log_ip' => !empty($log_ip) ? $log_ip : '', 'log_time' => $log_time, 'log_operation' => $log_operation); switch ($mode) { case 'admin': $sql_ary += array('log_type' => LOG_ADMIN, 'log_data' => !empty($additional_data) ? serialize($additional_data) : ''); break; case 'mod': $forum_id = isset($additional_data['forum_id']) ? (int) $additional_data['forum_id'] : 0; unset($additional_data['forum_id']); $topic_id = isset($additional_data['topic_id']) ? (int) $additional_data['topic_id'] : 0; unset($additional_data['topic_id']); $post_id = isset($additional_data['post_id']) ? (int) $additional_data['post_id'] : 0; unset($additional_data['post_id']); $sql_ary += array('log_type' => LOG_MOD, 'forum_id' => $forum_id, 'topic_id' => $topic_id, 'post_id' => $post_id, 'log_data' => !empty($additional_data) ? serialize($additional_data) : ''); break; case 'user': $reportee_id = (int) $additional_data['reportee_id']; unset($additional_data['reportee_id']); $sql_ary += array('log_type' => LOG_USERS, 'reportee_id' => $reportee_id, 'log_data' => !empty($additional_data) ? serialize($additional_data) : ''); break; case 'critical': $sql_ary += array('log_type' => LOG_CRITICAL, 'log_data' => !empty($additional_data) ? serialize($additional_data) : ''); break; } /** * Allows to modify log data before we add it to the database * * NOTE: if sql_ary does not contain a log_type value, the entry will * not be stored in the database. So ensure to set it, if needed. * * @event core.add_log * @var string mode Mode of the entry we log * @var int user_id ID of the user who triggered the log * @var string log_ip IP of the user who triggered the log * @var string log_operation Language key of the log operation * @var int log_time Timestamp, when the log was added * @var array additional_data Array with additional log data * @var array sql_ary Array with log data we insert into the * database. If sql_ary[log_type] is not set, * we won't add the entry to the database. * @since 3.1.0-a1 */ $vars = array('mode', 'user_id', 'log_ip', 'log_operation', 'log_time', 'additional_data', 'sql_ary'); extract($this->dispatcher->trigger_event('core.add_log', compact($vars))); // We didn't find a log_type, so we don't save it in the database. if (!isset($sql_ary['log_type'])) { return false; } $this->db->sql_query('INSERT INTO ' . $this->log_table . ' ' . $this->db->sql_build_array('INSERT', $sql_ary)); return $this->db->sql_nextid(); }
/** * * https://github.com/paypal/ipn-code-samples/blob/master/paypal_ipn.php * * @return boolean */ public function ipn() { $raw_post_data = file_get_contents('php://input'); $raw_post_array = explode('&', $raw_post_data); $myPost = array(); foreach ($raw_post_array as $keyval) { $keyval = explode('=', $keyval); if (count($keyval) == 2) { $myPost[$keyval[0]] = urldecode($keyval[1]); } } // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; if (function_exists('get_magic_quotes_gpc')) { $get_magic_quotes_exists = true; } foreach ($myPost as $key => $value) { if ($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) { $value = urlencode(stripslashes($value)); } else { $value = urlencode($value); } $req .= "&{$key}={$value}"; } $sql = 'SELECT paypal_sandbox FROM ' . $this->table_config; $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); $paypal_url = $row['paypal_sandbox'] == 1 ? 'https://www.sandbox.paypal.com/cgi-bin/webscr' : 'https://www.paypal.com/cgi-bin/webscr'; $ch = curl_init($paypal_url); if ($ch == false) { return false; } curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $req); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_FORBID_REUSE, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30); curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close')); $res = curl_exec($ch); curl_close($ch); // Inspect IPN validation result and act accordingly // Split response headers and payload, a better way for strcmp $tokens = explode("\r\n\r\n", trim($res)); $res = trim(end($tokens)); if (strcmp($res, 'VERIFIED') == 0) { $sql_data = array('user_id' => (int) $this->request->variable('custom', '0'), 'item_id' => (int) $this->request->variable('item_number', '0'), 'item_name' => $this->request->variable('item_number', '', true), 'donation_time' => time(), 'donation_amount' => $this->request->variable('mc_gross', '0')); $sql = 'INSERT INTO ' . $this->table_donations . ' ' . $this->db->sql_build_array('INSERT', $sql_data); $this->db->sql_query($sql); } $headers = array('Content-Type' => 'application/xml; charset=UTF-8'); return new Response('', '200', $headers); }
/** * Update a blog post using the given information * * @param int $id * @param string $title * @param string $slug * @param int $time * @param int $edit_time * @param string $edit_reason * @param bool $status * @param bool $locked * @param int $poster_id * @param int $comment_count * @param string $content * @param string $bbcode_uid * @param string $bbcode_bitfield * @param array $categories Array of category IDs * @param array $tags Array of tag IDs * @return bool */ public function update($id, $title, $slug, $time, $edit_time, $edit_reason, $status, $locked, $poster_id, $comment_count, $content, $bbcode_uid, $bbcode_bitfield, array $categories, array $tags) { $sql = 'UPDATE ' . $this->blog_posts_table . ' SET ' . $this->db->sql_build_array('UPDATE', array('title' => $title, 'slug' => $slug, 'time' => (int) $time, 'edit_time' => (int) $edit_time, 'edit_reason' => $edit_reason, 'status' => (bool) $status, 'locked' => (bool) $locked, 'poster_id' => (int) $poster_id, 'comment_count' => (int) $comment_count, 'content' => $content, 'bbcode_uid' => $bbcode_uid, 'bbcode_bitfield' => $bbcode_bitfield)) . ' WHERE id = ' . (int) $id; $this->db->sql_query($sql); // Handle category changes $sql = 'SELECT category_id FROM ' . $this->blog_post_categories_table . ' WHERE post_id = ' . (int) $id; $result = $this->db->sql_query($sql); $current_categories = array(); while ($row = $this->db->sql_fetchrow($result)) { $current_categories[] = $row['category_id']; } $this->db->sql_freeresult($result); $added_categories = array_diff($categories, $current_categories); $removed_categories = array_diff($current_categories, $categories); foreach ($added_categories as $added_category) { $sql = 'INSERT INTO ' . $this->blog_post_categories_table . ' ' . $this->db->sql_build_array('INSERT', array('post_id' => (int) $post_id, 'category_id' => (int) $added_category)); $this->db->sql_query($sql); $sql = 'UPDATE ' . $this->blog_categories_table . ' SET post_count = post_count + 1 WHERE id = ' . (int) $category_id; $this->db->sql_query($sql); } foreach ($removed_categories as $removed_category) { $sql = 'DELETE FROM ' . $this->blog_post_categories_table . ' WHERE post_id = ' . (int) $id . ' AND category_id = ' . (int) $removed_category; $this->db->sql_query($sql); $sql = 'UPDATE ' . $this->blog_categories_table . ' SET post_count = post_count - 1 WHERE id = ' . (int) $category_id; $this->db->sql_query($sql); } // Handle tag changes $sql = 'SELECT tag_id FROM ' . $this->blog_post_tags_table . ' WHERE post_id = ' . (int) $id; $result = $this->db->sql_query($sql); $current_tags = array(); while ($row = $this->db->sql_fetchrow($result)) { $current_tags[] = $row['tag_id']; } $this->db->sql_freeresult($result); $added_tags = array_diff($tags, $current_tags); $removed_categories = array_diff($current_tags, $tags); foreach ($added_tags as $added_tag) { $sql = 'INSERT INTO ' . $this->blog_post_tags_table . ' ' . $this->db->sql_build_array('INSERT', array('post_id' => (int) $post_id, 'category_id' => (int) $added_tag)); } foreach ($removed_tags as $removed_tag) { $sql = 'DELETE FROM ' . $this->blog_post_tags_table . ' WHERE post_id = ' . (int) $id . ' AND category_id = ' . (int) $removed_tag; $this->db->sql_query($sql); } return true; }
/** * Update topics table * @param object $user_colour The colour of the user chosen in the UCP * @return null * @access private */ private function update_tables($user_colour) { $sql_ary = array('topic_last_poster_colour' => $user_colour); $sql = 'UPDATE ' . TOPICS_TABLE . ' SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . ' WHERE topic_last_poster_id = ' . $this->user->data['user_id']; $this->db->sql_query($sql); $sql_ary = array('topic_first_poster_colour' => $user_colour); $sql = 'UPDATE ' . TOPICS_TABLE . ' SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . ' WHERE topic_poster = ' . $this->user->data['user_id']; $this->db->sql_query($sql); $sql_ary = array('forum_last_poster_colour' => $user_colour); $sql = 'UPDATE ' . FORUMS_TABLE . ' SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . ' WHERE forum_last_poster_id = ' . $this->user->data['user_id']; $this->db->sql_query($sql); if ($this->config['newest_user_id'] == $this->user->data['user_id']) { $this->config->set('newest_user_colour', $user_colour, true); } return; }
/** * The main function for recording reputation vote. * * @param array $data Reputation data * @access public * @return null */ public function store_reputation($data) { $data['reputation_time'] = time(); $fields = array('user_id_from' => 'integer', 'user_id_to' => 'integer', 'reputation_time' => 'integer', 'reputation_type' => 'string', 'reputation_item_id' => 'integer', 'reputation_points' => 'integer', 'reputation_comment' => 'string'); foreach ($fields as $field => $type) { if (!isset($data[$field])) { throw new \pico\reputation\exception\invalid_argument(array($field, 'FIELD_MISSING')); } $value = $data[$field]; settype($value, $type); $data[$field] = $value; } // Get reputation type id $data['reputation_type_id'] = $this->get_reputation_type_id($data['reputation_type']); // Unset reputation type - it is not stored in DB unset($data['reputation_type']); $validate_unsigned = array('user_id_from', 'user_id_to', 'reputation_time', 'reputation_type_id', 'reputation_item_id'); foreach ($validate_unsigned as $field) { if ($data[$field] < 0) { throw new \pico\reputation\exception\out_of_bounds($field); } } // Save reputation vote $sql = 'INSERT INTO ' . $this->reputations_table . ' ' . $this->db->sql_build_array('INSERT', $data); $this->db->sql_query($sql); unset($this->reputation_id); $this->reputation_id = $this->db->sql_nextid(); // Update post reputation if ($data['reputation_type_id'] == $this->get_reputation_type_id('post')) { $sql = 'UPDATE ' . POSTS_TABLE . "\n\t\t\t\tSET post_reputation = post_reputation + {$data['reputation_points']}\n\t\t\t\tWHERE post_id = {$data['reputation_item_id']}"; $this->db->sql_query($sql); } // Update user reputation $sql = 'UPDATE ' . USERS_TABLE . "\n\t\t\tSET user_reputation = user_reputation + {$data['reputation_points']}\n\t\t\tWHERE user_id = {$data['user_id_to']}"; $this->db->sql_query($sql); // Check max/min user points if ($this->config['rs_max_point'] || $this->config['rs_min_point']) { $this->check_max_min($data['user_id_to']); } }
/** * Update a blog post using the given information * * @param int $id * @param int $post_id * @param int $time * @param int $edit_time * @param string $edit_reason * @param bool $status * @param int $poster_id * @param int $comment_count * @param string $content * @param string $bbcode_uid * @param string $bbcode_bitfield * @return bool */ public function update($id, $title, $slug, $time, $edit_time, $edit_reason, $status, $locked, $poster_id, $comment_count, $content, $bbcode_uid, $bbcode_bitfield) { $sql = 'UPDATE ' . $this->blog_posts_table . ' SET ' . $this->db->sql_build_array('UPDATE', array('title' => $title, 'slug' => $slug, 'time' => (int) $time, 'edit_time' => (int) $edit_time, 'edit_reason' => $edit_reason, 'status' => (bool) $status, 'locked' => (bool) $locked, 'poster_id' => (int) $poster_id, 'comment_count' => (int) $comment_count, 'content' => $content, 'bbcode_uid' => $bbcode_uid, 'bbcode_bitfield' => $bbcode_bitfield)) . ' WHERE id = ' . (int) $id; $this->db->sql_query($sql); return true; }