예제 #1
function qa_create_new_user($email, $password, $handle, $level = QA_USER_LEVEL_BASIC, $confirmed = false)
    require_once QA_INCLUDE_DIR . 'qa-db-users.php';
    require_once QA_INCLUDE_DIR . 'qa-db-points.php';
    require_once QA_INCLUDE_DIR . 'qa-app-options.php';
    require_once QA_INCLUDE_DIR . 'qa-app-emails.php';
    require_once QA_INCLUDE_DIR . 'qa-app-cookies.php';
    $userid = qa_db_user_create($email, $password, $handle, $level, qa_remote_ip_address());
    qa_db_points_update_ifuser($userid, null);
    if ($confirmed) {
        qa_db_user_set_flag($userid, QA_USER_FLAGS_EMAIL_CONFIRMED, true);
    if (qa_opt('show_notice_welcome')) {
        qa_db_user_set_flag($userid, QA_USER_FLAGS_WELCOME_NOTICE, true);
    $custom = qa_opt('show_custom_welcome') ? trim(qa_opt('custom_welcome')) : '';
    if (qa_opt('confirm_user_emails') && $level < QA_USER_LEVEL_EXPERT && !$confirmed) {
        $confirm = strtr(qa_lang('emails/welcome_confirm'), array('^url' => qa_get_new_confirm_url($userid, $handle)));
        if (qa_opt('confirm_user_required')) {
            qa_db_user_set_flag($userid, QA_USER_FLAGS_MUST_CONFIRM, true);
    } else {
        $confirm = '';
    if (qa_opt('moderate_users') && qa_opt('approve_user_required') && $level < QA_USER_LEVEL_EXPERT) {
        qa_db_user_set_flag($userid, QA_USER_FLAGS_MUST_APPROVE, true);
    qw_send_notification($userid, $email, $handle, qa_lang('emails/welcome_subject'), nl2br(qa_lang('emails/welcome_body')), array('^password' => isset($password) ? qa_lang('main/hidden') : qa_lang('users/password_to_set'), '^url' => qa_opt('site_url'), '^custom' => strlen($custom) ? $custom . "\n\n" : '', '^confirm' => $confirm));
    qa_report_event('u_register', $userid, $handle, qa_cookie_get(), array('email' => $email, 'level' => $level));
    return $userid;
예제 #2
function mp_announcement_create($userid, $handle, $cookieid, $title, $content, $format, $text, $notify, $categoryid)
     * Proceeds to create an announcement
    require_once QA_INCLUDE_DIR . 'qa-db-post-create.php';
    require_once QA_INCLUDE_DIR . 'qa-app-emails.php';
    require_once QA_INCLUDE_DIR . 'mp-app-users.php';
    // persist data to database
    $postid = qa_db_post_create('AN', null, $userid, $cookieid, qa_remote_ip_address(), $title, $content, $format, null, $notify, $categoryid);
    qa_user_report_action(qa_get_logged_in_userid(), null, null, null, null);
    // update new post with category path hierarchy
    // send notifications
    if ($notify && isset($postid)) {
        $category = mp_get_categoryinfo($categoryid);
        $recipients = mp_get_category_userids($categoryid);
        foreach ($recipients as $recipient) {
            // retrieve the user flags
            $userflags = mp_get_user_flags($recipient['userid']);
            // check user flags to determine whether user should be notified or not
            // of the new answer post
            if (!($userflags & QA_USER_FLAGS_NOTIFY_ANNOUNCEMENTS)) {
                qa_send_notification($recipient['userid'], null, null, qa_lang('emails/an_posted_subject'), qa_lang('emails/an_posted_body'), array('^an_handle' => $handle, '^category_title' => $category['title'], '^an_title' => $title, '^an_url' => qa_path('mp-announcements-page', null, qa_opt('site_url'), null, null)));
    // report announcement create event
    qa_report_event('an_post', $userid, $handle, $cookieid, array('postid' => $postid, 'title' => $title, 'content' => $content, 'format' => $format, 'text' => $text, 'categoryid' => $categoryid, 'notify' => $notify));
    return $postid;
예제 #3
 function process_event($event, $userid, $handle, $cookieid, $params)
     qw_do_action('qw_event_' . $event, $event, $userid, $handle, $cookieid, $params);
     if (qa_opt('event_logger_to_database')) {
         $paramstring = '';
         foreach ($params as $key => $value) {
             $value_to_text = $this->value_to_text($value, $key);
             $value = is_array($value) ? 'array(' . count($value) . ')' . "\t" . $value_to_text : $value_to_text;
             $paramstring .= (strlen($paramstring) ? "\t" : '') . $key . '=' . $value;
         $paramstring = strtr($paramstring, "\n\r", '   ');
         qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $userid, $handle, $cookieid, $event, $paramstring);
     if (qa_opt('event_logger_to_files')) {
         //	Substitute some placeholders if certain information is missing
         if (!strlen($userid)) {
             $userid = 'no_userid';
         if (!strlen($handle)) {
             $handle = 'no_handle';
         if (!strlen($cookieid)) {
             $cookieid = 'no_cookieid';
         $ip = qa_remote_ip_address();
         if (!strlen($ip)) {
             $ip = 'no_ipaddress';
         //	Build the log file line to be written
         $fixedfields = array('Date' => date('Y\\-m\\-d'), 'Time' => date('H\\:i\\:s'), 'IPaddress' => $ip, 'UserID' => $userid, 'Username' => $handle, 'CookieID' => $cookieid, 'Event' => $event);
         $fields = $fixedfields;
         foreach ($params as $key => $value) {
             $fields['param_' . $key] = $key . '=' . $this->value_to_text($value, $key);
         $string = implode("\t", $fields);
         //	Build the full path and file name
         $directory = qa_opt('event_logger_directory');
         if (substr($directory, -1) != '/') {
             $directory .= '/';
         $filename = $directory . 'q2a-log-' . date('Y\\-m\\-d') . '.txt';
         //	Open, lock, write, unlock, close (to prevent interference between multiple writes)
         $exists = file_exists($filename);
         $file = @fopen($filename, 'a');
         if (is_resource($file)) {
             if (flock($file, LOCK_EX)) {
                 if (!$exists && filesize($filename) === 0 && !qa_opt('event_logger_hide_header')) {
                     $string = "Question2Answer " . QA_VERSION . " log file generated by Event Logger plugin.\n" . "This file is formatted as tab-delimited text with UTF-8 encoding.\n\n" . implode("\t", array_keys($fixedfields)) . "\textras...\n\n" . $string;
                 fwrite($file, $string . "\n");
                 flock($file, LOCK_UN);
 function validate_post(&$error)
     if (!empty($_POST['recaptcha_challenge_field']) && !empty($_POST['recaptcha_response_field'])) {
         require_once $this->directory . 'recaptchalib.php';
         $answer = recaptcha_check_answer(qa_opt('recaptcha_private_key'), qa_remote_ip_address(), $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);
         if ($answer->is_valid) {
             return true;
         $error = @$answer->error;
     return false;
예제 #5
  * Check that the CAPTCHA was entered correctly. reCAPTCHA sets a long string in 'g-recaptcha-response'
  * when the CAPTCHA is completed; we check that with the reCAPTCHA API.
 public function validate_post(&$error)
     require_once $this->directory . 'recaptchalib.php';
     $recaptcha = new ReCaptcha(qa_opt('recaptcha_private_key'));
     $remoteIp = qa_remote_ip_address();
     $userResponse = qa_post_text('g-recaptcha-response');
     $recResponse = $recaptcha->verifyResponse($remoteIp, $userResponse);
     foreach ($recResponse->errorCodes as $code) {
         if (isset($this->errorCodeMessages[$code])) {
             $error .= $this->errorCodeMessages[$code] . "\n";
     return $recResponse->success;
예제 #6
function qa_db_hotness_update($firstpostid, $lastpostid = null, $viewincrement = false)
    if (qa_should_update_counts()) {
        if (!isset($lastpostid)) {
            $lastpostid = $firstpostid;
        $query = 'UPDATE ^posts AS x, (SELECT parents.postid, parents.created AS qcreated, COALESCE(MAX(children.created), parents.created) as acreated, COUNT(children.postid) AS acount, parents.netvotes, parents.views FROM ^posts AS parents LEFT JOIN ^posts AS children ON parents.postid=children.parentid AND children.type=\'A\' WHERE parents.postid>=# AND parents.postid<=# AND parents.type=\'Q\' GROUP BY postid) AS a SET x.hotness=(' . '((TO_DAYS(a.qcreated)-734138)*86400.0+TIME_TO_SEC(a.qcreated))*# + ' . '((TO_DAYS(a.acreated)-734138)*86400.0+TIME_TO_SEC(a.acreated))*# + ' . '(a.acount+0.0)*# + ' . '(a.netvotes+0.0)*# + ' . '(a.views+0.0+#)*#' . ')' . ($viewincrement ? ', x.views=x.views+1, x.lastviewip=INET_ATON($)' : '') . ' WHERE x.postid=a.postid';
        //	Additional multiples based on empirical analysis of activity on Q2A meta site to give approx equal influence for all factors
        $arguments = array($firstpostid, $lastpostid, qa_opt('hot_weight_q_age'), qa_opt('hot_weight_a_age'), qa_opt('hot_weight_answers') * 160000, qa_opt('hot_weight_votes') * 160000, $viewincrement ? 1 : 0, qa_opt('hot_weight_views') * 4000);
        if ($viewincrement) {
            $arguments[] = qa_remote_ip_address();
        qa_db_query_raw(qa_db_apply_sub($query, $arguments));
예제 #7
function qa_captcha_validate($form, &$errors)
    if (qa_captcha_possible()) {
        require_once QA_INCLUDE_DIR . 'qa-recaptchalib.php';
        if (!empty($form['recaptcha_challenge_field']) && !empty($form['recaptcha_response_field'])) {
            $answer = recaptcha_check_answer(qa_opt('recaptcha_private_key'), qa_remote_ip_address(), @$form['recaptcha_challenge_field'], @$form['recaptcha_response_field']);
            if (!$answer->is_valid) {
                $errors['captcha'] = @$answer->error;
        } else {
            $errors['captcha'] = true;
        // empty error but still set it
 function process_event($event, $userid, $handle, $cookieid, $params)
     if (!qa_opt('event_logger_to_database')) {
     $twoway = array('a_select', 'a_unselect', 'q_vote_up', 'a_vote_up', 'q_vote_down', 'a_vote_down', 'q_vote_nil', 'a_vote_nil', 'q_flag', 'a_flag', 'c_flag', 'q_unflag', 'a_unflag', 'c_unflag', 'u_edit', 'u_level', 'u_block', 'u_unblock');
     $special = array('a_post', 'c_post');
     if (in_array($event, $twoway)) {
         if (strpos($event, 'u_') === 0) {
             $uid = $params['userid'];
         } else {
             $uid = qa_db_read_one_value(qa_db_query_sub('SELECT userid FROM ^posts WHERE postid=#', $params['postid']), true);
         if ($uid != $userid) {
             $ohandle = $this->getHandleFromId($uid);
             $oevent = 'in_' . $event;
             $paramstring = '';
             foreach ($params as $key => $value) {
                 $paramstring .= (strlen($paramstring) ? "\t" : '') . $key . '=' . $this->value_to_text($value);
             qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $uid, $ohandle, $cookieid, $oevent, $paramstring);
     // comments and answers
     if (in_array($event, $special)) {
         $pid = qa_db_read_one_value(qa_db_query_sub('SELECT userid FROM ^posts WHERE postid=#', $params['parentid']), true);
         if ($pid != $userid) {
             $ohandle = $this->getHandleFromId($pid);
             switch ($event) {
                 case 'a_post':
                     $oevent = 'in_a_question';
                 case 'c_post':
                     if ($params['parenttype'] == 'Q') {
                         $oevent = 'in_c_question';
                     } else {
                         $oevent = 'in_c_answer';
             $paramstring = '';
             foreach ($params as $key => $value) {
                 $paramstring .= (strlen($paramstring) ? "\t" : '') . $key . '=' . $this->value_to_text($value);
             qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $pid, $ohandle, $cookieid, $oevent, $paramstring);
예제 #9
파일: qa-page.php 프로젝트: Trideon/gigolo
function qa_page_queue_pending()
    if (qa_to_override(__FUNCTION__)) {
        $args = func_get_args();
        return qa_call_override(__FUNCTION__, $args);
    $loginuserid = qa_get_logged_in_userid();
    if (isset($loginuserid)) {
            qa_db_queue_pending_select('loggedinuser', qa_db_user_account_selectspec($loginuserid, true));
        qa_db_queue_pending_select('notices', qa_db_user_notices_selectspec($loginuserid));
        qa_db_queue_pending_select('favoritenonqs', qa_db_user_favorite_non_qs_selectspec($loginuserid));
        qa_db_queue_pending_select('userlimits', qa_db_user_limits_selectspec($loginuserid));
        qa_db_queue_pending_select('userlevels', qa_db_user_levels_selectspec($loginuserid, true));
    qa_db_queue_pending_select('iplimits', qa_db_ip_limits_selectspec(qa_remote_ip_address()));
    qa_db_queue_pending_select('navpages', qa_db_pages_selectspec(array('B', 'M', 'O', 'F')));
    qa_db_queue_pending_select('widgets', qa_db_widgets_selectspec());
    function process_event($event, $userid, $handle, $cookieid, $params)
        if (!qa_opt('event_logger_to_database')) {
        // needed for function qa_post_userid_to_handle()
        require_once QA_INCLUDE_DIR . 'qa-app-posts.php';
        $twoway = array('a_select', 'q_vote_up', 'a_vote_up', 'q_vote_down', 'a_vote_down');
        $special = array('a_post', 'c_post');
        if (in_array($event, $twoway)) {
            if (strpos($event, 'u_') === 0) {
                $uid = $params['userid'];
            } else {
                $uid = qa_db_read_one_value(qa_db_query_sub('SELECT userid FROM ^posts WHERE postid=#', $params['postid']), true);
            if ($uid != $userid) {
                $ohandle = qa_post_userid_to_handle($uid);
                $oevent = 'in_' . $event;
                $paramstring = '';
                foreach ($params as $key => $value) {
                    $paramstring .= (strlen($paramstring) ? "\t" : '') . $key . '=' . $this->value_to_text($value);
                // write in_ events to qa_eventlog
                qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $uid, $ohandle, $cookieid, $oevent, $paramstring);
        // comments and answers
        if (in_array($event, $special)) {
            // userid (recent C)
            $uid = qa_db_read_one_value(qa_db_query_sub('SELECT userid FROM ^posts WHERE postid=#', $params['postid']), true);
            // userid (QA)
            $pid = qa_db_read_one_value(qa_db_query_sub('SELECT userid FROM ^posts WHERE postid=#', $params['parentid']), true);
            // if QA poster is not the same as commenter
            if ($pid != $userid) {
                $ohandle = qa_post_userid_to_handle($pid);
                switch ($event) {
                    case 'a_post':
                        $oevent = 'in_a_question';
                    case 'c_post':
                        if ($params['parenttype'] == 'Q') {
                            $oevent = 'in_c_question';
                        } else {
                            $oevent = 'in_c_answer';
                $paramstring = '';
                foreach ($params as $key => $value) {
                    $paramstring .= (strlen($paramstring) ? "\t" : '') . $key . '=' . $this->value_to_text($value);
                qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $pid, $ohandle, $cookieid, $oevent, $paramstring);
            // q2apro: added logging for comments in thread
            if ($event == 'c_post') {
                $oevent = 'in_c_comment';
                // check if we have more comments to the parent
                // DISTINCT: if a user has more than 1 comment just select him unique to inform him only once
                $precCommentsQuery = qa_db_query_sub('SELECT DISTINCT userid FROM `^posts`
												WHERE `parentid` = #
												AND `type` = "C"
												AND `userid` IS NOT NULL
												', $params['parentid']);
                while (($comment = qa_db_read_one_assoc($precCommentsQuery, true)) !== null) {
                    $userid_CommThr = $comment['userid'];
                    // unique
                    // don't inform user that comments, and don't inform user that comments on his own question/answer
                    if ($userid_CommThr != $uid && $userid_CommThr != $pid) {
                        $ohandle = qa_post_userid_to_handle($userid_CommThr);
                        $paramstring = '';
                        foreach ($params as $key => $value) {
                            $paramstring .= (strlen($paramstring) ? "\t" : '') . $key . '=' . $this->value_to_text($value);
                        qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $userid_CommThr, $ohandle, $cookieid, $oevent, $paramstring);
            // end in_c_comment
        // end in_array
예제 #11
 function qa_user_report_action($userid, $action, $questionid, $answerid, $commentid)
     require_once QA_INCLUDE_DIR . 'qa-db-users.php';
     qa_db_user_written($userid, qa_remote_ip_address());
예제 #12
function qa_limits_increment($userid, $action)
    if (qa_to_override(__FUNCTION__)) {
        $args = func_get_args();
        return qa_call_override(__FUNCTION__, $args);
    require_once QA_INCLUDE_DIR . 'qa-db-limits.php';
    $period = (int) (qa_opt('db_time') / 3600);
    if (isset($userid)) {
        qa_db_limits_user_add($userid, $action, $period, 1);
    qa_db_limits_ip_add(qa_remote_ip_address(), $action, $period, 1);
 function award_badge($object_id, $user_id, $badge_slug, $badge_badge = false)
     if (!$user_id) {
     // add badge to userbadges
     qa_db_query_sub('INSERT INTO ^userbadges (awarded_at, notify, object_id, user_id, badge_slug, id) ' . 'VALUES (NOW(), 1, #, #, $, 0)', $object_id, $user_id, $badge_slug);
     if (qa_opt('event_logger_to_database')) {
         // add event
         $handle = qa_getHandleFromId($user_id);
         qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $user_id, $handle, qa_cookie_get_create(), 'badge_awarded', 'badge_slug=' . $badge_slug . ($object_id ? "\t" . 'postid=' . $object_id : ''));
     if (qa_opt('badge_email_notify')) {
         qa_badge_notification($user_id, $object_id, $badge_slug);
     // check for sheer number of badges, unless this badge was for number of badges (avoid recursion!)
     if (!$badge_badge) {
function qa_cookie_report_action($cookieid, $action)
    require_once QA_INCLUDE_DIR . 'qa-db-cookies.php';
    qa_db_cookie_written($cookieid, qa_remote_ip_address());
예제 #15
function qa_comment_set_hidden($oldcomment, $hidden, $userid, $handle, $cookieid, $question, $answer)
    qa_db_post_set_type($oldcomment['postid'], $hidden ? 'C_HIDDEN' : 'C', $userid, qa_remote_ip_address());
    qa_db_points_update_ifuser($oldcomment['userid'], array('cposts'));
    if (!($hidden || $question['hidden'] || @$answer['hidden'])) {
        // only index if none of the things it depends on are hidden
        require_once QA_INCLUDE_DIR . 'qa-app-format.php';
        qa_post_index($oldcomment['postid'], 'C', $question['postid'], null, qa_viewer_text($oldcomment['content'], $oldcomment['format']), null);
    qa_report_event($hidden ? 'c_hide' : 'c_reshow', $userid, $handle, $cookieid, array('postid' => $oldcomment['postid'], 'parentid' => $oldcomment['parentid'], 'parenttype' => isset($answer) ? $answer['basetype'] : $question['basetype'], 'questionid' => $question['postid']));
예제 #16
function qa_badge_award_check($badges, $var, $uid, $oid = NULL, $notify = 1)
    // oid is the postid (if), notify = 1 for email and popup, 2 for just popup.
    if (!$uid) {
    $awarded = array();
    foreach ($badges as $badge_slug) {
        if (($var === false || (int) $var >= (int) qa_opt('badge_' . $badge_slug . '_var')) && qa_opt('badge_' . $badge_slug . '_enabled') !== '0') {
            if ($oid) {
                $result = @qa_db_read_one_value(qa_db_query_sub('SELECT badge_slug FROM ^userbadges WHERE user_id=# AND badge_slug=$ AND object_id=#', $uid, $badge_slug, $oid), true);
            } else {
                $result = @qa_db_read_one_value(qa_db_query_sub('SELECT badge_slug FROM ^userbadges WHERE user_id=# AND badge_slug=$', $uid, $badge_slug), true);
            if ($result == null) {
                // not already awarded this badge
                qa_db_query_sub('INSERT INTO ^userbadges (awarded_at, notify, object_id, user_id, badge_slug, id) ' . 'VALUES (NOW(), #, #, #, #, 0)', $notify, $oid, $uid, $badge_slug);
                if ($notify > 0) {
                    //qa_db_usernotice_create($uid, $content, 'html');
                    if (qa_opt('badge_email_notify') && $notify == 1) {
                        qa_badge_notification($uid, $oid, $badge_slug);
                    if (qa_opt('event_logger_to_database')) {
                        // add event
                        $handle = qa_getHandleFromId($uid);
                        qa_db_query_sub('INSERT INTO ^eventlog (datetime, ipaddress, userid, handle, cookieid, event, params) ' . 'VALUES (NOW(), $, $, $, #, $, $)', qa_remote_ip_address(), $uid, $handle, qa_cookie_get_create(), 'badge_awarded', 'badge_slug=' . $badge_slug . ($oid ? "\t" . 'postid=' . $oid : ''));
                array_push($awarded, $badge_slug);
    return $awarded;
예제 #17
if ($question['basetype'] == 'Q') {
    $qa_content['a_list']['title_tags'] = 'id="a_list_title"';
    if ($countfortitle > 0) {
        $split = $countfortitle == 1 ? qa_lang_html_sub_split('question/1_answer_title', '1', '1') : qa_lang_html_sub_split('question/x_answers_title', $countfortitle);
        if ($microdata) {
            $split['data'] = '<span itemprop="answerCount">' . $split['data'] . '</span>';
        $qa_content['a_list']['title'] = $split['prefix'] . $split['data'] . $split['suffix'];
    } else {
        $qa_content['a_list']['title_tags'] .= ' style="display:none;" ';
if (!$formrequested) {
    $qa_content['page_links'] = qa_html_page_links(qa_request(), $pagestart, $pagesize, $countforpages, qa_opt('pages_prev_next'), array(), false, 'a_list_title');
//	Some generally useful stuff
if (qa_using_categories() && count($categories)) {
    $qa_content['navigation']['cat'] = qa_category_navigation($categories, $question['categoryid']);
if (isset($jumptoanchor)) {
    $qa_content['script_onloads'][] = array('qa_scroll_page_to($("#"+' . qa_js($jumptoanchor) . ').offset().top);');
//	Determine whether this request should be counted for page view statistics
if (qa_opt('do_count_q_views') && !$formrequested && !qa_is_http_post() && qa_is_human_probably() && (!$question['views'] || ($question['lastviewip'] != qa_remote_ip_address() || !isset($question['lastviewip'])) && ($question['createip'] != qa_remote_ip_address() || !isset($question['createip'])) && ($question['userid'] != $userid || !isset($question['userid'])) && ($question['cookieid'] != $cookieid || !isset($question['cookieid'])))) {
    $qa_content['inc_views_postid'] = $questionid;
return $qa_content;
	Omit PHP closing tag to help avoid accidental output
예제 #18
  * Outputs cache to the user
 private function get_cache()
     global $qa_usage;
     $contents = @file_get_contents($this->cache_file);
     if (!$contents) {
     //cache failure, graceful exit
     $qa_content = array();
     // Dummy contents
     $userid = qa_get_logged_in_userid();
     $questionid = qa_request_part(0);
     $cookieid = qa_cookie_get(true);
     if (is_numeric($questionid)) {
         $question = qa_db_select_with_pending(qa_db_full_post_selectspec($userid, $questionid));
         if (is_numeric($questionid) && qa_opt('do_count_q_views') && !$this->post_method && !qa_is_http_post() && qa_is_human_probably() && (!$question['views'] || ($question['lastviewip'] != qa_remote_ip_address() || !isset($question['lastviewip'])) && ($question['createip'] != qa_remote_ip_address() || !isset($question['createip'])) && ($question['userid'] != $userid || !isset($question['userid'])) && ($question['cookieid'] != $cookieid || !isset($question['cookieid'])))) {
             $qa_content['inc_views_postid'] = $questionid;
         } else {
             $qa_content['inc_views_postid'] = null;
         $contents .= ob_get_contents();
예제 #19
function qa_comment_set_hidden($oldcomment, $hidden, $userid, $handle, $cookieid, $question, $parent)
    require_once QA_INCLUDE_DIR . 'qa-app-format.php';
    if (!isset($parent)) {
        $parent = $question;
    // for backwards compatibility with old answer parameter
    $wasqueued = $oldcomment['type'] == 'C_QUEUED';
    $setupdated = $hidden || !$wasqueued;
    // don't record approval of a post as an update action...
    qa_db_post_set_type($oldcomment['postid'], $hidden ? 'C_HIDDEN' : 'C', $setupdated ? $userid : null, $setupdated ? qa_remote_ip_address() : null, QA_UPDATE_VISIBLE);
    if (!$setupdated) {
        // ... for approval of a post, set created time to now instead
        qa_db_post_set_created($oldcomment['postid'], null);
    qa_db_points_update_ifuser($oldcomment['userid'], array('cposts'));
    if ($question['type'] == 'Q' && ($parent['type'] == 'Q' || $parent['type'] == 'A') && !$hidden) {
        // only index if none of the things it depends on are hidden or queued
        qa_post_index($oldcomment['postid'], 'C', $question['postid'], $oldcomment['parentid'], null, $oldcomment['content'], $oldcomment['format'], qa_viewer_text($oldcomment['content'], $oldcomment['format']), null, $oldcomment['categoryid']);
    qa_report_event($wasqueued ? $hidden ? 'c_reject' : 'c_approve' : ($hidden ? 'c_hide' : 'c_reshow'), $userid, $handle, $cookieid, array('postid' => $oldcomment['postid'], 'parentid' => $oldcomment['parentid'], 'oldcomment' => $oldcomment, 'parenttype' => $parent['basetype'], 'questionid' => $question['postid']));
    if ($wasqueued && !$hidden) {
        require_once QA_INCLUDE_DIR . 'qa-db-selects.php';
        require_once QA_INCLUDE_DIR . 'qa-util-string.php';
        $commentsfollows = qa_db_single_select(qa_db_full_child_posts_selectspec(null, $oldcomment['parentid']));
        $thread = array();
        foreach ($commentsfollows as $comment) {
            if ($comment['type'] == 'C' && $comment['parentid'] == $parent['postid']) {
                $thread[] = $comment;
        qa_report_event('c_post', $oldcomment['userid'], $oldcomment['handle'], $oldcomment['cookieid'], array('postid' => $oldcomment['postid'], 'parentid' => $oldcomment['parentid'], 'parenttype' => $parent['basetype'], 'parent' => $parent, 'questionid' => $question['postid'], 'question' => $question, 'thread' => $thread, 'content' => $oldcomment['content'], 'format' => $oldcomment['format'], 'text' => qa_viewer_text($oldcomment['content'], $oldcomment['format']), 'categoryid' => $oldcomment['categoryid'], 'notify' => isset($oldcomment['notify']), 'email' => qa_email_validate($oldcomment['notify']) ? $oldcomment['notify'] : null, 'delayed' => $oldcomment['created']));
예제 #20
$feedbacksent = false;
if (qa_clicked('dofeedback')) {
    require_once QA_INCLUDE_DIR . 'qa-util-emailer.php';
    require_once QA_INCLUDE_DIR . 'qa-util-string.php';
    $inmessage = qa_post_text('message');
    $inname = qa_post_text('name');
    $inemail = qa_post_text('email');
    $inreferer = qa_post_text('referer');
    if (empty($inmessage)) {
        $errors['message'] = qa_lang('misc/feedback_empty');
    if ($usecaptcha) {
        qa_captcha_validate($_POST, $errors);
    if (empty($errors)) {
        $subs = array('^message' => $inmessage, '^name' => empty($inname) ? '-' : $inname, '^email' => empty($inemail) ? '-' : $inemail, '^previous' => empty($inreferer) ? '-' : $inreferer, '^url' => isset($qa_login_userid) ? qa_path('user/' . qa_get_logged_in_handle(), null, qa_opt('site_url')) : '-', '^ip' => qa_remote_ip_address(), '^browser' => @$_SERVER['HTTP_USER_AGENT']);
        if (qa_send_email(array('fromemail' => qa_email_validate(@$inemail) ? $inemail : qa_opt('from_email'), 'fromname' => $inname, 'toemail' => qa_opt('feedback_email'), 'toname' => qa_opt('site_title'), 'subject' => qa_lang_sub('emails/feedback_subject', qa_opt('site_title')), 'body' => strtr(qa_lang('emails/feedback_body'), $subs), 'html' => false))) {
            $feedbacksent = true;
        } else {
            $page_error = qa_lang_html('main/general_error');
        qa_report_event('feedback', $qa_login_userid, qa_get_logged_in_handle(), $qa_cookieid, array('email' => $inemail, 'name' => $inname, 'message' => $inmessage, 'previous' => $inreferer, 'browser' => @$_SERVER['HTTP_USER_AGENT']));
//	Prepare content for theme
$qa_content = qa_content_prepare();
$qa_content['title'] = qa_lang_html('misc/feedback_title');
$qa_content['error'] = @$page_error;
$qa_content['form'] = array('tags' => 'METHOD="POST" ACTION="' . qa_self_html() . '"', 'style' => 'tall', 'fields' => array('message' => array('type' => $feedbacksent ? 'static' : '', 'label' => qa_lang_html_sub('misc/feedback_message', qa_opt('site_title')), 'tags' => 'NAME="message" ID="message"', 'value' => qa_html(@$inmessage), 'rows' => 8, 'error' => qa_html(@$errors['message'])), 'name' => array('type' => $feedbacksent ? 'static' : '', 'label' => qa_lang_html('misc/feedback_name'), 'tags' => 'NAME="name"', 'value' => qa_html(isset($inname) ? $inname : @$userprofile['name'])), 'email' => array('type' => $feedbacksent ? 'static' : '', 'label' => qa_lang_html('misc/feedback_email'), 'tags' => 'NAME="email"', 'value' => qa_html(isset($inemail) ? $inemail : qa_get_logged_in_email()), 'note' => $feedbacksent ? null : qa_opt('email_privacy'))), 'buttons' => array('send' => array('label' => qa_lang_html('main/send_button'))), 'hidden' => array('dofeedback' => '1', 'referer' => qa_html(isset($inreferer) ? $inreferer : @$_SERVER['HTTP_REFERER'])));
if ($usecaptcha && !$feedbacksent) {
    qa_set_up_captcha_field($qa_content, $qa_content['form']['fields'], @$errors);
예제 #21
  * Outputs cache to the user
 private function get_cache()
         if (qa_qa_version_below('1.7')) {
         } else {
             //global $qa_usage;
     if (!QA_CACHING_FILE) {
         $contents = $this->get_cache_db();
     } else {
         $contents = $this->get_cache_file();
     $qa_content = array();
     // Dummy contents
     $userid = qa_get_logged_in_userid();
     $questionid = qa_request_part(0);
     $cookieid = qa_cookie_get(true);
     if (is_numeric($questionid)) {
         $question = qa_db_select_with_pending(qa_db_full_post_selectspec($userid, $questionid));
         if (is_numeric($questionid) && qa_opt('do_count_q_views') && !preg_match("/^(?:POST|PUT)\$/i", $_SERVER["REQUEST_METHOD"]) && !qa_is_http_post() && qa_is_human_probably() && (!$question['views'] || ($question['lastviewip'] != qa_remote_ip_address() || !isset($question['lastviewip'])) && ($question['createip'] != qa_remote_ip_address() || !isset($question['createip'])) && ($question['userid'] != $userid || !isset($question['userid'])) && ($question['cookieid'] != $cookieid || !isset($question['cookieid'])))) {
             $qa_content['inc_views_postid'] = $questionid;
         } else {
             $qa_content['inc_views_postid'] = null;
         if (qa_qa_version_below('1.7')) {
         } else {
             global $qa_usage;
         $contents .= ob_get_contents();
     header('Content-type: ' . strtr('^type/^format; charset=utf-8', array('^type' => 'text', '^format' => $this->get_cache_file_extension())));
예제 #22
function qa_comment_create($userid, $handle, $cookieid, $content, $format, $text, $notify, $email, $question, $parent, $commentsfollows, $queued = false)
    require_once QA_INCLUDE_DIR . 'qa-app-emails.php';
    require_once QA_INCLUDE_DIR . 'qa-app-options.php';
    require_once QA_INCLUDE_DIR . 'qa-app-format.php';
    require_once QA_INCLUDE_DIR . 'qa-util-string.php';
    if (!isset($parent)) {
        $parent = $question;
    // for backwards compatibility with old answer parameter
    $postid = qa_db_post_create($queued ? 'C_QUEUED' : 'C', $parent['postid'], $userid, isset($userid) ? null : $cookieid, qa_remote_ip_address(), null, $content, $format, null, qa_combine_notify_email($userid, $notify, $email), $question['categoryid']);
    if (!$queued) {
        if ($question['type'] == 'Q' && ($parent['type'] == 'Q' || $parent['type'] == 'A')) {
            // only index if antecedents fully visible
            qa_post_index($postid, 'C', $question['postid'], $parent['postid'], null, $content, $format, $text, null, $question['categoryid']);
        qa_db_points_update_ifuser($userid, 'cposts');
    $thread = array();
    foreach ($commentsfollows as $comment) {
        if ($comment['type'] == 'C' && $comment['parentid'] == $parent['postid']) {
            // find just those for this parent, fully visible
            $thread[] = $comment;
    qa_report_event($queued ? 'c_queue' : 'c_post', $userid, $handle, $cookieid, array('postid' => $postid, 'parentid' => $parent['postid'], 'parenttype' => $parent['basetype'], 'parent' => $parent, 'questionid' => $question['postid'], 'question' => $question, 'thread' => $thread, 'content' => $content, 'format' => $format, 'text' => $text, 'categoryid' => $question['categoryid'], 'notify' => $notify, 'email' => $email));
    return $postid;
예제 #23
function qa_comment_create($userid, $handle, $cookieid, $content, $format, $text, $notify, $email, $question, $answer, $commentsfollows)
    require_once QA_INCLUDE_DIR . 'qa-app-emails.php';
    require_once QA_INCLUDE_DIR . 'qa-app-options.php';
    require_once QA_INCLUDE_DIR . 'qa-app-format.php';
    require_once QA_INCLUDE_DIR . 'qa-util-string.php';
    $parent = isset($answer) ? $answer : $question;
    $postid = qa_db_post_create('C', $parent['postid'], $userid, isset($userid) ? null : $cookieid, qa_remote_ip_address(), null, $content, $format, null, qa_combine_notify_email($userid, $notify, $email), $question['categoryid']);
    if (!($question['hidden'] || @$answer['hidden'])) {
        // don't index comment if parent or parent of parent is hidden
        qa_post_index($postid, 'C', $question['postid'], null, $text, null);
    qa_db_points_update_ifuser($userid, 'cposts');
    //	$senttoemail and $senttouserid ensure each user or email gets only one notification about an added comment,
    //	even if they have several previous comments in the same thread and asked for notifications for the parent.
    //	Still, if a person posted some comments as a registered user and some others anonymously,
    //	they could get two emails about a subsequent comment. Shouldn't be much of a problem in practice.
    $senttoemail = array();
    $senttouserid = array();
    switch ($parent['basetype']) {
        case 'Q':
            $subject = qa_lang('emails/q_commented_subject');
            $body = qa_lang('emails/q_commented_body');
            $context = $parent['title'];
        case 'A':
            $subject = qa_lang('emails/a_commented_subject');
            $body = qa_lang('emails/a_commented_body');
            $context = qa_viewer_text($parent['content'], $parent['format']);
    $blockwordspreg = qa_get_block_words_preg();
    $sendhandle = isset($handle) ? $handle : qa_lang('main/anonymous');
    $sendcontext = qa_block_words_replace($context, $blockwordspreg);
    $sendtext = qa_block_words_replace($text, $blockwordspreg);
    $sendtitle = qa_block_words_replace($question['title'], $blockwordspreg);
    $sendurl = qa_path(qa_q_request($question['postid'], $sendtitle), null, qa_opt('site_url'), null, qa_anchor($parent['basetype'], $parent['postid']));
    if (isset($parent['notify']) && !qa_post_is_by_user($parent, $userid, $cookieid)) {
        $senduserid = $parent['userid'];
        $sendemail = @$parent['notify'];
        if (qa_email_validate($sendemail)) {
            $senttoemail[$sendemail] = true;
        } elseif (isset($senduserid)) {
            $senttouserid[$senduserid] = true;
        qa_send_notification($senduserid, $sendemail, @$parent['handle'], $subject, $body, array('^c_handle' => $sendhandle, '^c_context' => $sendcontext, '^c_content' => $sendtext, '^url' => $sendurl));
    foreach ($commentsfollows as $comment) {
        if ($comment['basetype'] == 'C' && $comment['parentid'] == $parent['postid'] && !$comment['hidden']) {
            // find just those for this parent
            if (isset($comment['notify']) && !qa_post_is_by_user($comment, $userid, $cookieid)) {
                $senduserid = $comment['userid'];
                $sendemail = @$comment['notify'];
                if (qa_email_validate($sendemail)) {
                    if (@$senttoemail[$sendemail]) {
                    $senttoemail[$sendemail] = true;
                } elseif (isset($senduserid)) {
                    if (@$senttouserid[$senduserid]) {
                    $senttouserid[$senduserid] = true;
                qa_send_notification($senduserid, $sendemail, @$comment['handle'], qa_lang('emails/c_commented_subject'), qa_lang('emails/c_commented_body'), array('^c_handle' => $sendhandle, '^c_context' => $sendcontext, '^c_content' => $sendtext, '^url' => $sendurl));
    qa_report_event('c_post', $userid, $handle, $cookieid, array('postid' => $postid, 'parentid' => $parent['postid'], 'parenttype' => $parent['basetype'], 'questionid' => $question['postid'], 'content' => $content, 'format' => $format, 'text' => $text, 'categoryid' => $question['categoryid'], 'notify' => $notify, 'email' => $email));
    return $postid;
예제 #24
function qa_limits_increment($userid, $actioncode)
    require_once QA_INCLUDE_DIR . 'qa-db-limits.php';
    $period = (int) (qa_opt('db_time') / 3600);
    if (isset($userid)) {
        qa_db_limits_user_add($userid, $actioncode, $period, 1);
    qa_db_limits_ip_add(qa_remote_ip_address(), $actioncode, $period, 1);
예제 #25
function qa_set_user_avatar($userid, $imagedata, $oldblobid = null)
    if (qa_to_override(__FUNCTION__)) {
        $args = func_get_args();
        return qa_call_override(__FUNCTION__, $args);
    require_once QA_INCLUDE_DIR . 'qa-util-image.php';
    $imagedata = qa_image_constrain_data($imagedata, $width, $height, qa_opt('avatar_store_size'));
    if (isset($imagedata)) {
        require_once QA_INCLUDE_DIR . 'qa-db-blobs.php';
        $newblobid = qa_db_blob_create($imagedata, 'jpeg', null, $userid, null, qa_remote_ip_address());
        if (isset($newblobid)) {
            qa_db_user_set($userid, 'avatarblobid', $newblobid);
            qa_db_user_set($userid, 'avatarwidth', $width);
            qa_db_user_set($userid, 'avatarheight', $height);
            qa_db_user_set_flag($userid, QA_USER_FLAGS_SHOW_AVATAR, true);
            qa_db_user_set_flag($userid, QA_USER_FLAGS_SHOW_GRAVATAR, false);
            if (isset($oldblobid)) {
            return true;
    return false;
function qa_comment_set_status($oldcomment, $status, $userid, $handle, $cookieid, $question, $parent)
    require_once QA_INCLUDE_DIR . 'qa-app-format.php';
    if (!isset($parent)) {
        $parent = $question;
    // for backwards compatibility with old answer parameter
    $washidden = $oldcomment['type'] == 'C_HIDDEN';
    $wasqueued = $oldcomment['type'] == 'C_QUEUED';
    $wasrequeued = $wasqueued && isset($oldcomment['updated']);
    $setupdated = false;
    $event = null;
    if ($status == QA_POST_STATUS_QUEUED) {
        $newtype = 'C_QUEUED';
        if (!$wasqueued) {
            $event = 'c_requeue';
        // same event whether it was hidden or shown before
    } elseif ($status == QA_POST_STATUS_HIDDEN) {
        $newtype = 'C_HIDDEN';
        if (!$washidden) {
            $event = $wasqueued ? 'c_reject' : 'c_hide';
            if (!$wasqueued) {
                $setupdated = true;
    } elseif ($status == QA_POST_STATUS_NORMAL) {
        $newtype = 'C';
        if ($wasqueued) {
            $event = 'c_approve';
        } elseif ($washidden) {
            $event = 'c_reshow';
            $setupdated = true;
    } else {
        qa_fatal_error('Unknown status in qa_comment_set_status(): ' . $status);
    qa_db_post_set_type($oldcomment['postid'], $newtype, $setupdated ? $userid : null, $setupdated ? qa_remote_ip_address() : null, QA_UPDATE_VISIBLE);
    if ($wasqueued && $status == QA_POST_STATUS_NORMAL && qa_opt('moderate_update_time')) {
        // ... for approval of a post, can set time to now instead
        if ($wasrequeued) {
            qa_db_post_set_updated($oldcomment['postid'], null);
        } else {
            qa_db_post_set_created($oldcomment['postid'], null);
    qa_db_points_update_ifuser($oldcomment['userid'], array('cposts'));
    if ($wasqueued || $status == QA_POST_STATUS_QUEUED) {
    if ($oldcomment['flagcount']) {
    if ($question['type'] == 'Q' && ($parent['type'] == 'Q' || $parent['type'] == 'A') && $status == QA_POST_STATUS_NORMAL) {
        // only index if none of the things it depends on are hidden or queued
        qa_post_index($oldcomment['postid'], 'C', $question['postid'], $oldcomment['parentid'], null, $oldcomment['content'], $oldcomment['format'], qa_viewer_text($oldcomment['content'], $oldcomment['format']), null, $oldcomment['categoryid']);
    $eventparams = array('postid' => $oldcomment['postid'], 'parentid' => $oldcomment['parentid'], 'parenttype' => $parent['basetype'], 'parent' => $parent, 'questionid' => $question['postid'], 'question' => $question, 'content' => $oldcomment['content'], 'format' => $oldcomment['format'], 'text' => qa_viewer_text($oldcomment['content'], $oldcomment['format']), 'categoryid' => $oldcomment['categoryid'], 'name' => $oldcomment['name']);
    if (isset($event)) {
        qa_report_event($event, $userid, $handle, $cookieid, $eventparams + array('oldcomment' => $oldcomment));
    if ($wasqueued && $status == QA_POST_STATUS_NORMAL && !$wasrequeued) {
        require_once QA_INCLUDE_DIR . 'qa-db-selects.php';
        require_once QA_INCLUDE_DIR . 'qa-util-string.php';
        $commentsfollows = qa_db_single_select(qa_db_full_child_posts_selectspec(null, $oldcomment['parentid']));
        $thread = array();
        foreach ($commentsfollows as $comment) {
            if ($comment['type'] == 'C' && $comment['parentid'] == $parent['postid']) {
                $thread[] = $comment;
        qa_report_event('c_post', $oldcomment['userid'], $oldcomment['handle'], $oldcomment['cookieid'], $eventparams + array('thread' => $thread, 'notify' => isset($oldcomment['notify']), 'email' => qa_email_validate($oldcomment['notify']) ? $oldcomment['notify'] : null, 'delayed' => $oldcomment['created']));
예제 #27
 function process_request($request)
     $message = '';
     $url = '';
     if (is_array($_FILES) && count($_FILES)) {
         //	Check that we're allowed to upload images (if not, no other uploads are allowed either)
         if (!qa_opt('wysiwyg_editor_upload_images')) {
             $message = qa_lang('users/no_permission');
         //	Check that we haven't reached the upload limit and are not blocked
         if (empty($message)) {
             require_once QA_INCLUDE_DIR . 'qa-app-users.php';
             require_once QA_INCLUDE_DIR . 'qa-app-limits.php';
             switch (qa_user_permit_error(null, QA_LIMIT_UPLOADS)) {
                 case 'limit':
                     $message = qa_lang('main/upload_limit');
                 case false:
                     qa_limits_increment(qa_get_logged_in_userid(), QA_LIMIT_UPLOADS);
                     $message = qa_lang('users/no_permission');
         //	Find out some information about the uploaded file and check it's not too large
         if (empty($message)) {
             require_once QA_INCLUDE_DIR . 'qa-app-blobs.php';
             $file = reset($_FILES);
             $pathinfo = pathinfo($file['name']);
             $extension = strtolower(@$pathinfo['extension']);
             $filesize = $file['size'];
             $maxsize = min(qa_opt('wysiwyg_editor_upload_max_size'), qa_get_max_upload_size());
             if ($filesize <= 0 || $filesize > $maxsize) {
                 // if file was too big for PHP, $filesize will be zero
                 $message = qa_lang_sub('main/max_upload_size_x', number_format($maxsize / 1048576, 1) . 'MB');
         //	If it's only allowed to be an image, check it's an image
         if (empty($message)) {
             if (qa_get('qa_only_image') || !qa_opt('wysiwyg_editor_upload_all')) {
                 // check if we need to confirm it's an image
                 switch ($extension) {
                     case 'png':
                         // these are allowed image extensions
                     // these are allowed image extensions
                     case 'gif':
                     case 'jpeg':
                     case 'jpg':
                         if (function_exists('getimagesize')) {
                             // getimagesize() does not require GD library
                             if (!is_array(@getimagesize($file['tmp_name']))) {
                                 $message = qa_lang_sub('main/image_not_read', 'GIF, JPG, PNG');
                         $message = qa_lang_sub('main/image_not_read', 'GIF, JPG, PNG');
         //	If there have been no errors, looks like we're all set...
         if (empty($message)) {
             require_once QA_INCLUDE_DIR . 'qa-db-blobs.php';
             $userid = qa_get_logged_in_userid();
             $cookieid = isset($userid) ? qa_cookie_get() : qa_cookie_get_create();
             $blobid = qa_db_blob_create(file_get_contents($file['tmp_name']), $extension, @$file['name'], $userid, $cookieid, qa_remote_ip_address());
             if (isset($blobid)) {
                 $url = qa_get_blob_url($blobid, true);
             } else {
                 $message = 'Failed to create object in database - please try again';
     echo "<script type='text/javascript'>window.parent.CKEDITOR.tools.callFunction(" . qa_js(qa_get('CKEditorFuncNum')) . ", " . qa_js($url) . ", " . qa_js($message) . ");</script>";
     return null;
예제 #28
 function qa_user_report_action($userid, $action)
     if (qa_to_override(__FUNCTION__)) {
         $args = func_get_args();
         return qa_call_override(__FUNCTION__, $args);
     require_once QA_INCLUDE_DIR . 'db/users.php';
     qa_db_user_written($userid, qa_remote_ip_address());
function qa_upload_file($localfilename, $sourcefilename, $maxfilesize = null, $onlyimage = false, $imagemaxwidth = null, $imagemaxheight = null)
    if (qa_to_override(__FUNCTION__)) {
        $args = func_get_args();
        return qa_call_override(__FUNCTION__, $args);
    $result = array();
    //	Check per-user upload limits
    require_once QA_INCLUDE_DIR . 'qa-app-users.php';
    require_once QA_INCLUDE_DIR . 'qa-app-limits.php';
    switch (qa_user_permit_error(null, QA_LIMIT_UPLOADS)) {
        case 'limit':
            $result['error'] = qa_lang('main/upload_limit');
            return $result;
        case false:
            qa_limits_increment(qa_get_logged_in_userid(), QA_LIMIT_UPLOADS);
            $result['error'] = qa_lang('users/no_permission');
            return $result;
    //	Check the uploaded file is not too large
    $filesize = filesize($localfilename);
    if (isset($maxfilesize)) {
        $maxfilesize = min($maxfilesize, qa_get_max_upload_size());
    } else {
        $maxfilesize = qa_get_max_upload_size();
    if ($filesize <= 0 || $filesize > $maxfilesize) {
        // if file was too big for PHP, $filesize will be zero
        $result['error'] = qa_lang_sub('main/max_upload_size_x', number_format($maxfilesize / 1048576, 1) . 'MB');
        return $result;
    //	Find out what type of source file was uploaded and if appropriate, check it's an image and get preliminary size measure
    $pathinfo = pathinfo($sourcefilename);
    $format = strtolower(@$pathinfo['extension']);
    $isimage = $format == 'png' || $format == 'gif' || $format == 'jpeg' || $format == 'jpg';
    // allowed image extensions
    if ($isimage) {
        $imagesize = @getimagesize($localfilename);
        if (is_array($imagesize)) {
            $result['width'] = $imagesize[0];
            $result['height'] = $imagesize[1];
            switch ($imagesize['2']) {
                // reassign format based on actual content, if we can
                case IMAGETYPE_GIF:
                    $format = 'gif';
                case IMAGETYPE_JPEG:
                    $format = 'jpeg';
                case IMAGETYPE_PNG:
                    $format = 'png';
    $result['format'] = $format;
    if ($onlyimage) {
        if (!$isimage || !is_array($imagesize)) {
            $result['error'] = qa_lang_sub('main/image_not_read', 'GIF, JPG, PNG');
            return $result;
    //	Read in the raw file contents
    $content = file_get_contents($localfilename);
    //	If appropriate, get more accurate image size and apply constraints to it
    require_once QA_INCLUDE_DIR . 'qa-util-image.php';
    if ($isimage && qa_has_gd_image()) {
        $image = @imagecreatefromstring($content);
        if (is_resource($image)) {
            $result['width'] = $width = imagesx($image);
            $result['height'] = $height = imagesy($image);
            if (isset($imagemaxwidth) || isset($imagemaxheight)) {
                if (qa_image_constrain($width, $height, isset($imagemaxwidth) ? $imagemaxwidth : $width, isset($imagemaxheight) ? $imagemaxheight : $height)) {
                    qa_gd_image_resize($image, $width, $height);
                    if (is_resource($image)) {
                        $content = qa_gd_image_jpeg($image);
                        $result['format'] = $format = 'jpeg';
                        $result['width'] = $width;
                        $result['height'] = $height;
            if (is_resource($image)) {
                // might have been lost
    //	Create the blob and return
    require_once QA_INCLUDE_DIR . 'qa-app-blobs.php';
    $userid = qa_get_logged_in_userid();
    $cookieid = isset($userid) ? qa_cookie_get() : qa_cookie_get_create();
    $result['blobid'] = qa_create_blob($content, $format, $sourcefilename, $userid, $cookieid, qa_remote_ip_address());
    if (!isset($result['blobid'])) {
        $result['error'] = qa_lang('main/general_error');
        return $result;
    $result['bloburl'] = qa_get_blob_url($result['blobid'], true);
    return $result;