public function undelete($id)
{
//SQL injection safe
$pid = (int) $id;
$qry = 'SELECT uid FROM ' . PREFIX . 'codo_posts WHERE post_id=' . $pid;
$res = $this->db->query($qry);
$result = $res->fetch();
if ($result) {
$puid = $result['uid'];
if ($puid == \CODOF\User\CurrentUser\CurrentUser::id()) {
$has_permission = \CODOF\Access\Access::hasPermission(array('edit my posts', 'edit all posts'));
} else {
$has_permission = \CODOF\Access\Access::hasPermission('edit all posts');
}
if ($has_permission) {
$post = new \CODOF\Forum\Post($this->db);
//Delete post ie set status as 0
$post->undelete($pid);
echo 'success';
} else {
echo "Unauthorized request to delete post " . $id;
exit;
}
} else {
echo 'no post found';
}
}
public function get_topics($catid, $page)
{
$topic = new \CODOF\Forum\Topic($this->db);
$topics = array();
$cid = (int) $catid;
$num_pages = 'not_passed';
if (isset($_GET['get_page_count']) && $_GET['get_page_count'] == 'yes') {
$num_pages = 'calc_count';
}
$new_topics = array();
$new_replies = array();
if (isset($_GET['str']) && $_GET['str'] != "") {
$user = \CODOF\User\User::get();
if (!$user->can('use search')) {
exit('permission denied');
}
$search = new \CODOF\Search\Search();
$search->str = $_GET['str'];
$search->num_results = \CODOF\Util::get_opt("num_posts_cat_topics");
$search->from = ($page - 1) * $search->num_results;
if ($num_pages == 'calc_count') {
$search->count_rows = true;
}
$cats = (int) $_GET['catid'];
$search->cats = $cats;
$search->match_titles = $_GET['match_titles'];
$search->order = $_GET['order'];
$search->sort = $_GET['sort'];
$search->time_within = $_GET['search_within'];
$res = $search->search();
if ($num_pages == 'calc_count') {
$num_pages = $search->get_total_count();
}
$_topics = $topic->gen_topic_arr_all_topics($res, $search);
$tids = array();
foreach ($topics as $_topic) {
$tids[] = $_topic['topic_id'];
}
//var_dump($topics);
} else {
//$num_pages = $topic->get_num_pages(
// $topic->get_num_topics($cid), \CODOF\Util::get_opt("num_posts_cat_topics")
//);
$num_pages = 'not_passed';
$topics = $topic->get_topics($cid, $page);
$tids = array();
foreach ($topics as $_topic) {
$tids[] = $_topic['topic_id'];
}
if (\CODOF\User\CurrentUser\CurrentUser::loggedIn()) {
$tracker = new \CODOF\Forum\Tracker($this->db);
$topic->new_topic_ids = $tracker->get_new_topic_ids($cid, $tids);
$topic->new_replies = $tracker->get_new_reply_counts($tids);
}
$topic->tags = $topic->getAllTags($tids);
$_topics = $topic->gen_topic_arr($topics, $cid);
}
return array("topics" => $_topics, "new_topics" => $topic->new_topic_ids, "page_no" => $page, "num_pages" => $num_pages);
}
/**
* Define a POST route for AJAX POST with token validation
* @param string $route
* @param \Closure $closure
*/
public static function post($route, \Closure $closure, $getNewStuff = true)
{
if (!\CODOF\User\CurrentUser\CurrentUser::loggedIn()) {
$getNewStuff = false;
//not available for guests
}
dispatch_post($route, function () use($closure, $getNewStuff) {
Request::processReq($closure, $getNewStuff, func_get_args());
});
}
public function get_recent_posts($uid)
{
$posts = array();
$id = (int) $uid;
$access_conditions = '';
if ($id != \CODOF\User\CurrentUser\CurrentUser::id()) {
$topic = new \CODOF\Forum\Topic(false);
$access_conditions = "AND " . $topic->getViewTopicPermissionConditions();
}
$qry = 'SELECT c.cat_alias,c.cat_img,p.omessage AS message, t.title, t.topic_id,' . ' u.id, u.name, u.avatar, t.topic_created,t.no_posts,t.no_views, p.post_created,p.post_id ' . ' FROM ' . PREFIX . 'codo_posts AS p ' . ' LEFT JOIN ' . PREFIX . 'codo_categories AS c ON p.cat_id=c.cat_id ' . ' LEFT JOIN ' . PREFIX . 'codo_topics AS t ON t.topic_id=p.topic_id ' . ' LEFT JOIN ' . PREFIX . 'codo_users AS u ON t.uid=u.id ' . ' WHERE p.uid = ' . $id . ' AND p.post_status<>0 ' . $access_conditions . ' ORDER BY p.post_created DESC ' . ' LIMIT 20 OFFSET 0';
$obj = $this->db->query($qry);
if ($obj) {
$posts = $this->gen_posts_arr($obj->fetchAll());
}
$category = new \CODOF\Forum\Category();
return array("topics" => $posts, "RURI" => RURI, "DURI" => DURI, "CAT_IMGS" => CAT_IMGS, "CURR_THEME" => CURR_THEME, "reply_txt" => _t("replies"), "views_txt" => _t("views"), "posted" => _t("posted"), "created" => _t("created"), "no_topics" => _t("You have no recent posts"), "new_topic" => _t("Create new topic"), "can_create" => $category->canCreateTopicInAtleastOne());
}
/**
*
* cid tid uid type
* 10 null 1 2
* 10 2 1 3
*
* @param type $cid
* @param type $tid
* @param type $pid
* @param type $offset
* @return type
*/
public function getData($cid, $tid, $pid, $offset)
{
/**
* Alternative with JOIN
* select `u`.`id`, `u`.`username`, `u`.`mail`, `t`.`title`, `p`.`imessage`, `p`.`omessage`, `s`.`type`
from `codo_users` as `u`
inner join `codo_notify_subscribers` as `s` on `s`.`uid` = `u`.`id`
join(SELECT id, MAX(tid) AS tid FROM codo_notify_subscribers GROUP BY uid) s2
ON s2.id=s.id AND s.tid=s2.tid
left join `codo_posts` as `p` on `p`.`post_id` = 54
left join `codo_topics` as `t` on `t`.`topic_id` = 18
where `s`.`type` = 3
and `s`.`cid` = 3
and `p`.`topic_id` = 18
and `s`.`uid` <> 1
limit 400 offset 0
*
*/
$data = \DB::table(PREFIX . 'codo_notify_subscribers AS s')->select('u.id', 'u.username', 'u.mail', 't.title', 'p.imessage', 'p.omessage', 's.type', 'c.cat_name')->join(PREFIX . 'codo_users AS u', 's.uid', '=', 'u.id')->leftJoin(PREFIX . 'codo_posts AS p', 'p.post_id', '=', \DB::raw($pid))->leftJoin(PREFIX . 'codo_topics AS t', 't.topic_id', '=', \DB::raw($tid))->leftJoin(PREFIX . 'codo_categories AS c', 'c.cat_id', '=', \DB::raw($cid))->where('s.type', '=', CODOF\Forum\Notification\Subscriber::$NOTIFIED)->where('s.cid', '=', $cid)->where(function ($query) use($tid) {
$query->where('s.tid', '=', 0)->orWhere('s.tid', '=', \DB::raw($tid));
})->where('p.topic_id', '=', $tid)->where('s.uid', '<>', \CODOF\User\CurrentUser\CurrentUser::id())->skip($offset)->take(400)->get();
return $data;
}
/**
* Returns true if current user is logged in
*/
public function loggedIn()
{
return CurrentUser\CurrentUser::loggedIn();
}
public static function load($tpl, $css_files = array(), $js_files = array())
{
\CODOF\Util::inc_global_views();
//This sets all variables which will be used by the theme
require CURR_THEME_PATH . 'theme.php';
$page = array();
\CODOF\Hook::call('before_site_head');
\CODOF\Hook::call('tpl_before_' . str_replace("/", "_", $tpl));
$asset = new \CODOF\Asset\Stream();
$page["head"]["css"] = $asset->dumpCSS();
//\CODOF\Theme\Js::sort_js();
$page["head"]["js"] = $asset->dumpJS('head');
$page["body"]["js"] = $asset->dumpJS('body');
$page["defer"] = json_encode($asset->deferred());
//after all modification its time for smarty to display the mod data
$smarty = Single::get_instance();
$site_title = \CODOF\Util::get_opt('site_title');
$sub_title = \CODOF\Store::get('sub_title');
$smarty->assign('site_title', $site_title);
$smarty->assign('sub_title', $sub_title);
$smarty->assign('home_title', \CODOF\Store::get('home_title', _t('All topics')));
$smarty->assign('site_url', \CODOF\Util::get_opt('site_url'));
$smarty->assign('logged_in', \CODOF\User\CurrentUser\CurrentUser::loggedIn());
$smarty->assign('login_url', \CODOF\User\User::getLoginUrl());
$smarty->assign('logout_url', \CODOF\User\User::getLogoutUrl());
$smarty->assign('register_url', \CODOF\User\User::getRegisterUrl());
$smarty->assign('profile_url', \CODOF\User\User::getProfileUrl());
$smarty->assign('page', $page);
$smarty->assign('CSRF_token', \CODOF\Access\CSRF::get_token());
$smarty->assign('php_time_now', time());
$category = new \CODOF\Forum\Category();
$canCreateTopicInAtleastOneCategory = $category->canCreateTopicInAtleastOne();
$smarty->assign('canCreateTopicInAtleastOneCategory', $canCreateTopicInAtleastOneCategory);
$page = \CODOF\Store::get('rel:canonical_page', isset($_GET['u']) ? $_GET['u'] : '');
$smarty->assign('canonical', rtrim(RURI, '/') . strip_tags($page));
if (\CODOF\Store::has('rel:prev')) {
$smarty->assign('rel_prev', \CODOF\Store::get('rel:prev'));
}
if (\CODOF\Store::has('rel:next')) {
$smarty->assign('rel_next', \CODOF\Store::get('rel:next'));
}
if (\CODOF\Store::has('meta:robots')) {
$smarty->assign('meta_robots', \CODOF\Store::get('meta:robots'));
}
$og = array("type" => \CODOF\Store::get('og:type', 'website'), "title" => \CODOF\Store::get('og:title', $sub_title . ' | ' . $site_title));
if (\CODOF\Store::has('og:url')) {
$og['url'] = \CODOF\Store::get('og:url');
}
if (\CODOF\Store::has('og:desc')) {
$og['desc'] = \CODOF\Store::get('og:desc');
} else {
$og['desc'] = \CODOF\Util::get_opt('site_description');
}
if (\CODOF\Store::has('og:image')) {
$og['image'] = \CODOF\Store::get('og:image');
}
$smarty->assign('og', $og);
if (\CODOF\Store::has('article:published')) {
$smarty->assign('article_published', \CODOF\Store::get('article:published'));
}
if (\CODOF\Store::has('article:modified')) {
$smarty->assign('article_modified', \CODOF\Store::get('article:modified'));
}
$I = \CODOF\User\User::get();
//current user details
$smarty->assign('I', $I);
$smarty->assign('can_moderate_posts', $I->can('moderate posts'));
if (\CODOF\User\CurrentUser\CurrentUser::loggedIn()) {
$notifier = new \CODOF\Forum\Notification\Notifier();
$smarty->assign('unread_notifications', $notifier->getNoOfUnread());
}
$html = $smarty->fetch("{$tpl}.tpl");
require_once SYSPATH . 'Ext/simplehtmldom/simple_html_dom.php';
$dom = new \simple_html_dom();
$dom->load($html, true, false);
//let plugins modify html
\CODOF\Hook::call('tpl_after_' . str_replace("/", "_", $tpl), $dom);
\CODOF\Hook::call('after_site_head', $dom);
echo $dom->save();
}
/**
*
* Used when editing post , updates post with new message
* @param type $pid
* @param type $imesg
* @param type $omesg
*/
public function update_post($pid, $imesg, $omesg)
{
$time = time();
$old = \DB::table(PREFIX . 'codo_posts')->where('post_id', $pid)->select('imessage', 'post_created', 'post_modified')->first();
\DB::table(PREFIX . 'codo_edits')->insert(array('post_id' => $pid, 'uid' => \CODOF\User\CurrentUser\CurrentUser::id(), 'text' => \CODOF\Format::imessage($old['imessage']), 'time' => $old['post_modified'] == null ? $old['post_created'] : $old['post_modified']));
$qry = 'UPDATE ' . PREFIX . 'codo_posts SET imessage=:imesg, omessage=:omesg, post_modified=:time' . ' WHERE post_id=:pid';
$stmt = $this->db->prepare($qry);
$stmt->execute(array(":imesg" => \CODOF\Format::imessage($imesg), ":omesg" => \CODOF\Format::omessage($omesg), ":time" => $time, ":pid" => $pid));
}
/**
*
* Marks a topic as read
* @param int $cid Category id
* @param int $tid Topic id
*/
public function mark_topic_as_read($cid, $tid)
{
if (\CODOF\User\CurrentUser\CurrentUser::loggedIn()) {
$tid = (int) $tid;
$cid = (int) $cid;
$uid = \CODOF\User\CurrentUser\CurrentUser::id();
$time = time();
$pre = PREFIX;
$res = \DB::select("SELECT COUNT(topic_id) AS cnt FROM {$pre}codo_unread_topics WHERE topic_id={$tid} AND uid={$uid}");
if ($res[0]['cnt']) {
$qry = "UPDATE " . PREFIX . "codo_unread_topics SET read_time={$time} WHERE topic_id={$tid} AND uid={$uid}";
$this->db->query($qry);
} else {
$qry = "INSERT INTO " . PREFIX . "codo_unread_topics VALUES({$cid}, {$tid}, {$uid}, {$time})";
$this->db->query($qry);
}
}
}
public function getTaggedTopics($tag, $from)
{
$new_topic_ids = array();
$new_replies = array();
$topic = new \CODOF\Forum\Topic($this->db);
$topic->ajax = true;
$topics = $topic->getTaggedTopics($tag, $from);
$tids = array();
foreach ($topics as $one_topic) {
$tids[] = $one_topic['topic_id'];
}
if (\CODOF\User\CurrentUser\CurrentUser::loggedIn()) {
$tracker = new \CODOF\Forum\Tracker($this->db);
//0.76 = 3 queries
$new_topic_ids = $tracker->get_all_new_topic_ids($tids);
$new_replies = $tracker->get_new_reply_counts($tids);
}
//echo json_encode(
return array("topics" => $topics, "tags" => $topic->getAllTags($tids), "new_topic_ids" => $new_topic_ids, "find_topics_tagged" => _t("find topics tagged"), "new_replies" => $new_replies, "new" => _t("new"), "new_topic" => _t("new topic"), "new_replies_txt" => _t("new replies"), "RURI" => RURI, "DURI" => DURI, "CAT_IMGS" => CAT_IMGS, "CURR_THEME" => CURR_THEME, "reply_txt" => _t("replies"), "views_txt" => _t("views"), "recent_txt" => _t('recent by'), "num_posts" => \CODOF\Util::get_opt('num_posts_all_topics'));
//);
}
/**
* Get subscription level for a category
* @param int $cid
* @return int
*/
public function levelForCategory($cid)
{
$result = \DB::table(PREFIX . 'codo_notify_subscribers')->select('type')->where('cid', '=', $cid)->where('tid', '=', '0')->where('uid', '=', \CODOF\User\CurrentUser\CurrentUser::id())->first();
//default subscription is 2
return empty($result) ? self::$DEFAULT : $result['type'];
}
/**
* Marks notification prior or euqal to $eventTime as read
* @param int $eventTime
* @return bool
*/
protected function markAsRead($eventTime)
{
return \DB::table(PREFIX . 'codo_notify')->where('is_read', '=', '0')->where('uid', '=', \CODOF\User\CurrentUser\CurrentUser::id())->where('created', '<=', $eventTime)->update(array("is_read" => '1'));
}
private function assign_admin_vars($tuid)
{
if ($tuid == \CODOF\User\CurrentUser\CurrentUser::id()) {
//this topic belongs to current user
$this->smarty->assign('can_edit_topic', json_encode(Access::hasPermission(array('edit my topics', 'edit all topics'))));
$this->smarty->assign('can_delete_topic', json_encode(Access::hasPermission(array('delete my topics', 'delete all topics'))));
} else {
$this->smarty->assign('can_edit_topic', json_encode(Access::hasPermission('edit all topics')));
$this->smarty->assign('can_delete_topic', json_encode(Access::hasPermission('delete all topics')));
}
}
$errors = array_merge($errors, array(_t("The current password given is incorrect")));
}
$ret = array("status" => "fail", "msg" => $errors);
}
echo json_encode($ret);
}
});
dispatch_get('Ajax/cron/run', function () {
if (Request::valid($_GET['token']) && \CODOF\User\CurrentUser\CurrentUser::loggedIn()) {
$cron = new \CODOF\Cron\Cron();
$cron->run();
}
//exit;
});
dispatch_get('Ajax/digest', function () {
if (Request::valid($_GET['token']) && \CODOF\User\CurrentUser\CurrentUser::loggedIn()) {
$digest = new \CODOF\Forum\Notification\Digest\Digest();
$ion = $digest->fetch();
echo json_encode($ion);
}
//exit;
});
Request::get('Ajax/subscribe/:cid/:level', function ($cid, $level) {
$subscribe = new CODOF\Forum\Notification\Subscriber();
$subscribe->toCategory($cid, $level);
});
Request::get('Ajax/subscribe/:cid/:tid/:level', function ($cid, $tid, $level) {
$subscribe = new CODOF\Forum\Notification\Subscriber();
$subscribe->toTopic($cid, $tid, $level);
});
Request::get('Ajax/mentions/validate', function () {