function FormatPropertiesForDatabaseInput()
{
$this->Label = FormatStringForDatabaseInput($this->Label);
$this->Contents = FormatStringForDatabaseInput($this->Contents);
$this->Contents = eregi_replace("<textarea>", "<textarea>", $this->Contents);
$this->Contents = eregi_replace("<//textarea>", "</textarea>", $this->Contents);
}
function GetIdentity()
{
if (!session_id()) {
session_start();
}
$UserID = ForceInt(@$_SESSION[$this->Context->Configuration['SESSION_USER_IDENTIFIER']], 0);
if ($UserID == 0) {
// UserID wasn't found in the session, so attempt to retrieve it from the cookies
// Retrieve cookie values
$EncryptedUserID = ForceIncomingCookieString($this->Context->Configuration['COOKIE_USER_KEY'], '');
$VerificationKey = ForceIncomingCookieString($this->Context->Configuration['COOKIE_VERIFICATION_KEY'], '');
if ($EncryptedUserID != '' && $VerificationKey != '') {
// Compare against db values
// Sadly, because this class is meant to be an interface for distributed objects, I can't use any of the error checking in the Lussumo Framework
$Query = "select UserID\n from LUM_User\n where VerificationKey = '" . FormatStringForDatabaseInput($VerificationKey) . "'";
$Result = $this->Context->Database->Execute($Query, 'Authenticator', 'GetIdentity', 'An error occurred while attempting to validate your remember me credentials');
if ($Result) {
$UserID = 0;
while ($rows = $this->Context->Database->GetRow($Result)) {
if ($EncryptedUserID == md5($rows['UserID'])) {
$UserID = ForceInt($rows['UserID'], 0);
$EncryptedUserID = $rows['EncryptedUserID'];
break;
}
}
if ($UserID > 0) {
// 1. Set a new verification key
$VerificationKey = DefineVerificationKey();
// 2. Update the user's information
$this->UpdateLastVisit($UserID, $VerificationKey);
// 3. Set the 'remember me' cookies
$this->SetCookieCredentials($EncryptedUserID, $VerificationKey);
// 4. Log the user's IP address
$this->LogIp($UserID);
}
}
}
}
// If it has now been found, set up the session.
$this->AssignSessionUserID($UserID);
return $UserID;
}
function FormatPropertiesForDatabaseInput()
{
$this->RoleName = FormatStringForDatabaseInput($this->RoleName, 1);
$this->Icon = FormatStringForDatabaseInput($this->Icon, 1);
$this->Description = FormatStringForDatabaseInput($this->Description, 1);
if (is_array($this->Permissions)) {
// Make sure to remove the hard-coded permissions from the array before saving
if (array_key_exists('PERMISSION_SIGN_IN', $this->Permissions)) {
unset($this->Permissions['PERMISSION_SIGN_IN']);
}
if (array_key_exists('PERMISSION_HTML_ALLOWED', $this->Permissions)) {
unset($this->Permissions['PERMISSION_HTML_ALLOWED']);
}
if (array_key_exists('PERMISSION_RECEIVE_APPLICATION_NOTIFICATION', $this->Permissions)) {
unset($this->Permissions['PERMISSION_RECEIVE_APPLICATION_NOTIFICATION']);
}
// Now serialize the array
$this->Permissions = SerializeArray($this->Permissions);
}
}
function FormatPropertiesForDatabaseInput()
{
$this->Name = FormatStringForDatabaseInput($this->Name, 1);
$this->Url = FormatStringForDatabaseInput($this->Url, 1);
$this->PreviewImage = FormatStringForDatabaseInput($this->PreviewImage, 1);
}
function VerifyPasswordResetRequest($VerificationUserID, $EmailVerificationKey)
{
$VerificationUserID = ForceInt($VerificationUserID, 0);
$EmailVerificationKey = ForceString($EmailVerificationKey, '');
$EmailVerificationKey = FormatStringForDatabaseInput($EmailVerificationKey);
// Attempt to retrieve email address
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
$s->SetMainTable('User', 'u');
$s->AddSelect('UserID', 'u');
$s->AddWhere('u', 'UserID', '', $VerificationUserID, '=');
$s->AddWhere('u', 'EmailVerificationKey', '', $EmailVerificationKey, '=');
$UserResult = $this->Context->Database->Select($s, $this->Name, 'VerifyPasswordResetRequest', 'An error occurred while retrieving account information.');
if ($this->Context->Database->RowCount($UserResult) == 0) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrPasswordResetRequest'));
}
return $this->Context->WarningCollector->Iif();
}
function FormatPropertiesForDatabaseInput()
{
$this->Label = FormatStringForDatabaseInput($this->Label);
$this->Keywords = FormatStringForDatabaseInput($this->Keywords);
$this->Query = FormatStringForDatabaseInput($this->Query);
$this->AuthUsername = FormatStringForDatabaseInput($this->AuthUsername);
$this->Categories = FormatStringForDatabaseInput($this->Categories);
$this->Roles = FormatStringForDatabaseInput($this->Roles);
}
}
}
if ($Type != "") {
// Perform some http authentication if public browsing is not enabled.
if (!agPUBLIC_BROWSING && $Context->Session->UserID == 0) {
$UserIsAuthenticated = 0;
// Assume user is not authenticated
$PHP_AUTH_USER = ForceString(@$_SERVER["PHP_AUTH_USER"], "");
$PHP_AUTH_PW = ForceString(@$_SERVER["PHP_AUTH_PW"], "");
if ($PHP_AUTH_USER != "" && $PHP_AUTH_PW != "") {
// Validate the inputs
$s = $Context->ObjectFactory->NewContextObject($Context, "SqlBuilder");
$s->SetMainTable("User", "u");
$s->AddSelect("UserID", "u");
$s->AddWhere("Name", FormatStringForDatabaseInput($PHP_AUTH_USER), "=");
$s->AddWhere("Password", FormatStringForDatabaseInput($PHP_AUTH_PW), "=", "and", "md5");
$ValidationData = $Context->Database->Select($Context, $s, "Feed", "ValidateCredentials", "An error occurred while validating user credentials.");
if ($Context->Database->RowCount($ValidationData) > 0) {
$UserIsAuthenticated = true;
}
}
if (!$UserIsAuthenticated) {
header('WWW-Authenticate: Basic realm="Private"');
header('HTTP/1.0 401 Unauthorized');
}
}
if ($UserIsAuthenticated) {
// Create a new sqlbuilder to retrieve feed data
$s = $Context->ObjectFactory->NewContextObject($Context, "SqlBuilder");
$s->SetMainTable("Discussion", "d");
$s->AddSelect(array("DiscussionID", "CategoryID", "AuthUserID", "Name", "DateCreated", "DateLastActive", "CountComments"), "d");
function ValidateWhisperUsername(&$Comment)
{
if ($Comment->WhisperUsername != '') {
$Name = FormatStringForDatabaseInput($Comment->WhisperUsername);
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
$s->SetMainTable('User', 'u');
$s->AddSelect('UserID', 'u');
$s->AddWhere('u', 'Name', '', $Name, '=');
$Result = $this->Context->Database->Select($s, $this->Name, 'ValidateWhisperUsername', 'An error occurred while attempting to validate the username entered as the whisper recipient.');
while ($Row = $this->Context->Database->GetRow($Result)) {
$Comment->WhisperUserID = ForceInt($Row['UserID'], 0);
}
if ($Comment->WhisperUserID == 0) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrWhisperInvalid'));
}
}
return $this->Context->WarningCollector->Iif();
}
function ValidateWhisperUsername(&$Comment)
{
if ($Comment->WhisperUsername != "") {
$Name = FormatStringForDatabaseInput($Comment->WhisperUsername);
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, "SqlBuilder");
$s->SetMainTable("User", "u");
$s->AddSelect("UserID", "u");
$s->AddWhere("Name", $Name, "=");
$Result = $this->Context->Database->Select($this->Context, $s, $this->Name, "ValidateWhisperUsername", "An error occurred while attempting to validate the username entered as the whisper recipient.");
while ($Row = $this->Context->Database->GetRow($Result)) {
$Comment->WhisperUserID = ForceInt($Row["UserID"], 0);
}
if ($Comment->WhisperUserID == 0) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrWhisperInvalid"));
}
}
return $this->Context->WarningCollector->Iif();
}
function FormatPropertiesForDatabaseInput()
{
$this->Name = FormatStringForDatabaseInput($this->Name, 1);
$this->Description = FormatStringForDatabaseInput($this->Description, 1);
}
function SaveDiscussion($Discussion)
{
if (!$this->Context->Session->User->Permission('PERMISSION_START_DISCUSSION')) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrPermissionStartDiscussions'));
} else {
// If not editing, and the posted discussion count is less than the
// user's current discussion count, silently skip the posting and
// redirect as if everything is normal.
if ($Discussion->DiscussionID == 0 && $Discussion->UserDiscussionCount < $this->Context->Session->User->CountDiscussions) {
// Silently fail to post the data
// Need to get the user's last posted discussionID and direct them to it
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
$s->SetMainTable('Discussion', 'd');
$s->AddSelect('DiscussionID', 'd');
$s->AddWhere('c', 'AuthUserID', '', $this->Context->Session->UserID, '=');
$s->AddOrderBy('DateCreated', 'd', 'desc');
$s->AddLimit(0, 1);
$LastDiscussionData = $this->Context->Database->Select($s, $this->Name, 'SaveDiscussion', 'An error occurred while retrieving your last discussion.');
while ($Row = $this->Context->Database->GetRow($LastDiscussionData)) {
$Discussion->DiscussionID = ForceInt($Row['DiscussionID'], 0);
}
// Make sure we got it
if ($Discussion->DiscussionID == 0) {
$this->Context->ErrorManager->AddError($this->Context, $this->Name, 'SaveDiscussion', 'Your last discussion could not be found.');
}
} else {
$NewDiscussion = 0;
$OldDiscussion = false;
if ($Discussion->DiscussionID == 0) {
$NewDiscussion = 1;
} else {
$OldDiscussion = $this->GetDiscussionById($Discussion->DiscussionID);
}
// Validate the Discussion topic
$Name = FormatStringForDatabaseInput($Discussion->Name);
Validate($this->Context->GetDefinition('DiscussionTopicLower'), 1, $Name, 100, '', $this->Context);
//Validate the category ID and role
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
$s->SetMainTable('Category', 'c');
$s->AddSelect('CategoryID', 'c');
$s->AddJoin('CategoryRoleBlock', 'crb', 'CategoryID', 'c', 'CategoryID', 'left join', ' and crb.' . $this->Context->DatabaseColumns['CategoryRoleBlock']['RoleID'] . ' = ' . $this->Context->Session->User->RoleID);
$s->AddWhere('crb', 'Blocked', '', '0', '=', 'and', '', 1, 1);
$s->AddWhere('crb', 'Blocked', '', '0', '=', 'or', '', 0, 0);
$s->AddWhere('crb', 'Blocked', '', 'null', 'is', 'or', '', 0, 0);
$s->AddWhere('c', 'CategoryID', '', $Discussion->CategoryID, '=', 'and');
$s->EndWhereGroup();
$CategoryAllowed = $this->Context->Database->Select($s, $this->Name, 'SaveDiscussion', 'An error occurred while validating category permissions.');
if ($this->Context->Database->RowCount($CategoryAllowed) < 1) {
$Discussion->CategoryID = 0;
}
if ($Discussion->CategoryID <= 0) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrSelectCategory'));
}
// Validate first comment
$Discussion->Comment->DiscussionID = $Discussion->DiscussionID;
if ($OldDiscussion) {
$Discussion->Comment->CommentID = $OldDiscussion->FirstCommentID;
} else {
$Discussion->Comment->CommentID = 0;
}
$CommentManager = $this->Context->ObjectFactory->NewContextObject($this->Context, 'CommentManager');
$CommentManager->ValidateComment($Discussion->Comment, 0);
// Validate the whisperusername
$CommentManager->ValidateWhisperUsername($Discussion);
// If updating, validate that this is admin or the author
if (!$NewDiscussion) {
if ($OldDiscussion->AuthUserID != $this->Context->Session->UserID && !$this->Context->Session->User->Permission('PERMISSION_EDIT_DISCUSSIONS')) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrPermissionEditComments'));
}
}
// If validation was successful, then reset the properties to db safe values for saving
if ($this->Context->WarningCollector->Count() == 0) {
$Discussion->Name = $Name;
}
if ($this->Context->WarningCollector->Iif()) {
$s->Clear();
// Update the user info & check for spam
if ($NewDiscussion) {
$UserManager = $this->Context->ObjectFactory->NewContextObject($this->Context, 'UserManager');
$UserManager->UpdateUserDiscussionCount($this->Context->Session->UserID);
}
// Proceed with the save if there are no warnings
if ($this->Context->WarningCollector->Count() == 0) {
$this->DelegateParameters['SqlBuilder'] =& $s;
$this->CallDelegate('PreSaveDiscussion');
$s->SetMainTable('Discussion', 'd');
$s->AddFieldNameValue('Name', $Discussion->Name);
$s->AddFieldNameValue('CategoryID', $Discussion->CategoryID);
if ($NewDiscussion) {
$s->AddFieldNameValue('AuthUserID', $this->Context->Session->UserID);
$s->AddFieldNameValue('DateCreated', MysqlDateTime());
$s->AddFieldNameValue('DateLastActive', MysqlDateTime());
$s->AddFieldNameValue('CountComments', 0);
$s->AddFieldNameValue('WhisperUserID', $Discussion->WhisperUserID);
if ($Discussion->WhisperUserID != '0') {
$s->AddFieldNameValue('DateLastWhisper', MysqlDateTime());
}
$Discussion->DiscussionID = $this->Context->Database->Insert($s, $this->Name, 'NewDiscussion', 'An error occurred while creating a new discussion.');
$Discussion->Comment->DiscussionID = $Discussion->DiscussionID;
} else {
$s->AddWhere('d', 'DiscussionID', '', $Discussion->DiscussionID, '=');
$this->Context->Database->Update($s, $this->Name, 'NewDiscussion', 'An error occurred while updating the discussion.');
}
}
// Now save the associated Comment
if ($Discussion->Comment->DiscussionID > 0) {
$CommentManager->SaveComment($Discussion->Comment, 1);
// Now update the topic table so that we know what the first comment in the discussion was
if ($Discussion->Comment->CommentID > 0 && $NewDiscussion) {
$s->Clear();
$s->SetMainTable('Discussion', 'd');
$s->AddFieldNameValue('FirstCommentID', $Discussion->Comment->CommentID);
$s->AddWhere('d', 'DiscussionID', '', $Discussion->Comment->DiscussionID, '=');
$this->Context->Database->Update($s, $this->Name, 'NewDiscussion', 'An error occurred while updating discussion properties.');
}
}
}
}
}
return $this->Context->WarningCollector->Iif($Discussion, false);
}
$Connection = @mysql_connect($DBHost, $DBUser, $DBPass);
if (!$Connection) {
$WarningCollector->Add("We couldn't connect to the server you provided (" . $DBHost . "). Are you sure you entered the right server, username and password?");
} elseif (!mysql_select_db($DBName, $Connection)) {
$WarningCollector->Add("We connected to the server, but we couldn't access the \"" . $DBName . "\" database. Are you sure it exists and that the specified user has access to it?");
}
}
// Create the administrative user
if ($WarningCollector->Count() == 0 && $Connection) {
$Username = FormatStringForDatabaseInput($Username);
$Password = FormatStringForDatabaseInput($Password);
$s = new SqlBuilder($Context);
$s->SetMainTable("User", "u");
$s->AddFieldNameValue("FirstName", "Administrative");
$s->AddFieldNameValue("LastName", "User");
$s->AddFieldNameValue("Email", FormatStringForDatabaseInput($SupportEmail));
$s->AddFieldNameValue("Name", $Username);
$s->AddFieldNameValue("Password", $Password, 1, "md5");
$s->AddFieldNameValue("DateFirstVisit", MysqlDateTime());
$s->AddFieldNameValue("DateLastActive", MysqlDateTime());
$s->AddFieldNameValue("CountVisit", 0);
$s->AddFieldNameValue("CountDiscussions", 0);
$s->AddFieldNameValue("CountComments", 0);
$s->AddFieldNameValue("RoleID", 6);
$s->AddFieldNameValue("StyleID", 1);
$s->AddFieldNameValue("UtilizeEmail", 0);
$s->AddFieldNameValue("RemoteIP", GetRemoteIp(1));
if (!@mysql_query($s->GetInsert(), $Connection)) {
$WarningCollector->Add("Something bad happened when we were trying to create your administrative user account. Mysql said: " . mysql_error($Connection));
} else {
// Now insert the role history assignment
function VerifyPasswordResetRequest($VerificationUserID, $EmailVerificationKey)
{
$VerificationUserID = ForceInt($VerificationUserID, 0);
$EmailVerificationKey = ForceString($EmailVerificationKey, "");
$EmailVerificationKey = FormatStringForDatabaseInput($EmailVerificationKey);
// Attempt to retrieve email address
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, "SqlBuilder");
$s->SetMainTable("User");
$s->AddSelect("UserID");
$s->AddWhere("UserID", $VerificationUserID, "=");
$s->AddWhere("EmailVerificationKey", $EmailVerificationKey, "=");
$UserResult = $this->Context->Database->Select($this->Context, $s, $this->Name, "VerifyPasswordResetRequest", "An error occurred while retrieving account information.");
if ($this->Context->Database->RowCount($UserResult) == 0) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrPasswordResetRequest"));
}
return $this->Context->WarningCollector->Iif();
}
function FormatPropertiesForDatabaseInput()
{
$this->CustomStyle = FormatStringForDatabaseInput($this->CustomStyle, 1);
$this->Name = FormatStringForDatabaseInput($this->Name, 1);
$this->FirstName = FormatStringForDatabaseInput($this->FirstName, 1);
$this->LastName = FormatStringForDatabaseInput($this->LastName, 1);
$this->Email = FormatStringForDatabaseInput($this->Email, 1);
$this->Icon = FormatStringForDatabaseInput($this->Icon, 1);
$this->Picture = FormatStringForDatabaseInput($this->Picture, 1);
$this->Password = FormatStringForDatabaseInput($this->Password, 1);
$this->OldPassword = FormatStringForDatabaseInput($this->OldPassword, 1);
$this->NewPassword = FormatStringForDatabaseInput($this->NewPassword, 1);
$this->ConfirmPassword = FormatStringForDatabaseInput($this->ConfirmPassword, 1);
$this->VerificationKey = FormatStringForDatabaseInput($this->VerificationKey);
$this->Attributes = SerializeArray($this->Attributes);
$this->Discovery = FormatStringForDatabaseInput($this->Discovery, 1);
}
function GetIdentity()
{
if (!session_id()) {
session_set_cookie_params(0, $this->Context->Configuration['COOKIE_PATH'], $this->Context->Configuration['COOKIE_DOMAIN']);
session_start();
}
$UserID = ForceInt(@$_SESSION[$this->Context->Configuration['SESSION_USER_IDENTIFIER']], 0);
if ($UserID == 0) {
// UserID wasn't found in the session, so attempt to retrieve it from the cookies
// Retrieve cookie values
$CookieUserID = ForceIncomingCookieString($this->Context->Configuration['COOKIE_USER_KEY'], '');
$VerificationKey = ForceIncomingCookieString($this->Context->Configuration['COOKIE_VERIFICATION_KEY'], '');
if ($CookieUserID != '' && $VerificationKey != '') {
// Compare against db values
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
$s->SetMainTable('User', 'u');
$s->AddJoin('Role', 'r', 'RoleID', 'u', 'RoleID', 'inner join');
$s->AddSelect('UserID', 'u');
$s->AddWhere('u', 'UserID', '', FormatStringForDatabaseInput($CookieUserID), '=');
$s->AddWhere('u', 'VerificationKey', '', FormatStringForDatabaseInput($VerificationKey), '=');
$Result = $this->Context->Database->Select($s, 'Authenticator', 'GetIdentity', 'An error occurred while attempting to validate your remember me credentials');
if ($Result) {
while ($rows = $this->Context->Database->GetRow($Result)) {
$UserID = ForceInt($rows['UserID'], 0);
}
if ($UserID > 0) {
// 1. Update the user's information
$this->UpdateLastVisit($UserID);
// 2. Log the user's IP address
$this->LogIp($UserID);
}
}
}
}
// If it has now been found, set up the session.
$this->AssignSessionUserID($UserID);
return $UserID;
}
function FormatPropertiesForDatabaseInput()
{
$this->Username = FormatStringForDatabaseInput($this->Username, 1);
$this->Password = FormatStringForDatabaseInput($this->Password, 1);
}
function ValidateComment(&$Comment, $DiscussionIDRequired = "1")
{
$DiscussionIDRequired = ForceBool($DiscussionIDRequired, 0);
if ($DiscussionIDRequired) {
$Comment->DiscussionID = ForceInt($Comment->DiscussionID, 0);
if ($Comment->DiscussionID == 0) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrDiscussionID"));
}
}
// First update the values so they are safe for db input
$Body = FormatStringForDatabaseInput($Comment->Body);
// Instantiate a new validator for each field
Validate($this->Context->GetDefinition("CommentsLower"), 1, $Body, agMAX_COMMENT_LENGTH, "", $this->Context);
return $this->Context->WarningCollector->Iif();
}
function GetRemoteIp($FormatIpForDatabaseInput = '0')
{
$FormatIpForDatabaseInput = ForceBool($FormatIpForDatabaseInput, 0);
$sReturn = ForceString(@$_SERVER['REMOTE_ADDR'], '');
if (strlen($sReturn) > 20) {
$sReturn = substr($sReturn, 0, 19);
}
if ($FormatIpForDatabaseInput) {
$sReturn = FormatStringForDatabaseInput($sReturn, 1);
}
return $sReturn;
}
function SaveDiscussion($Discussion)
{
if (!$this->Context->Session->User->CanPostDiscussion) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrPermissionStartDiscussions"));
} else {
// If not editing, and the posted discussion count is less than the
// user's current discussion count, silently skip the posting and
// redirect as if everything is normal.
if ($Discussion->DiscussionID == 0 && $Discussion->UserDiscussionCount < $this->Context->Session->User->CountDiscussions) {
// Silently fail to post the data
// Need to get the user's last posted discussionID and direct them to it
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, "SqlBuilder");
$s->SetMainTable("Discussion", "d");
$s->AddSelect("DiscussionID", "d");
$s->AddWhere("AuthUserID", $this->Context->Session->UserID, "=");
$s->AddOrderBy("DateCreated", "d", "desc");
$s->AddLimit(0, 1);
$LastDiscussionData = $this->Context->Database->Select($this->Context, $s, $this->Name, "SaveDiscussion", "An error occurred while retrieving your last discussion.");
while ($Row = $this->Context->Database->GetRow($LastDiscussionData)) {
$Discussion->DiscussionID = ForceInt($Row["DiscussionID"], 0);
}
// Make sure we got it
if ($Discussion->DiscussionID == 0) {
$this->Context->ErrorManager->AddError($this->Context, $this->Name, "SaveDiscussion", "Your last discussion could not be found.");
}
} else {
$NewDiscussion = 0;
$OldDiscussion = false;
if ($Discussion->DiscussionID == 0) {
$NewDiscussion = 1;
} else {
$OldDiscussion = $this->GetDiscussionById($Discussion->DiscussionID);
}
// Validate the Discussion topic
$Name = FormatStringForDatabaseInput($Discussion->Name);
Validate($this->Context->GetDefinition("DiscussionTopicLower"), 1, $Name, 100, "", $this->Context);
if ($Discussion->CategoryID <= 0) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrSelectCategory"));
}
// Validate first comment
$Discussion->Comment->DiscussionID = $Discussion->DiscussionID;
if ($OldDiscussion) {
$Discussion->Comment->CommentID = $OldDiscussion->FirstCommentID;
} else {
$Discussion->Comment->CommentID = 0;
}
$CommentManager = $this->Context->ObjectFactory->NewContextObject($this->Context, "CommentManager");
$CommentManager->ValidateComment($Discussion->Comment, 0);
// If updating, validate that this is admin or the author
if (!$NewDiscussion) {
if ($OldDiscussion->AuthUserID != $this->Context->Session->UserID && !$this->Context->Session->User->AdminCategories) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrPermissionEditComments"));
}
}
// If validation was successful, then reset the properties to db safe values for saving
if ($this->Context->WarningCollector->Count() == 0) {
$Discussion->Name = $Name;
}
if ($this->Context->WarningCollector->Iif()) {
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, "SqlBuilder");
// Update the user info & check for spam
if ($NewDiscussion) {
$UserManager = $this->Context->ObjectFactory->NewContextObject($this->Context, "UserManager");
$UserManager->UpdateUserDiscussionCount($this->Context->Session->UserID);
}
// Proceed with the save if there are no warnings
if ($this->Context->WarningCollector->Count() == 0) {
$s->SetMainTable("Discussion");
$s->AddFieldNameValue("Name", $Discussion->Name);
$s->AddFieldNameValue("CategoryID", $Discussion->CategoryID);
if ($NewDiscussion) {
$s->AddFieldNameValue("AuthUserID", $this->Context->Session->UserID);
$s->AddFieldNameValue("DateCreated", MysqlDateTime());
$s->AddFieldNameValue("DateLastactive", MysqlDateTime());
$s->AddFieldNameValue("CountComments", 0);
$Discussion->DiscussionID = $this->Context->Database->Insert($this->Context, $s, $this->Name, "NewDiscussion", "An error occurred while creating a new discussion.");
$Discussion->Comment->DiscussionID = $Discussion->DiscussionID;
if ($this->Context->WarningCollector->Count() == 0) {
$n = $this->Context->ObjectFactory->NewContextObject($this->Context, "Notify");
$n->NotifyDiscussion($Discussion->DiscussionID, $this);
}
} else {
$s->AddWhere("DiscussionID", $Discussion->DiscussionID, "=");
$this->Context->Database->Update($this->Context, $s, $this->Name, "NewDiscussion", "An error occurred while updating the discussion.");
}
}
// Now save the associated Comment
if ($Discussion->Comment->DiscussionID > 0) {
$CommentManager->SaveComment($Discussion->Comment, 1);
// Now update the topic table so that we know what the first comment in the discussion was
if ($Discussion->Comment->CommentID > 0 && $NewDiscussion) {
$s->Clear();
$s->SetMainTable("Discussion", "d");
$s->AddFieldNameValue("FirstCommentID", $Discussion->Comment->CommentID);
$s->AddWhere("DiscussionID", $Discussion->Comment->DiscussionID, "=");
$this->Context->Database->Update($this->Context, $s, $this->Name, "NewDiscussion", "An error occurred while updating discussion properties.");
}
}
}
}
}
return $this->Context->WarningCollector->Iif($Discussion, false);
}
/*
* Copyright 2003 Mark O'Sullivan
* This file is part of Vanilla.
* Vanilla is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
* Vanilla is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
* You should have received a copy of the GNU General Public License along with Vanilla; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
* The latest source code for Vanilla is available at www.lussumo.com
* Contact Mark O'Sullivan at mark [at] lussumo [dot] com
*
* Description: File used by Dynamic Data Management object to fill autocomplete data on user input field
*/
include '../appg/settings.php';
include '../appg/init_ajax.php';
$Search = ForceIncomingString('Search', '');
$Search = urldecode($Search);
$Search = FormatStringForDatabaseInput($Search);
if ($Search != '') {
$s = $Context->ObjectFactory->NewContextObject($Context, 'SqlBuilder');
$s->SetMainTable('User', 'u');
$s->AddSelect('Name', 'u');
$s->AddWhere('u', 'Name', '', $Search . '%', 'like');
$s->AddOrderBy('Name', 'u', 'asc');
$s->AddLimit(0, 10);
$ResultSet = $Context->Database->Select($s, 'Ajax', 'AutoComplete', 'An error occurred while retrieving autocomplete items.', 0);
$Name = '';
$Loop = 1;
if ($ResultSet) {
while ($row = $Context->Database->GetRow($ResultSet)) {
if ($Loop > 1) {
echo ',';
}
function FormatPropertiesForDatabaseInput()
{
// Pass the body into a formatter for db input
$this->Body = $this->Context->FormatString($this->Body, $this, $this->FormatType, FORMAT_STRING_FOR_DATABASE);
$this->Body = FormatStringForDatabaseInput($this->Body);
$this->WhisperUsername = FormatStringForDatabaseInput($this->WhisperUsername);
}
/**
* Validate user's Verification
*
* Return user's id
*
* @param int $UserID
* @param string $VerificationKey
* @return unknown
*/
function ValidateVerificationKey($UserID, $VerificationKey)
{
$UserID = ForceInt($UserID, 0);
$VerificationKey = FormatStringForDatabaseInput($VerificationKey);
if ($UserID && $VerificationKey) {
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
$s->SetMainTable('User', 'u');
$s->AddSelect('UserID', 'u');
$s->AddWhere('u', 'UserID', '', $UserID, '=');
$s->AddWhere('u', 'VerificationKey', '', $VerificationKey, '=');
$Result = $this->Context->Database->Select($s, $this->Name, 'VerifyVerificationKey', 'An error occurred while attempting to validate your remember me credentials');
if ($Result) {
$UserID = 0;
while ($rows = $this->Context->Database->GetRow($Result)) {
$UserID = ForceInt($rows['UserID'], 0);
}
return $UserID;
}
}
return 0;
}
function FormatPropertiesForDatabaseInput()
{
$this->Name = FormatStringForDatabaseInput($this->Name);
$this->Title = FormatStringForDatabaseInput($this->Title);
$this->Description = FormatStringForDatabaseInput($this->Description);
$this->Path = FormatStringForDatabaseInput($this->Path);
}
