/** * @see Page::readParameters() */ public function readParameters() { MessageForm::readParameters(); if (isset($_REQUEST['threadID'])) { $this->threadID = intval($_REQUEST['threadID']); } if (isset($_REQUEST['postID'])) { $this->postID = intval($_REQUEST['postID']); } if (isset($_REQUEST['action'])) { $this->action = $_REQUEST['action']; } // get thread $this->thread = new ThreadEditor($this->threadID, null, $this->postID); $this->threadID = $this->thread->threadID; // get board $this->board = new BoardEditor($this->thread->boardID); // check permissions $this->thread->enter($this->board); if (!$this->thread->canReplyThread($this->board)) { throw new PermissionDeniedException(); } // check double posts if (WCF::getUser()->getPermission('user.board.doublePostLock') != 0 && WCF::getUser()->userID && WCF::getUser()->userID == $this->thread->lastPosterID) { if (WCF::getUser()->getPermission('user.board.doublePostLock') == -1) { throw new NamedUserException(WCF::getLanguage()->get('wbb.postAdd.error.doublePostLock')); } else { if ($this->thread->lastPostTime >= TIME_NOW - WCF::getUser()->getPermission('user.board.doublePostLock') * 60) { throw new NamedUserException(WCF::getLanguage()->getDynamicVariable('wbb.postAdd.error.doublePostLockTime', array('timeout' => WCF::getUser()->getPermission('user.board.doublePostLock')))); } } } $this->messageTable = "wbb" . WBB_N . "_post"; }
/** * @see Page::readParameters() */ public function readParameters() { MessageForm::readParameters(); if (isset($_REQUEST['postID'])) { $this->postID = intval($_REQUEST['postID']); } $this->post = new PostEditor($this->postID); $this->thread = new ThreadEditor($this->post->threadID); if (!$this->thread->threadID) { throw new IllegalLinkException(); } $this->board = new BoardEditor($this->thread->boardID); $this->thread->enter($this->board); // check permissions (TODO: maybe we can use post->canEditPost() here) $this->isModerator = $this->board->getModeratorPermission('canEditPost') || $this->board->getModeratorPermission('canDeletePost'); $this->isAuthor = $this->post->userID && $this->post->userID == WCF::getUser()->userID; $this->canEditPost = $this->board->getModeratorPermission('canEditPost') || $this->isAuthor && $this->board->getPermission('canEditOwnPost'); $this->canDeletePost = $this->board->getModeratorPermission('canDeletePost') || $this->isAuthor && $this->board->getPermission('canDeleteOwnPost'); if (!$this->canEditPost && !$this->canDeletePost || !$this->isModerator && ($this->board->isClosed || $this->thread->isClosed || $this->post->isClosed)) { throw new PermissionDeniedException(); } // check post edit timeout if (!$this->isModerator && WCF::getUser()->getPermission('user.board.postEditTimeout') != -1 && TIME_NOW - $this->post->time > WCF::getUser()->getPermission('user.board.postEditTimeout') * 60) { throw new NamedUserException(WCF::getLanguage()->getDynamicVariable('wbb.postEdit.error.timeout', array('timeout' => WCF::getUser()->getPermission('user.board.postEditTimeout')))); } }
public function readParameters() { parent::readParameters(); if (isset($_REQUEST['serverID'])) { $this->serverID = intval($_REQUEST['serverID']); } }
/** * @see Form::readParameters() */ public function readParameters() { parent::readParameters(); // get contest if (!$this->contest->isPriceable()) { throw new PermissionDeniedException(); } }
/** * @see Page::readParameters() */ public function readParameters() { parent::readParameters(); $this->frame = new UserProfileFrame($this, WCF::getUser()->userID); if (!$this->frame->getUser()->getPermission('user.customUserPages.canUse')) throw new IllegalLinkException(); }
/** * @see Page::readParameters() */ public function readParameters() { MessageForm::readParameters(); if (isset($_REQUEST['priceID'])) { $this->priceID = intval($_REQUEST['priceID']); } $this->entry = new ContestPriceEditor($this->priceID); if (!$this->entry->priceID || !$this->entry->isEditable()) { throw new IllegalLinkException(); } }
/** * @see Page::readParameters() */ public function readParameters() { parent::readParameters(); // Permissions if (!WCF::getUser()->userID) { require_once WCF_DIR . 'lib/system/exception/IllegalLinkException.class.php'; throw new IllegalLinkException(); } else { $this->userID = intval(WCF::getUser()->userID); } if (isset($_REQUEST['permissionType'])) { $this->permissionType = $_REQUEST['permissionType']; } }
/** * @see Page::readParameters() */ public function readParameters() { parent::readParameters(); // read query parameters if (isset($_REQUEST['instanceID'])) { $this->instanceID = intval($_REQUEST['instanceID']); } // create instance object $this->instance = new NewsModule($this->instanceID); // validate instance object if (!$this->instance->instanceID) { throw new IllegalLinkException(); } }
public function readParameters() { parent::readParameters(); if (isset($_REQUEST['entryID'])) { $this->entryID = intval($_REQUEST['entryID']); } $this->entry = new NewsEntryEditor($this->entryID); if (!$this->entry->entryID) { throw new IllegalLinkException(); } $this->subject = $this->entry->subject; $this->text = $this->entry->text; $this->enableSmilies = $this->entry->enableSmilies; $this->enableHtml = $this->entry->enableHtml; $this->enableBBCodes = $this->entry->enableBBCodes; }
/** * @see Form::readParameters() */ public function readParameters() { parent::readParameters(); // get entry if (isset($_REQUEST['contestID'])) { $this->contestID = intval($_REQUEST['contestID']); } $this->contest = new ViewableContest($this->contestID); if (!$this->contest->contestID) { throw new IllegalLinkException(); } // get contest if (!$this->contest->isSolutionable()) { throw new PermissionDeniedException(); } }
/** * @see Page::readParameters() */ public function readParameters() { MessageForm::readParameters(); // read query arguments if (isset($_REQUEST['itemID'])) { $this->itemID = intval($_REQUEST['itemID']); } // create item object $this->item = new DynamicNewsItemEditor($this->itemID); // validate item if (!$this->item->itemID) { throw new IllegalLinkException(); } // check permissions if ($this->item->authorID == 0 or $this->item->authorID != WCF::getUser()->userID) { WCF::getUser()->checkPermission('user.cms.news.canEditItems'); } }
/** * @see Page::readParameters() */ public function readParameters() { MessageForm::readParameters(); if (!empty($_GET['pageID'])) $this->pageID = intval($_GET['pageID']); $this->page = UserCustomPageEditor($this->pageID); if (!$this->page->pageID) throw new IllegalLinkException(); $this->frame = new UserProfileFrame($this, $this->page->userID); if (!$this->frame->getUser()->getPermission('user.customUserPages.canUse')) throw new IllegalLinkException(); if ($this->frame->getUser()->userID != WCF::getUser()->userID) WCF::getUser()->checkPermission('mod.customUserPages.canEdit'); }
/** * @see Page::readParameters() */ public function readParameters() { parent::readParameters(); if (isset($_REQUEST['userID'])) { $this->userID = intval($_REQUEST['userID']); } else { $this->userID = intval(WCF::getUser()->userID); } require_once WCF_DIR . 'lib/data/user/UserProfile.class.php'; $this->user = new UserProfile($this->userID, null, null, null); $this->canUseSmilies = $this->user->getPermission('user.wantedPoster.canUseSmilies'); $this->canUseHtml = $this->user->getPermission('user.wantedPoster.canUseHtml'); $this->canUseBBCodes = $this->user->getPermission('user.wantedPoster.canUseBBCodes'); // Permissions if (!$this->user->userID) { require_once WCF_DIR . 'lib/system/exception/IllegalLinkException.class.php'; throw new IllegalLinkException(); } else { if (!WCF::getUser()->getPermission('mod.wantedPoster.canModifyEntries') && ($this->user->userID != WCF::getUser()->userID || !WCF::getUser()->getPermission('user.wantedPoster.canViewWantedPoster') || !WCF::getUser()->getPermission('user.wantedPoster.canUseWantedPoster'))) { require_once WCF_DIR . 'lib/system/exception/PermissionDeniedException.class.php'; throw new PermissionDeniedException(); } } }
/** * @see Page::readParameters() */ public function readParameters() { parent::readParameters(); // check permissions if (MODULE_CONTEST != 1 || !WCF::getUser()->userID) { throw new IllegalLinkException(); } if (isset($_REQUEST['contestID'])) { $this->contestID = intval($_REQUEST['contestID']); } $this->entry = new ContestEditor($this->contestID); if (!$this->entry->contestID || !$this->entry->isEditable()) { throw new IllegalLinkException(); } }
/** * @see Page::readParameters() */ public function readParameters() { parent::readParameters(); // check permissions if (MODULE_CONTEST != 1) { throw new IllegalLinkException(); } }
/** * @see Page::readParameters() */ public function readParameters() { MessageForm::readParameters(); if (isset($_REQUEST['userID'])) { $this->userID = intval($_REQUEST['userID']); } require_once WCF_DIR . 'lib/data/user/UserProfile.class.php'; $this->user = new UserProfile($this->userID, null, null, null); if (!$this->user->userID) { require_once WCF_DIR . 'lib/system/exception/IllegalLinkException.class.php'; $this->exception = true; throw new IllegalLinkException(); } // Schreibzugriff deaktiviert? if (!$this->user->userGuestbook_enable_posting || !$this->user->userGuestbook_enable || !WCF::getUser()->getPermission('user.guestbook.canWrite') || !WCF::getUser()->getPermission('user.guestbook.canUseOwn') && $this->userID == WCF::getUser()->userID) { require_once WCF_DIR . 'lib/system/exception/PermissionDeniedException.class.php'; $this->exception = true; throw new PermissionDeniedException(); } $this->locked = UserGuestbookData::getLockInfo($this->user->userID); // Gästebuch gesperrt? if (!empty($this->locked['locked']) && ($this->user->userID != WCF::getUser()->userID || !WCF::getUser()->getPermission('mod.guestbook.canLock'))) { require_once WCF_DIR . 'lib/system/exception/PermissionDeniedException.class.php'; $this->exception = true; throw new PermissionDeniedException(); } if (!$this->exception && isset($_REQUEST['action']) && !empty($_REQUEST['id']) && ($_REQUEST['action'] == 'edit' || $_REQUEST['action'] == 'comment')) { $entry = UserGuestbookData::getEntry(intval($_REQUEST['id'])); if (!empty($entry['id'])) { $this->action = $_REQUEST['action']; $this->id = $entry['id']; $editTime = intval(WCF::getUser()->getPermission('user.guestbook.canEditOwnEntries')); if ($this->action == 'edit') { if (!WCF::getUser()->getPermission('mod.guestbook.canEditAll') && !(WCF::getUser()->getPermission('user.guestbook.canEditOwnGuestbook') && $entry['userID'] == WCF::getUser()->userID) && !($editTime != 0 && $entry['fromUserID'] == WCF::getUser()->userID && ($editTime == -1 || $entry['entryTime'] > TIME_NOW - $editTime))) { require_once WCF_DIR . 'lib/system/exception/PermissionDeniedException.class.php'; $this->exception = true; $this->action = ''; throw new PermissionDeniedException(); } else { if (count($_POST)) { $this->text = isset($_POST['text']) ? $_POST['text'] : ''; } else { $this->text = $entry['text']; } } } else { if ($this->action == 'comment') { if ($entry['userID'] != WCF::getUser()->userID || !WCF::getUser()->getPermission('user.guestbook.canComment')) { require_once WCF_DIR . 'lib/system/exception/PermissionDeniedException.class.php'; $this->exception = true; $this->action = ''; throw new PermissionDeniedException(); } else { $this->text = $entry['comment']; $this->maxTextLength = 2000; $this->entryTxt = MessageParser::getInstance()->parse($entry['text'], $entry['enableSmilies'], $entry['enableHtml'], $entry['enableBBCodes']); } } } } } }
/** * @see Page::readParameters() */ public function readParameters() { parent::readParameters(); // get board if (isset($_REQUEST['boardID'])) { $this->boardID = intval($_REQUEST['boardID']); } $this->board = new BoardEditor($this->boardID); $this->board->enter(); // check permissions if (!$this->board->canStartThread()) { throw new PermissionDeniedException(); } $this->messageTable = "wbb" . WBB_N . "_post"; }
/** * @see Page::readParameters() */ public function readParameters() { parent::readParameters(); $this->frame = new UserProfileFrame($this); }