public static function get_message($condition, array $parameters)
{
$row = self::$db_querier->select_single_row_query('SELECT member.*, shoutbox.*
FROM ' . ShoutboxSetup::$shoutbox_table . ' shoutbox
LEFT JOIN ' . DB_TABLE_MEMBER . ' member ON member.user_id = shoutbox.user_id
' . $condition, $parameters);
$message = new ShoutboxMessage();
$message->set_properties($row);
return $message;
}
private function check_authorizations(ShoutboxMessage $message)
{
if (!$message->is_authorized_to_delete()) {
$error_controller = PHPBoostErrors::user_not_authorized();
DispatchManager::redirect($error_controller);
}
if (AppContext::get_current_user()->is_readonly()) {
$controller = PHPBoostErrors::user_in_read_only();
DispatchManager::redirect($controller);
}
}
private function build_view()
{
$this->lang = LangLoader::get('common', 'shoutbox');
$this->view = new FileTemplate('shoutbox/ShoutboxAjaxMessagesBoxController.tpl');
$this->view->add_lang($this->lang);
$config = ShoutboxConfig::load();
$this->view->put('C_DISPLAY_DATE', $config->is_date_displayed());
$result = PersistenceContext::get_querier()->select('SELECT *
FROM ' . ShoutboxSetup::$shoutbox_table . ' s
LEFT JOIN ' . DB_TABLE_MEMBER . ' m ON m.user_id = s.user_id
ORDER BY s.timestamp DESC
' . ($config->is_shout_max_messages_number_enabled() ? 'LIMIT ' . $config->get_shout_max_messages_number() : ''));
while ($row = $result->fetch()) {
$shoutbox_message = new ShoutboxMessage();
$shoutbox_message->set_properties($row);
$this->view->assign_block_vars('messages', array_merge($shoutbox_message->get_array_tpl_vars()));
}
$result->dispose();
}
private function build_view()
{
$user_accounts_config = UserAccountsConfig::load();
$messages_number = ShoutboxService::count();
$page = AppContext::get_request()->get_getint('page', 1);
$pagination = $this->get_pagination($messages_number, $page);
$is_guest = !AppContext::get_current_user()->check_level(User::MEMBER_LEVEL);
$result = PersistenceContext::get_querier()->select('SELECT member.*, shoutbox.*, ext_field.user_avatar
FROM ' . ShoutboxSetup::$shoutbox_table . ' shoutbox
LEFT JOIN ' . DB_TABLE_MEMBER . ' member ON member.user_id = shoutbox.user_id
LEFT JOIN ' . DB_TABLE_MEMBER_EXTENDED_FIELDS . ' ext_field ON ext_field.user_id = member.user_id
ORDER BY shoutbox.timestamp DESC
LIMIT :number_items_per_page OFFSET :display_from', array('number_items_per_page' => $pagination->get_number_items_per_page(), 'display_from' => $pagination->get_display_from()));
while ($row = $result->fetch()) {
$message = new ShoutboxMessage();
$message->set_properties($row);
//Avatar
$user_avatar = !empty($row['user_avatar']) ? Url::to_rel($row['user_avatar']) : ($user_accounts_config->is_default_avatar_enabled() ? Url::to_rel('/templates/' . AppContext::get_current_user()->get_theme() . '/images/' . $user_accounts_config->get_default_avatar_name()) : '');
$this->view->assign_block_vars('messages', array_merge($message->get_array_tpl_vars($page), array('C_AVATAR' => $row['user_avatar'] || $user_accounts_config->is_default_avatar_enabled(), 'C_USER_GROUPS' => !empty($row['groups']), 'U_AVATAR' => $user_avatar)));
//user's groups
if ($message->get_author_user()->get_groups()) {
$groups_cache = GroupsCache::load();
$user_groups = $message->get_author_user()->get_groups();
foreach ($user_groups as $user_group_id) {
if ($groups_cache->group_exists($user_group_id)) {
$group = $groups_cache->get_group($user_group_id);
$this->view->assign_block_vars('messages.user_groups', array('C_GROUP_PICTURE' => !empty($group['img']), 'GROUP_PICTURE' => $group['img'], 'GROUP_NAME' => $group['name']));
}
}
}
}
$result->dispose();
$this->view->put_all(array('C_NO_MESSAGE' => $result->get_rows_count() == 0, 'C_PAGINATION' => $messages_number > ShoutboxConfig::load()->get_items_number_per_page(), 'PAGINATION' => $pagination->display()));
if (ShoutboxAuthorizationsService::check_authorizations()->write() && !AppContext::get_current_user()->is_readonly()) {
$this->view->put('FORM', ShoutboxFormController::get_view());
} else {
$this->view->put('MSG', MessageHelper::display($this->lang['error.post.unauthorized'], MessageHelper::WARNING));
}
return $this->view;
}
public function execute(HTTPRequestCustom $request)
{
if ($this->check_authorizations()) {
$pseudo = TextHelper::strprotect(utf8_decode($request->get_string('pseudo', '')));
$contents = TextHelper::htmlentities($request->get_string('contents', ''), ENT_COMPAT, 'UTF-8');
$contents = TextHelper::htmlspecialchars_decode(TextHelper::html_entity_decode($contents, ENT_COMPAT, 'windows-1252'));
if ($pseudo && $contents) {
//Mod anti-flood, autorisé aux membres qui bénificie de l'autorisation de flooder.
$check_time = AppContext::get_current_user()->get_id() !== -1 && ContentManagementConfig::load()->is_anti_flood_enabled() ? PersistenceContext::get_querier()->get_column_value(PREFIX . "shoutbox", 'MAX(timestamp)', 'WHERE user_id = :id', array('id' => AppContext::get_current_user()->get_id())) : '';
if (!empty($check_time) && !AppContext::get_current_user()->check_max_value(AUTH_FLOOD)) {
if ($check_time >= time() - ContentManagementConfig::load()->get_anti_flood_duration()) {
$code = -1;
}
}
//Vérifie que le message ne contient pas du flood de lien.
$config_shoutbox = ShoutboxConfig::load();
$contents = FormatingHelper::strparse($contents, $config_shoutbox->get_forbidden_formatting_tags());
if (!TextHelper::check_nbr_links($contents, $config_shoutbox->get_max_links_number_per_message(), true)) {
//Nombre de liens max dans le message.
$code = -2;
}
$shoutbox_message = new ShoutboxMessage();
$shoutbox_message->init_default_properties();
$shoutbox_message->set_login($pseudo);
$shoutbox_message->set_user_id(AppContext::get_current_user()->get_id());
$shoutbox_message->set_contents($contents);
$shoutbox_message->set_creation_date(new Date());
$code = ShoutboxService::add($shoutbox_message);
} else {
$code = -3;
}
} else {
$code = -4;
}
return new JSONResponse(array('code' => $code));
}
