public function getFloodingLimitForAction($action, &$viewingUser = null)
{
$this->standardizeViewingUserReference($viewingUser);
if (!$viewingUser['user_id']) {
return null;
}
switch ($action) {
case 'conversation':
$floodingLimit = XenForo_Permission::hasPermission($viewingUser['permissions'], 'conversation', 'floodCheckLength');
break;
case 'post':
$floodingLimit = XenForo_Permission::hasPermission($viewingUser['permissions'], 'general', 'floodCheckPostLength');
break;
case 'contact':
$floodingLimit = XenForo_Permission::hasPermission($viewingUser['permissions'], 'general', 'floodCheckContactLength');
break;
case 'report':
$floodingLimit = XenForo_Permission::hasPermission($viewingUser['permissions'], 'general', 'floodCheckReportLength');
break;
default:
$floodingLimit = null;
break;
}
if ($floodingLimit === false) {
return null;
}
return $floodingLimit;
}
public function actionContent()
{
$noWrapper = $this->_input->filterSingle('no_wrapper', XenForo_Input::STRING);
$defaultOrder = 'media_date';
$order = $this->_input->filterSingle('order', XenForo_Input::STRING, array('default' => $defaultOrder));
$container = $this->_input->filterSingle('container', XenForo_Input::STRING);
$type = $this->_input->filterSingle('type', XenForo_Input::STRING);
$userId = $this->_input->filterSingle('user_id', XenForo_Input::UINT);
$userFetchOptions = array('join' => XenForo_Model_User::FETCH_LAST_ACTIVITY);
$user = $this->getHelper('UserProfile')->assertUserProfileValidAndViewable($userId, $userFetchOptions);
$this->canonicalizeRequestUrl(XenForo_Link::buildPublicLink('xengallery/users', $user));
$mediaModel = $this->_getMediaModel();
$page = $this->_input->filterSingle('page', XenForo_Input::UINT);
$perPage = XenForo_Application::getOptions()->xengalleryMediaMaxPerPage;
$visitor = XenForo_Visitor::getInstance();
$conditions = array('user_id' => $user['user_id'], 'container' => $container, 'type' => $type, 'deleted' => XenForo_Permission::hasPermission(XenForo_Visitor::getInstance()->permissions, 'xengallery', 'viewDeleted'), 'privacyUserId' => $visitor->user_id, 'viewAlbums' => XenForo_Permission::hasPermission($visitor->permissions, 'xengallery', 'viewAlbums'), 'viewCategoryIds' => $mediaModel->getViewableCategoriesForVisitor($visitor->toArray()));
$fetchOptions = $this->_getMediaFetchOptions() + array('order' => $order ? $order : $defaultOrder, 'orderDirection' => 'desc', 'page' => $page, 'perPage' => $perPage);
$fetchOptions['join'] |= XenGallery_Model_Media::FETCH_ALBUM | XenGallery_Model_Media::FETCH_PRIVACY;
$totalCount = $mediaModel->countMedia($conditions, $fetchOptions);
$media = $mediaModel->getMedia($conditions, $fetchOptions);
$media = $mediaModel->prepareMediaItems($media);
$userPage = false;
if ($userId == $visitor->user_id) {
$userPage = true;
}
$inlineModOptions = $mediaModel->prepareInlineModOptions($media, $userPage);
$pageNavParams = array('order' => $order != $defaultOrder ? $order : false, 'container' => $container ? $container : false, 'type' => $type ? $type : false);
$viewParams = array('canViewComments' => $this->_getCommentModel()->canViewComments(), 'media' => $media, 'user' => $user, 'page' => $page <= 1 ? '' : $page, 'perPage' => $perPage, 'pageNavParams' => $pageNavParams, 'order' => $order, 'defaultOrder' => $defaultOrder, 'container' => $container, 'containerFilter' => $container, 'type' => $type, 'typeFilter' => $type, 'mediaCount' => count($media), 'totalCount' => $totalCount, 'noWrapper' => $noWrapper, 'showFilterTabs' => true, 'inlineModOptions' => $inlineModOptions);
$view = $this->responseView('XenGallery_ViewPublic_User_Media', 'xengallery_media_user', $viewParams);
if ($noWrapper) {
return $view;
} else {
return $this->_getSiteMediaWrapper('', $view);
}
}
public static function getImage($content, $params, XenForo_Template_Abstract $template)
{
$posts = $template->getParam('posts');
if (!count($posts)) {
return $content;
}
$visitor = XenForo_Visitor::getInstance();
$matches = array();
foreach ($posts as $post) {
if (XenForo_Permission::hasPermission($visitor['permissions'], 'forum', 'viewAttachment')) {
preg_match('#\\[attach(=[^\\]]*)?\\](?P<id>\\d+)(\\D.*)?\\[/attach\\]#iU', $post['message'], $matches);
if (!empty($matches[2])) {
$link = XenForo_Link::buildPublicLink('full:attachments', array('attachment_id' => $matches[2]));
if (!empty($link)) {
return $link;
}
}
}
preg_match('/\\[(img|IMG)\\]\\s*(https?:\\/\\/([^*\\r\\n]+|[a-z0-9\\/\\\\._\\- !]+))\\[\\/(img|IMG)\\]/', $post['message'], $matches);
if (!empty($matches[2])) {
return $matches[2];
}
}
return $content;
}
public function getPermissions(array $viewingUser = null)
{
$this->standardizeViewingUserReference($viewingUser);
$perms['custom'] = XenForo_Permission::hasPermission($viewingUser['permissions'], 'EWRporta', 'canCustom') ? true : false;
$perms['promote'] = XenForo_Permission::hasPermission($viewingUser['permissions'], 'EWRporta', 'canPromote') ? true : false;
return $perms;
}
public function findNewMedia()
{
$mediaModel = $this->_getMediaModel();
/** @var $searchModel XenForo_Model_Search */
$searchModel = $this->_getSearchModel();
$visitor = XenForo_Visitor::getInstance();
$limitOptions = array('limit' => XenForo_Application::getOptions()->maximumSearchResults, 'viewCategoryIds' => $mediaModel->getViewableCategoriesForVisitor($visitor->toArray()), 'viewAlbums' => XenForo_Permission::hasPermission($visitor->permissions, 'xengallery', 'viewAlbums'), 'privacyUserId' => $visitor->user_id);
if ($visitor->user_id) {
$mediaIds = $mediaModel->getUnviewedMediaIds($visitor->user_id, $limitOptions);
} else {
$conditions = $limitOptions + array('media_date' => array('>', XenForo_Application::$time - 86400 * 7), 'deleted' => false, 'moderated' => false);
$fetchOptions = $limitOptions + array('order' => 'media_date', 'orderDirection' => 'desc', 'join' => XenGallery_Model_Media::FETCH_USER | XenGallery_Model_Media::FETCH_ATTACHMENT | XenGallery_Model_Media::FETCH_CATEGORY | XenGallery_Model_Media::FETCH_ALBUM | XenGallery_Model_Media::FETCH_PRIVACY);
$mediaIds = array_keys($mediaModel->getMedia($conditions, $fetchOptions));
}
if ($mediaIds) {
$media = $mediaModel->getMedia(array('media_id' => $mediaIds, 'view_user_id' => $visitor->getUserId()), array('join' => XenGallery_Model_Media::FETCH_USER | XenGallery_Model_Media::FETCH_ATTACHMENT | XenGallery_Model_Media::FETCH_CATEGORY | XenGallery_Model_Media::FETCH_ALBUM | XenGallery_Model_Media::FETCH_LAST_VIEW));
$media = $mediaModel->prepareMedia($media);
}
$results = array();
foreach ($mediaIds as $mediaId) {
if (isset($media[$mediaId])) {
$results[] = array(XenForo_Model_Search::CONTENT_TYPE => 'xengallery_media', XenForo_Model_Search::CONTENT_ID => $mediaId);
}
}
$search = $searchModel->insertSearch($results, 'xengallery_media', '', array('findNew'), 'date', false);
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, XenForo_Link::buildPublicLink('find-new/media', $search));
}
public function getVisibleReportsForUser(array $reports, array $viewingUser)
{
$teamIds = array();
foreach ($reports as $reportId => $report) {
$info = unserialize($report['content_info']);
$teamIds[$info['team_id']][] = $reportId;
}
$teamModel = XenForo_Model::create('Nobita_Teams_Model_Team');
$teams = $teamModel->getTeamsByIds(array_keys($teamIds), array('join' => Nobita_Teams_Model_Team::FETCH_CATEGORY | Nobita_Teams_Model_Team::FETCH_PRIVACY | Nobita_Teams_Model_Team::FETCH_PROFILE));
foreach ($teamIds as $teamId => $teamReports) {
$remove = false;
if (!isset($teams[$teamId])) {
$remove = true;
} else {
$team = $teams[$teamId];
if (!XenForo_Permission::hasPermission($viewingUser['permissions'], 'Teams', 'editPostAny') && !XenForo_Permission::hasPermission($viewingUser['permissions'], 'Teams', 'deletePostAny')) {
$remove = true;
}
}
if ($remove) {
foreach ($teamReports as $reportId) {
unset($teamReports[$reportId]);
}
}
}
return $reports;
}
/**
* Gets the visible reports of this content type for the viewing user.
*
* @see XenForo_ReportHandler_Abstract:getVisibleReportsForUser()
*/
public function getVisibleReportsForUser(array $reports, array $viewingUser)
{
$reportsByUser = array();
foreach ($reports as $reportId => $report) {
$info = unserialize($report['content_info']);
$reportsByUser[$info['profile_user_id']][] = $reportId;
}
$users = XenForo_Model::create('XenForo_Model_User')->getUsersByIds(array_keys($reportsByUser), array('join' => XenForo_Model_User::FETCH_USER_PRIVACY, 'followingUserId' => $viewingUser['user_id']));
$userProfileModel = XenForo_Model::create('XenForo_Model_UserProfile');
foreach ($reportsByUser as $userId => $userReports) {
$remove = false;
if (isset($users[$userId]) && !$userProfileModel->canViewFullUserProfile($users[$userId], $null, $viewingUser)) {
$remove = true;
} else {
if (!XenForo_Permission::hasPermission($viewingUser['permissions'], 'profilePost', 'editAny') && !XenForo_Permission::hasPermission($viewingUser['permissions'], 'profilePost', 'deleteAny')) {
$remove = true;
}
}
if ($remove) {
foreach ($userReports as $reportId) {
unset($reports[$reportId]);
}
}
}
return $reports;
}
public function actionAlbums()
{
$this->_routeMatch->setSections('xengallery');
$albumWatchModel = $this->_getAlbumWatchModel();
$albumModel = $this->_getAlbumModel();
if (!$albumModel->canWatchAlbum()) {
throw $this->getErrorOrNoPermissionResponseException();
}
$visitor = XenForo_Visitor::getInstance();
$defaultOrder = 'album_date';
$order = $this->_input->filterSingle('order', XenForo_Input::STRING, array('default' => $defaultOrder));
$page = $this->_input->filterSingle('page', XenForo_Input::UINT);
$perPage = XenForo_Application::getOptions()->xengalleryMediaMaxPerPage;
$albums = array();
$conditions = array();
$fetchOptions = array();
$albumIds = $albumWatchModel->getUserAlbumWatchByUser($visitor['user_id']);
if ($albumIds) {
$conditions = array('deleted' => XenForo_Permission::hasPermission($visitor->permissions, 'xengallery', 'viewDeleted'), 'privacyUserId' => $visitor->user_id, 'viewCategoryIds' => $this->getModelFromCache('XenGallery_Model_Media')->getViewableCategoriesForVisitor(), 'album_id' => array_keys($albumIds));
$fetchOptions = array('order' => $order ? $order : $defaultOrder, 'orderDirection' => 'desc', 'page' => $page, 'perPage' => $perPage, 'join' => XenGallery_Model_Album::FETCH_PRIVACY | XenGallery_Model_Album::FETCH_USER);
$albums = $albumModel->getAlbums($conditions, $fetchOptions);
$albums = $albumModel->prepareAlbums($albums);
foreach ($albums as $albumId => &$album) {
$album = array_merge($albumIds[$albumId], $album);
}
}
$pageNavParams = array('order' => $order != $defaultOrder ? $order : false);
$viewParams = array('albums' => $albums, 'albumCount' => $albums ? $albumModel->countAlbums($conditions, $fetchOptions) : 0, 'canViewRatings' => $this->_getMediaModel()->canViewRatings(), 'canViewComments' => $this->_getCommentModel()->canViewComments(), 'order' => $order, 'defaultOrder' => $defaultOrder, 'page' => $page, 'perPage' => $perPage, 'pageNavParams' => $pageNavParams, 'watchPage' => true, 'hideFilterMenu' => true);
return $this->responseView('XenGallery_ViewPublic_Watched_Albums', 'xengallery_watch_albums', $viewParams);
}
/**
* Determines if the specified attachment can be viewed.
*
* @see XenForo_AttachmentHandler_Abstract::_canViewAttachment()
*/
protected function _canViewAttachment(array $attachment, array $viewingUser)
{
$mediaModel = $this->_getMediaModel();
$fetchOptions = array('join' => XenGallery_Model_Media::FETCH_USER | XenGallery_Model_Media::FETCH_ATTACHMENT | XenGallery_Model_Media::FETCH_CATEGORY | XenGallery_Model_Media::FETCH_ALBUM, 'watchUserId' => $viewingUser['user_id']);
if (XenForo_Permission::hasPermission($viewingUser['permissions'], 'xengallery', 'viewDeleted')) {
$fetchOptions['join'] |= XenGallery_Model_Media::FETCH_DELETION_LOG;
}
$mediaId = $mediaModel->getMediaIdByAttachmentId($attachment['attachment_id']);
$media = $mediaModel->getMediaById($mediaId, $fetchOptions);
if (!$media) {
return false;
}
if (!empty($media['album_id'])) {
$albumModel = $this->_getAlbumModel();
$media = $albumModel->prepareAlbumWithPermissions($media);
if (!$albumModel->canViewAlbum($media, $null, $viewingUser)) {
return false;
}
}
if (!empty($media['category_id'])) {
if (!$this->_getCategoryModel()->canViewCategory($media, $null, $viewingUser)) {
return false;
}
}
if (!$mediaModel->canViewDeletedMedia($error, $viewingUser) && $media['media_state'] == 'deleted') {
return false;
}
if (!$mediaModel->canViewUnapprovedMedia($error, $viewingUser) && $media['media_state'] == 'moderated') {
return false;
}
return true;
}
/**
* Gets visible moderation queue entries for specified user.
*
* @see XenForo_ModerationQueueHandler_Abstract::getVisibleModerationQueueEntriesForUser()
*/
public function getVisibleModerationQueueEntriesForUser(array $contentIds, array $viewingUser)
{
/* @var $profilePostModel XenForo_Model_ProfilePost */
$profilePostModel = XenForo_Model::create('XenForo_Model_ProfilePost');
$profilePosts = $profilePostModel->getProfilePostsByIds($contentIds);
$profileUserIds = array();
foreach ($profilePosts as $profilePost) {
$profileUserIds[] = $profilePost['profile_user_id'];
}
$users = XenForo_Model::create('XenForo_Model_User')->getUsersByIds($profileUserIds, array('join' => XenForo_Model_User::FETCH_USER_PRIVACY, 'followingUserId' => $viewingUser['user_id']));
$output = array();
foreach ($profilePosts as $profilePost) {
if (!isset($users[$profilePost['profile_user_id']])) {
continue;
}
$user = $users[$profilePost['profile_user_id']];
$canManage = true;
if (!$profilePostModel->canViewProfilePostAndContainer($profilePost, $user, $null, $viewingUser)) {
$canManage = false;
} else {
if (!XenForo_Permission::hasPermission($viewingUser['permissions'], 'profilePost', 'editAny') || !XenForo_Permission::hasPermission($viewingUser['permissions'], 'profilePost', 'deleteAny')) {
$canManage = false;
}
}
if ($canManage) {
$output[$profilePost['profile_post_id']] = array('message' => $profilePost['message'], 'user' => array('user_id' => $profilePost['user_id'], 'username' => $profilePost['username']), 'title' => new XenForo_Phrase('profile_post_for_x', array('username' => $user['username'])), 'link' => XenForo_Link::buildPublicLink('profile-posts', $profilePost), 'contentTypeTitle' => new XenForo_Phrase('profile_post'), 'titleEdit' => false);
}
}
return $output;
}
public function getPermissionsFromContext(array $context, array $parentContext = null)
{
// Context could be some previously fetched permissions, media, album or category...
if (isset($context['tagger_permissions'])) {
return $context['tagger_permissions'];
} else {
if (isset($context['media_id'])) {
$media = $context;
$container = $parentContext;
} else {
$media = null;
$container = $context;
}
}
if (!$container || empty($container['album_id']) && empty($container['category_id'])) {
throw new Exception("Context must be a media item and an album/category or just an album/category");
}
$visitor = XenForo_Visitor::getInstance();
if ($media) {
if ($media['user_id'] == $visitor['user_id'] && XenForo_Permission::hasPermission($visitor['permissions'], 'xengallery', 'manageOthersTagsOwnMedia')) {
$removeOthers = true;
} else {
$removeOthers = XenForo_Permission::hasPermission($visitor['permissions'], 'xengallery', 'manageAnyTag');
}
} else {
$removeOthers = false;
}
return array('edit' => $this->_getMediaModel()->canEditTags($media), 'removeOthers' => $removeOthers, 'minTotal' => isset($container['min_tags']) ? $container['min_tags'] : XenForo_Application::getOptions()->xengalleryAlbumMinTags);
}
/**
* Gets visible moderation queue entries for specified user.
*
* @see XenForo_ModerationQueueHandler_Abstract::getVisibleModerationQueueEntriesForUser()
*/
public function getVisibleModerationQueueEntriesForUser(array $contentIds, array $viewingUser)
{
/** @var XenForo_Model_ProfilePost $profilePostModel */
$profilePostModel = XenForo_Model::create('XenForo_Model_ProfilePost');
$comments = $profilePostModel->getProfilePostCommentsByIds($contentIds);
$profilePostIds = XenForo_Application::arrayColumn($comments, 'profile_post_id');
$profilePosts = $profilePostModel->getProfilePostsByIds($profilePostIds, array('join' => XenForo_Model_ProfilePost::FETCH_USER_RECEIVER | XenForo_Model_ProfilePost::FETCH_USER_RECEIVER_PRIVACY | XenForo_Model_ProfilePost::FETCH_USER_POSTER, 'visitingUser' => $viewingUser));
$output = array();
foreach ($comments as $key => &$comment) {
if (isset($profilePosts[$comment['profile_post_id']])) {
$comment['profilePost'] = $profilePosts[$comment['profile_post_id']];
$comment['profileUser'] = $profilePostModel->getProfileUserFromProfilePost($comment['profilePost'], $viewingUser);
if (!$comment['profilePost'] || !$comment['profileUser']) {
continue;
}
$canManage = true;
if (!$profilePostModel->canViewProfilePostAndContainer($comment['profilePost'], $comment['profileUser'], $null, $viewingUser)) {
$canManage = false;
} else {
if (!$profilePostModel->canViewProfilePostComment($comment, $comment['profilePost'], $comment['profileUser'], $null, $viewingUser)) {
$canManage = false;
} else {
if (!XenForo_Permission::hasPermission($viewingUser['permissions'], 'profilePost', 'editAny') || !XenForo_Permission::hasPermission($viewingUser['permissions'], 'profilePost', 'deleteAny')) {
$canManage = false;
}
}
}
if ($canManage) {
$output[$comment['profile_post_comment_id']] = array('message' => $comment['message'], 'user' => array('user_id' => $comment['user_id'], 'username' => $comment['username']), 'title' => new XenForo_Phrase('profile_post_comment_by_x', array('username' => $comment['username'])), 'link' => XenForo_Link::buildPublicLink('profile-posts/comments', $comment), 'contentTypeTitle' => new XenForo_Phrase('profile_post_comment'), 'titleEdit' => false);
}
}
}
return $output;
}
protected function _getContent(array $contentIds, array $viewingUser)
{
$mediaModel = $this->_getMediaModel();
$conditions = array('media_id' => $contentIds, 'privacyUserId' => $viewingUser['user_id'], 'deleted' => $mediaModel->canViewDeletedMedia($null, $viewingUser), 'moderated' => $mediaModel->canViewUnapprovedMedia($null, $viewingUser), 'viewAlbums' => XenForo_Permission::hasPermission($viewingUser['permissions'], 'xengallery', 'viewAlbums'), 'viewCategoryIds' => $mediaModel->getViewableCategoriesForVisitor($viewingUser));
$fetchOptions = array('join' => XenGallery_Model_Media::FETCH_USER | XenGallery_Model_Media::FETCH_ALBUM | XenGallery_Model_Media::FETCH_CATEGORY | XenGallery_Model_Media::FETCH_PRIVACY);
return $mediaModel->getMedia($conditions, $fetchOptions);
}
/**
*
* @see XenForo_Model_UserProfile
*/
public function canViewProfilePosts(array $user, &$errorPhraseKey = '', array $viewingUser = null)
{
$this->standardizeViewingUserReference($viewingUser);
if ($user['user_id'] == $viewingUser['user_id']) {
return XenForo_Permission::hasPermission($viewingUser['permissions'], 'profilePost', 'viewOwnStatus');
}
return parent::canViewProfilePosts($user, $errorPhraseKey, $viewingUser);
}
/**
* Determines if permissions are sufficient to view similar usernames for
* the given user.
*
* @param array $user User being viewed
* @param string $errorPhraseKey Returned by ref. Phrase key of more
* specific error
* @param array|null $viewingUser Viewing user ref
*
* @return boolean
*/
public function canViewSimilarUsernames(array $user, &$errorPhraseKey = '', array $viewingUser = null)
{
if (empty($user['user_id'])) {
return false;
}
$this->standardizeViewingUserReference($viewingUser);
return XenForo_Permission::hasPermission($viewingUser['permissions'], 'general', 'similarUsernames');
}
/**
* Determines if a user can view the lists of threads in watched forums
*
* @param string $errorPhraseKey
* @param array|null $viewingUser
*
* @return boolean
*/
public function canViewThreadsInWatchedForums(&$errorPhraseKey = '', array $viewingUser = null)
{
$this->standardizeViewingUserReference($viewingUser);
if (!$viewingUser['user_id'] || !XenForo_Permission::hasPermission($viewingUser['permissions'], 'general', 'viewThreadsWatchedForums')) {
return false;
}
return true;
}
/**
* Determines if a user can edit the temporary user changes
*
* @param string $errorPhraseKey
* @param array|null $viewingUser
*
* @return boolean
*/
public function canEditTempUserChanges(&$errorPhraseKey = '', array $viewingUser = null)
{
$this->standardizeViewingUserReference($viewingUser);
if (!$viewingUser['user_id'] || !XenForo_Permission::hasPermission($viewingUser['permissions'], 'general', 'editTempUserChange')) {
return false;
}
return true;
}
/**
* Determines the maximum number of secondary social forums for the specified user.
*
* @param string $errorPhraseKey Returned by ref. Phrase key of more specific error
* @param array|null $viewingUser Viewing user ref
*
* @return integer
*/
public function getMaximumSecondarySocialForums(&$errorPhraseKey = '', array $viewingUser = null)
{
$this->standardizeViewingUserReference($viewingUser);
if (!$viewingUser['user_id']) {
return 0;
}
return XenForo_Permission::hasPermission($viewingUser['permissions'], 'general', 'maxSecondarySocialForums');
}
public function getPermissions(array $viewingUser = null)
{
$this->standardizeViewingUserReference($viewingUser);
$perms['post'] = XenForo_Permission::hasPermission($viewingUser['permissions'], 'GeekListings', 'canPost') ? true : false;
$perms['bypass'] = XenForo_Permission::hasPermission($viewingUser['permissions'], 'GeekListings', 'canBypass') ? true : false;
$perms['rsvp'] = XenForo_Permission::hasPermission($viewingUser['permissions'], 'GeekListings', 'canRSVP') ? true : false;
$perms['mod'] = XenForo_Permission::hasPermission($viewingUser['permissions'], 'GeekListings', 'canMod') ? true : false;
return $perms;
}
/**
*
* @see XenForo_Model_ProfilePost::getPermissionBasedProfilePostConditions()
*/
public function getPermissionBasedProfilePostConditions(array $user, array $viewingUser = null)
{
$conditions = parent::getPermissionBasedProfilePostConditions($user, $viewingUser);
$this->standardizeViewingUserReference($viewingUser);
if ($user['user_id'] == $viewingUser['user_id'] && !XenForo_Permission::hasPermission($viewingUser['permissions'], 'profilePost', 'view') && XenForo_Permission::hasPermission($viewingUser['permissions'], 'profilePost', 'viewOwnStatus')) {
$conditions['profile_post_user_id'] = $viewingUser['user_id'];
}
return $conditions;
}
/**
*
* @see XenForo_Model_Attachment::canDeleteAttachment()
*/
public function canDeleteAttachment(array $attachment, $tempHash = '', array $viewingUser = null)
{
$this->standardizeViewingUserReference($viewingUser);
if (empty($attachment['temp_hash']) || !empty($attachment['content_id'])) {
if (!XenForo_Permission::hasPermission($viewingUser['permissions'], 'general', 'deleteAttachment')) {
return false;
}
}
return parent::canDeleteAttachment($attachment, $tempHash, $viewingUser);
}
public function actionAddEntry()
{
// this action must be called via POST
$this->_assertPostOnly();
// guests not allowed
$this->_assertRegistrationRequired();
$permissions = XenForo_Visitor::getInstance()->getPermissions();
$actionAllowed = XenForo_Permission::hasPermission($permissions, "forum", "postThread");
if (!$actionAllowed) {
return $this->responseError('You do not have permissions to do this');
}
# Grab user info/model/array from db
$userModel = XenForo_Model::create('XenForo_Model_User');
// get donor id and also get the receiver's name
$dbtc_donor_id = $this->_input->filterSingle('dbtc_donor_id', XenForo_Input::STRING);
$dbtc_receiver_name = $this->_input->filterSingle('dbtc_receiver_name', XenForo_Input::STRING);
// get transaction id if it exists
$dbtc_transaction_id = $this->_input->filterSingle('dbtc_transaction_id', XenForo_Input::UINT);
// get parent transaction id if it exists
$dbtc_parent_transaction_id = $this->_input->filterSingle('dbtc_parent_transaction_id', XenForo_Input::UINT);
$donorModel = $userModel->getUserById($dbtc_donor_id);
$receiverModel = $userModel->getUserByNameOrEmail($dbtc_receiver_name);
// get user id
$dbtc_receiver_id = $receiverModel['user_id'];
// get the user based on id or error
// $user = $this->_getUserOrError($dbtc_receiver_id);
// get status id
$dbtc_status_id = $this->_input->filterSingle('dbtc_status_id', XenForo_Input::UINT);
// get date and make sure we have a 'human' versino of the date
$dbtc_date = $this->_input->filterSingle('dbtc_date', XenForo_Input::DATE_TIME);
$dbtc_human_date = gmdate("m/d/Y", $dbtc_date);
# Grab avatar and link
$avatar = XenForo_Template_Helper_Core::callHelper('avatarhtml', array($receiverModel, TRUE, array('size' => 's'), ''));
// get all necessary inputs from this form
$dbtc_thread_id = $this->_input->filterSingle('dbtc_thread_id', XenForo_Input::UINT);
// $data = array($dbtc_thread_id, $dbtc_donor_id, $dbtc_receiver_id, $dbtc_status_id, $dbtc_date, $avatar);
// create a new DataWriter and set user_id and message fields
$writer = XenForo_DataWriter::create('DBTC_DataWriter_DBTCNodeEntry');
// if we're editing a transaction
if ($dbtc_transaction_id != 0) {
$writer->setExistingData($dbtc_transaction_id);
}
$writer->set('dbtc_thread_id', $dbtc_thread_id);
$writer->set('dbtc_donor_id', $dbtc_donor_id);
$writer->set('dbtc_receiver_id', $dbtc_receiver_id);
$writer->set('dbtc_status_id', $dbtc_status_id);
$writer->set('dbtc_date', $dbtc_date);
$writer->set('dbtc_parent_transaction_id', $dbtc_parent_transaction_id);
$writer->save();
// get the data that was saved
$nodeData = $writer->getMergedData();
$data = array('dbtc_transaction_id' => $nodeData['dbtc_transaction_id'], 'dbtc_thread_id' => $dbtc_thread_id, 'dbtc_donor_id' => $dbtc_donor_id, 'dbtc_receiver_id' => $dbtc_receiver_id, 'dbtc_receiver_name' => $dbtc_receiver_name, 'dbtc_status_id' => $dbtc_status_id, 'dbtc_date' => $dbtc_human_date, 'dbtc_receiver_avatar_html' => $avatar, 'dbtc_parent_transaction_id', $dbtc_parent_transaction_id);
// redirect back to the normal scratchpad index page
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, XenForo_Link::buildPublicLink('dbtc-node-entry'), null, $data);
}
public function canChangeCheckInOutUser(&$errorPhraseKey = '', array $viewingUser = null)
{
$this->standardizeViewingUserReference($viewingUser);
if (!$viewingUser['user_id']) {
return false;
}
if (XenForo_Permission::hasPermission($viewingUser['permissions'], 'general', 'checkInOutAsUser')) {
return true;
}
return false;
}
public function getRecords($previousLast, $limit, array $viewingUser)
{
if (!XenForo_Permission::hasPermission($viewingUser['permissions'], 'general', 'viewProfile')) {
return array();
}
$userModel = $this->_getUserModel();
$ids = $userModel->getUserIdsInRange($previousLast, $limit);
$users = $userModel->getUsersByIds($ids, array('join' => XenForo_Model_User::FETCH_USER_FULL, 'followingUserId' => $viewingUser['user_id']));
ksort($users);
return $users;
}
public function getRecords($previousLast, $limit, array $viewingUser)
{
if (!XenForo_Permission::hasPermission($viewingUser['permissions'], 'Teams', 'view')) {
return array();
}
$teamModel = $this->_getTeamModel();
$ids = $teamModel->getTeamIdsInRange($previousLast, $limit);
$teams = $teamModel->getTeamsByIds($ids, array('join' => Nobita_Teams_Model_Team::FETCH_PROFILE | Nobita_Teams_Model_Team::FETCH_PRIVACY | Nobita_Teams_Model_Team::FETCH_CATEGORY));
ksort($teams);
return $teams;
}
public function canViewCategories(&$errorPhraseKey = '', array $viewingUser = array())
{
$viewingUser = $this->standardizeViewingUserReference($viewingUser);
if (XenForo_Permission::hasPermission($viewingUser['permissions'], 'xengallery', 'viewOverride')) {
return true;
}
if (!XenForo_Permission::hasPermission($viewingUser['permissions'], 'xengallery', 'viewCategories')) {
$errorPhraseKey = 'xengallery_no_view_this_category_permission';
return false;
}
return true;
}
/**
* Determines if a user can add a category inside the given resource
* category.
*
* @param array $category
* @param string $errorPhraseKey
* @param array $viewingUser
* @param array|null $categoryPermissions
*
* @return boolean
*/
public function canAddCategory(array $category = null, &$errorPhraseKey = '', array $viewingUser = null, array $categoryPermissions = null)
{
if ($category) {
$this->standardizeViewingUserReferenceForCategory($category, $viewingUser, $categoryPermissions);
} else {
$this->standardizeViewingUserReference($viewingUser);
}
if ($category) {
return XenForo_Permission::hasContentPermission($categoryPermissions, 'addCategory');
}
return XenForo_Permission::hasPermission($viewingUser['permissions'], 'resource', 'addCategory');
}
public function actionLogin()
{
if (!$this->_request->isPost()) {
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::RESOURCE_CANONICAL, XenForo_Link::buildAdminLink('index'));
}
$data = $this->_input->filter(array('login' => XenForo_Input::STRING, 'password' => XenForo_Input::STRING, 'redirect' => XenForo_Input::STRING, 'cookie_check' => XenForo_Input::UINT));
$redirect = $data['redirect'] ? $data['redirect'] : XenForo_Link::buildAdminLink('index');
$loginModel = $this->_getLoginModel();
if ($data['cookie_check'] && count($_COOKIE) == 0) {
// login came from a page, so we should at least have a session cookie.
// if we don't, assume that cookies are disabled
return $this->responseError(new XenForo_Phrase('cookies_required_to_log_in_to_site'));
}
$needCaptcha = $loginModel->requireLoginCaptcha($data['login']);
if ($needCaptcha) {
// just block logins here instead of using the captcha
return $this->responseError(new XenForo_Phrase('your_account_has_temporarily_been_locked_due_to_failed_login_attempts'));
}
$userModel = $this->_getUserModel();
$userId = $userModel->validateAuthentication($data['login'], $data['password'], $error);
if (!$userId) {
$loginModel->logLoginAttempt($data['login']);
if ($loginModel->requireLoginCaptcha($data['login'])) {
return $this->responseError(new XenForo_Phrase('your_account_has_temporarily_been_locked_due_to_failed_login_attempts'));
}
if ($this->_input->filterSingle('upgrade', XenForo_Input::UINT)) {
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, $redirect);
} else {
// note - JSON view will return responseError($text)
return $this->responseView('XenForo_ViewAdmin_Login_Error', 'login_form', array('text' => $error, 'defaultLogin' => $data['login'], 'redirect' => $redirect), array('containerTemplate' => 'LOGIN_PAGE'));
}
}
$loginModel->clearLoginAttempts($data['login']);
$user = $this->_getUserModel()->getFullUserById($userId, array('join' => XenForo_Model_User::FETCH_USER_PERMISSIONS));
// now check that the user will be able to get into the ACP (is_admin)
if (!$user['is_admin']) {
return $this->responseError(new XenForo_Phrase('your_account_does_not_have_admin_privileges'));
}
/** @var XenForo_ControllerHelper_Login $loginHelper */
$loginHelper = $this->getHelper('Login');
if ($loginHelper->userTfaConfirmationRequired($user)) {
$loginHelper->setTfaSessionCheck($user['user_id']);
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, XenForo_Link::buildAdminLink('login/two-step', null, array('redirect' => $redirect)));
} else {
$permissions = XenForo_Permission::unserializePermissions($user['global_permission_cache']);
if (empty($user['use_tfa']) && (XenForo_Application::getOptions()->adminRequireTfa || XenForo_Permission::hasPermission($permissions, 'general', 'requireTfa'))) {
return $this->responseError(new XenForo_Phrase('you_must_enable_two_step_access_control_panel', array('link' => XenForo_Link::buildPublicLink('account/two-step'))));
}
$postVars = $this->_input->filterSingle('postVars', XenForo_Input::JSON_ARRAY);
return $this->completeLogin($userId, $redirect, $postVars);
}
}
/**
* @see XenForo_ControllerPublic_Account::actionPrivacy()
*
* @return XenForo_ControllerResponse_View
*/
public function actionPrivacy()
{
$response = parent::actionPrivacy();
if ($response instanceof XenForo_ControllerResponse_View) {
$visitor = XenForo_Visitor::getInstance()->toArray();
if (XenForo_Permission::hasPermission($visitor['permissions'], 'general', 'editVisibility')) {
$response->subView->params['canEditVisibility'] = true;
} else {
$response->subView->params['canEditVisibility'] = false;
}
}
return $response;
}
public function getPostAsDifferentUsers(array $conditions = array(), array $viewingUser = null)
{
$this->standardizeViewingUserReference($viewingUser);
$users = array();
if ($viewingUser['user_id'] && XenForo_Permission::hasPermission($viewingUser['permissions'], 'general', 'postAsDifferentUser')) {
$userGroupIds = array_keys(XenForo_Application::get('options')->th_postAsUser_userGroups);
if (!empty($userGroupIds)) {
$users = $this->getUsersByUserGroupIds($userGroupIds, $conditions);
unset($users[XenForo_Visitor::getUserId()]);
}
}
return $users;
}