/** * Validate the class instance. * This overrides the default invocation to provide additional rules after the controller is setup. * * @return void */ public function validate() { $board = $this->board; $user = $this->user; if (is_null($board) || is_null($user)) { return parent::validate(); } $validator = $this->getValidatorInstance(); $messages = $validator->errors(); // Check global flood. $lastPost = Post::where('author_ip', inet_pton($this->ip()))->where('created_at', '>', \Carbon\Carbon::now()->subSeconds(30))->op()->first(); if ($lastPost instanceof Post) { $timeDiff = 30 - $lastPost->created_at->diffInSeconds(); $messages = $validator->errors(); $messages->add("flood", trans_choice("validation.custom.thread_flood", $timeDiff, ['time_left' => $timeDiff])); $this->failedValidation($validator); return; } // Ban check. $ban = Ban::getBan($this->ip(), $board->board_uri); if ($ban) { $messages = $validator->errors(); $messages->add("body", trans("validation.custom.banned")); $this->ban = $ban; $this->failedValidation($validator); return; } // Board-level setting validaiton. $validator->sometimes('captcha', "required|captcha", function ($input) use($board) { return !$board->canPostWithoutCaptcha($this->user); }); if (!$validator->passes()) { $this->failedValidation($validator); } else { if (!$this->user->canAdminConfig() && $board->canPostWithoutCaptcha($this->user)) { // Check last post time for flood. $floodTime = site_setting('postFloodTime'); if ($floodTime > 0) { $lastPost = Post::getLastPostForIP(); if ($lastPost) { $floodTimer = clone $lastPost->created_at; $floodTimer->addSeconds($floodTime); if ($floodTimer->isFuture()) { $messages->add("body", trans("validation.custom.post_flood", ['time_left' => $floodTimer->diffInSeconds()])); } } } } // Validate individual files. $input = $this->all(); // Process uploads. if (isset($input['files'])) { $uploads = $input['files']; if (count($uploads) > 0) { foreach ($uploads as $uploadIndex => $upload) { // If a file is uploaded that has a specific filename, it breaks the process. if (method_exists($upload, "getPathname") && !file_exists($upload->getPathname())) { $messages->add("files.{$uploadIndex}", trans("validation.custom.file_corrupt", ["filename" => $upload->getClientOriginalName()])); } } } } } if (count($validator->errors())) { $this->failedValidation($validator); } }
/** * Returns if the client has access to this form. * * @return boolean */ public function authorize() { // Ban check. $ban = Ban::getBan($this->ip(), $this->board->board_uri); if ($ban) { $this->ban = $ban; return false; } // Locked thread check. if ($this->thread instanceof Post && $this->thread->isLocked() && !$this->user->canPostInLockedThreads($this->board)) { return false; } ## TODO ## // Separate these permsisions. return $this->user->canPostThread() || $this->user->canPostReply(); }
/** * Returns if the client has access to this form. * * @return boolean */ public function authorize() { // Ban check. $ban = Ban::getBan($this->ip(), $this->board->board_uri); if ($ban) { $this->ban = $ban; return false; } ## TODO ## // Separate these permsisions. return $this->user->canPostThread() || $this->user->canPostReply(); }
/** * Returns if the client has access to this form. * * @return boolean */ public function authorize() { // Ban check. $ban = Ban::getBan($this->ip(), $this->board->board_uri); if ($ban) { $this->ban = $ban; return false; } return $this->board->canPost($this->user, $this->thread); }