// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Pipecode. If not, see <http://www.gnu.org/licenses/>.
//
include "feed.php";
if ($zid != $auth_zid) {
die("not your page");
}
$col = http_get_int("col");
if ($col < 0 || $col > 2) {
die("invalid col [{$col}]");
}
if (http_post()) {
$fid = http_post_int("fid", array("required" => false));
$uri = http_post_string("uri", array("required" => false, "len" => 100, "valid" => "[a-z][A-Z][0-9]~@#\$%&()-_=+[];:,./?"));
if ($fid == 0) {
if ($uri == "") {
die("no feed uri given");
}
$fid = add_feed($uri);
}
if (!db_has_rec("feed", $fid)) {
die("fid not found [{$fid}]");
}
if (db_has_rec("feed_user", array("zid" => $auth_zid, "fid" => $fid))) {
die("feed [{$fid}] is already on your page");
}
$row = run_sql("select max(pos) as max_pos from feed_user where zid = ? and col = ?", array($auth_zid, $col));
$pos = $row[0]["max_pos"] + 1;
writeln(' <td>Captcha</td>');
writeln(' <td><table><tr><td>' . $question . '</td><td><input name="answer" type="text" style="margin-left: 8px; width: 100px"/></td></tr></table></td>');
writeln(' <td class="right"><input type="submit" value="Submit"/> <input name="preview" type="submit" value="Preview"/></td>');
writeln(' </tr>');
writeln('</table>');
writeln('</div>');
writeln('</form>');
writeln('</td>');
writeln('</tr>');
writeln('</table>');
print_footer();
}
if (http_post()) {
$title = http_post_string("title", array("len" => 100, "valid" => "[a-z][A-Z][0-9]`~!@#\$%^&*()_+-={}|[]\\:\";',./? "));
$body = http_post_string("story", array("len" => 64000, "valid" => "[ALL]"));
$tid = http_post_int("tid");
$answer = http_post_string("answer", array("required" => false));
$time = time();
if (!captcha_verify($answer)) {
die("captcha failed");
}
$topic = db_get_rec("topic", $tid);
$title = clean_entities($title);
$new_body = str_replace("\n", "<br>", $body);
$new_body = clean_html($new_body);
if (http_post("preview")) {
print_submit_box($title, $body, $new_body, $tid, true);
die;
}
$pipe = array();
$pipe["pid"] = 0;
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Pipecode. If not, see <http://www.gnu.org/licenses/>.
//
include "render.php";
$cid = (int) $s2;
if (!http_post()) {
die("error: post method required");
}
if ($auth_zid == "") {
die("error: sign in to moderate");
}
if (!db_has_rec("comment", $cid)) {
die("error: comment not found [{$cid}]");
}
if (db_has_rec("comment_vote", array("cid" => $cid, "zid" => $auth_zid))) {
db_del_rec("comment_vote", array("cid" => $cid, "zid" => $auth_zid));
}
$rid = http_post_int("rid");
if ($rid > 0 && $rid <= 10) {
$comment_vote = array();
$comment_vote["cid"] = $cid;
$comment_vote["zid"] = $auth_zid;
$comment_vote["rid"] = $rid;
$comment_vote["time"] = time();
db_set_rec("comment_vote", $comment_vote);
}
$score = get_comment_score($cid);
writeln("{$cid} {$score}");
}
if (!http_post()) {
die("error: post method required");
}
if (!db_has_rec("pipe", $pid)) {
die("error: pipe not found [{$pid}]");
}
//var_dump($_POST);
//if (!empty(@$_POST["up_x"]) || !empty(@$_POST["down_x"])) {
if (array_key_exists("up_x", $_POST) || array_key_exists("down_x", $_POST) || array_key_exists("undo_x", $_POST)) {
$redirect = true;
$up = array_key_exists("up_x", $_POST);
//die("up");
} else {
$redirect = false;
$up = http_post_int("up");
}
//die("here");
if (db_has_rec("pipe_vote", array("pid" => $pid, "zid" => $auth_zid))) {
//$pipe_vote = db_get_rec("pipe_vote", array("pid" => $pid, "zid" => $auth_zid));
//$value = $pipe_vote["value"];
db_del_rec("pipe_vote", array("pid" => $pid, "zid" => $auth_zid));
$result = "undone";
} else {
if ($up) {
$result = "up";
} else {
$result = "down";
}
$pipe_vote = array();
$pipe_vote["pid"] = $pid;
include "poll.php";
$qid = (int) $s2;
$poll_question = db_get_rec("poll_question", $qid);
$clean = clean_url($poll_question["question"]);
$type_id = $poll_question["type_id"];
if (http_post()) {
if ($auth_zid == "") {
print_header("Login to Vote");
writeln('<h1>Login to Vote</h1>');
writeln('<p><a href="/sign_in">Sign In</a></p>');
writeln('<p><a href="/sign_up">Sign Up</a></p>');
print_footer();
die;
}
if ($type_id == 1) {
$aid = http_post_int("aid");
$poll_answer = db_get_rec("poll_answer", $aid);
if ($qid != $poll_answer["qid"]) {
die("answer [{$aid}] not on question [{$qid}]");
}
} else {
if ($type_id == 2) {
$aids = @$_POST["aid"];
for ($i = 0; $i < count($aids); $i++) {
if (!string_uses($aids[$i], "[0-9]")) {
die("invalid aid [" . $aids[$i] . "]");
}
$poll_answer = db_get_rec("poll_answer", $aids[$i]);
if ($qid != $poll_answer["qid"]) {
die("answer [" . $aids[$i] . "] not on question [{$qid}]");
}