qa_fatal_error('User accounts are handled by external code'); } // $handle, $userhtml are already set by qa-page-user.php $start = qa_get_start(); // Find the questions for this user list($useraccount, $usermessages) = qa_db_select_with_pending(qa_db_user_account_selectspec($handle, false), qa_db_recent_messages_selectspec(null, null, $handle, false, qa_opt_if_loaded('page_size_wall'), $start)); if (!is_array($useraccount)) { // check the user exists return include QA_INCLUDE_DIR . 'qa-page-not-found.php'; } // Perform pagination $pagesize = qa_opt('page_size_wall'); $count = $useraccount['wallposts']; $loginuserid = qa_get_logged_in_userid(); $usermessages = array_slice($usermessages, 0, $pagesize); $usermessages = qa_wall_posts_add_rules($usermessages, $start); // Process deleting or adding a wall post (similar but not identical code to qq-page-user-profile.php) $errors = array(); $wallposterrorhtml = qa_wall_error_html($loginuserid, $useraccount['userid'], $useraccount['flags']); foreach ($usermessages as $message) { if ($message['deleteable'] && qa_clicked('m' . $message['messageid'] . '_dodelete')) { if (!qa_check_form_security_code('wall-' . $useraccount['handle'], qa_post_text('code'))) { $errors['page'] = qa_lang_html('misc/form_security_again'); } else { qa_wall_delete_post($loginuserid, qa_get_logged_in_handle(), qa_cookie_get(), $message); qa_redirect(qa_request(), $_GET); } } } if (qa_clicked('dowallpost')) { $inmessage = qa_post_text('message');
require_once QA_INCLUDE_DIR . 'app/users.php'; require_once QA_INCLUDE_DIR . 'app/cookies.php'; require_once QA_INCLUDE_DIR . 'db/selects.php'; $message = qa_post_text('message'); $tohandle = qa_post_text('handle'); $morelink = qa_post_text('morelink'); $touseraccount = qa_db_select_with_pending(qa_db_user_account_selectspec($tohandle, false)); $loginuserid = qa_get_logged_in_userid(); $errorhtml = qa_wall_error_html($loginuserid, $touseraccount['userid'], $touseraccount['flags']); if ($errorhtml || !strlen($message) || !qa_check_form_security_code('wall-' . $tohandle, qa_post_text('code'))) { echo "QA_AJAX_RESPONSE\n0"; } else { $messageid = qa_wall_add_post($loginuserid, qa_get_logged_in_handle(), qa_cookie_get(), $touseraccount['userid'], $touseraccount['handle'], $message, ''); $touseraccount['wallposts']++; // won't have been updated $usermessages = qa_db_select_with_pending(qa_db_recent_messages_selectspec(null, null, $touseraccount['userid'], true, qa_opt('page_size_wall'))); $usermessages = qa_wall_posts_add_rules($usermessages, 0); $themeclass = qa_load_theme_class(qa_get_site_theme(), 'wall', null, null); echo "QA_AJAX_RESPONSE\n1\n"; echo 'm' . $messageid . "\n"; // element in list to be revealed foreach ($usermessages as $message) { $themeclass->message_item(qa_wall_post_view($message)); } if ($morelink && $touseraccount['wallposts'] > count($usermessages)) { $themeclass->message_item(qa_wall_view_more_link($tohandle, count($usermessages))); } } /* Omit PHP closing tag to help avoid accidental output */
} if ($loginlevel >= QA_USER_LEVEL_ADMIN) { $fieldseditable = true; } if (isset($maxlevelassign) && $useraccount['flags'] & QA_USER_FLAGS_USER_BLOCKED) { $maxlevelassign = min($maxlevelassign, QA_USER_LEVEL_EDITOR); } // if blocked, can't promote too high } $approvebutton = isset($maxlevelassign) && $useraccount['level'] < QA_USER_LEVEL_APPROVED && $maxlevelassign >= QA_USER_LEVEL_APPROVED && !($useraccount['flags'] & QA_USER_FLAGS_USER_BLOCKED) && qa_opt('moderate_users'); $usereditbutton = $fieldseditable || isset($maxlevelassign); $userediting = $usereditbutton && qa_get_state() == 'edit'; $wallposterrorhtml = qa_wall_error_html($loginuserid, $useraccount['userid'], $useraccount['flags']); // This code is similar but not identical to that in to qq-page-user-wall.php $usermessages = array_slice($usermessages, 0, qa_opt('page_size_wall')); $usermessages = qa_wall_posts_add_rules($usermessages, 0, $loginuserid); foreach ($usermessages as $message) { if ($message['deleteable'] && qa_clicked('m' . $message['messageid'] . '_dodelete')) { if (!qa_check_form_security_code('wall-' . $useraccount['handle'], qa_post_text('code'))) { $errors['page'] = qa_lang_html('misc/form_security_again'); } else { qa_wall_delete_post($loginuserid, qa_get_logged_in_handle(), qa_cookie_get(), $message); qa_redirect(qa_request(), null, null, null, 'wall'); } } } } // Process edit or save button for user, and other actions if (!QA_FINAL_EXTERNAL_USERS) { $reloaduser = false; if ($usereditbutton) {