private function sanitize()
{
if (false === ($this->user = GWF_User::getByID(Common::getGet('uid')))) {
return GWF_HTML::err('ERR_UNKNOWN_USER');
}
return false;
}
public function execute()
{
if (false === ($user = GWF_User::getByID(Common::getGet('userid')))) {
return GWF_HTML::err('ERR_UNKNOWN_USER');
}
$tmpfile = GWF_PATH . 'extra/temp/gpg/' . $user->getVar('user_id');
if (!is_file($tmpfile) || !is_readable($tmpfile)) {
return GWF_HTML::err('ERR_FILE_NOT_FOUND', array($tmpfile));
}
if (false === ($file_content = file_get_contents($tmpfile))) {
return GWF_HTML::err('ERR_FILE_NOT_FOUND', array($tmpfile));
}
if (false === unlink($tmpfile)) {
return GWF_HTML::err('ERR_WRITE_FILE', array($tmpfile));
}
if (false === ($fingerprint = GWF_PublicKey::grabFingerprint($file_content))) {
return $this->module->error('err_gpg_key');
}
if (Common::getGet('token') !== $fingerprint) {
return $this->module->error('err_gpg_token');
}
if (false === GWF_PublicKey::updateKey($user->getID(), $file_content)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
if (false === $user->saveOption(GWF_User::EMAIL_GPG, true)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
return $this->module->message('msg_setup_gpg');
}
public static function insertEntry(GWF_User $user, WC_Site $site, $onsitescore, $comment)
{
$user = GWF_User::getByID($user->getID());
$max = $site->getOnsiteScore();
$perc = $max <= 0 ? 0 : round($onsitescore / $max * 10000);
$entry = new self(array('userhist_uid' => $user->getVar('user_id'), 'userhist_date' => time(), 'userhist_sid' => $site->getVar('site_id'), 'userhist_percent' => $perc, 'userhist_onsitescore' => $onsitescore, 'userhist_rank' => WC_RegAt::calcRank($user), 'userhist_totalscore' => $user->getVar('user_level'), 'userhist_comment' => $comment));
if (WECHALL_DEBUG_SCORING) {
echo WC_HTML::message('Inserting User History entry...');
}
return $entry->insert();
}
private function onShowAvatar($userid)
{
if (false === ($user = GWF_User::getByID($userid))) {
return GWF_HTML::err('ERR_UNKNOWN_USER');
}
if (false === GWF_AvatarGallery::onViewed($user)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
GWF_Website::redirect(GWF_WEB_ROOT . 'profile/' . $user->urlencode('user_name'));
return "Redirecting...";
}
private function onMailTicket(GWF_HelpdeskTicket $ticket, GWF_HelpdeskMsg $message)
{
$admin = GWF_Group::ADMIN;
$staff = GWF_Group::STAFF;
$staff = GDO::table('GWF_UserGroup')->selectColumn('DISTINCT(ug_userid)', "group_name='{$admin}' OR group_name='{$staff}'", '', array('group'));
foreach ($staff as $userid) {
if (false !== ($user = GWF_User::getByID($userid))) {
$this->onMailTicketB($ticket, $message, $user);
}
}
}
public function execute()
{
if (false === ($user = GWF_User::getByID(intval(Common::getGet('uid', '0'))))) {
return GWF_HTML::err('ERR_UNKNOWN_USER');
}
$user->loadGroups();
if (false !== Common::getPost('add_to_group')) {
return $this->onAddToGroup($user) . $this->showGroups($user);
}
return $this->showGroups($user);
}
private function onDelete($id, $token, $uid)
{
if (false === ($pm = GWF_PM::getByID($id))) {
return $this->module->error('err_pm');
}
if ($token != $pm->getHashcode()) {
echo $pm->getHashcode();
return $this->module->error('err_pm');
}
if (false === ($user = GWF_User::getByID($uid))) {
return GWF_HTML::err('ERR_UNKNOWN_USER');
}
if (false === $pm->markDeleted($user)) {
return $this->module->error('err_del_twice');
}
return $this->module->message('msg_deleted', array('1'));
}
public function execute()
{
if (false === ($ticket = GWF_HelpdeskTicket::getByID(Common::getGetString('ticket')))) {
return $this->module->error('err_ticket');
}
if (false === ($user = GWF_User::getByID(Common::getGetString('worker')))) {
return GWF_HTML::err('ERR_UNKNOWN_USER');
}
$user->loadGroups();
if (!$user->isAdmin() && !$user->isStaff()) {
return GWF_HTML::err('ERR_NO_PERMISSION');
}
if (!$ticket->isOpen()) {
return $this->module->error('err_not_open');
}
if ($ticket->getHashcode() !== Common::getGetString('token')) {
return $this->module->error('err_token');
}
return $this->onAssign($ticket, $user);
}
private function acceptByToken($token)
{
$uid = (int) Common::getGet('uid');
$gid = (int) Common::getGet('gid');
if (false === ($group = GWF_Group::getByID($gid))) {
return GWF_HTML::err('ERR_UNKNOWN_GROUP');
}
if (false === ($request = GWF_UsergroupsInvite::getRequestRow($uid, $gid))) {
return GWF_HTML::err('ERR_NO_PERMISSION');
}
if (false === ($user = GWF_User::getByID($uid))) {
return GWF_HTML::err('ERR_UNKNOWN_USER');
}
if ($token !== $request->getHashcode()) {
return GWF_HTML::err('ERR_GENERAL', array(__FILE__, __LINE__));
}
if (false === GWF_UserGroup::addToGroup($uid, $gid)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
return $this->module->message('msg_joined', array($group->getName()));
}
private function onChange($token)
{
$userid = (int) Common::getGet('userid');
if (false === ($ac = GWF_AccountChange::checkToken($userid, $token, 'demo'))) {
return $this->module->error('err_token');
}
if (false === ($user = GWF_User::getByID($userid))) {
return GWF_HTML::err('ERR_UNKNOWN_USER');
}
if (false === ($data = @unserialize($ac->getVar('data')))) {
return GWF_HTML::err('ERR_GENERAL', array(__FILE__, __LINE__));
}
if (false === $user->saveVars($data)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
if (false === $ac->delete()) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
GWF_AccountChange::createToken($userid, 'demo_lock');
return $this->module->message('msg_demo_changed');
}
private function onSendB($email, $message)
{
$admin = GWF_Group::ADMIN;
if (false === ($adminids = GDO::table('GWF_UserGroup')->selectColumn('ug_userid', "group_name='{$admin}'", '', array('group')))) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
$send_to = array();
foreach ($adminids as $userid) {
if (false === ($user = GWF_User::getByID($userid))) {
continue;
}
if (false === $user->hasValidMail()) {
continue;
}
if (false === $this->onSendC($email, $message, $user)) {
continue;
}
$send_to[] = $user->displayUsername();
}
return $send_to === '' ? GWF_HTML::err('ERR_MAIL_SENT') : $this->module->message('msg_mailed', array(GWF_Array::implodeHuman($send_to)));
}
public function templateOutput($date, $amt)
{
require_once GWF_CORE_PATH . 'module/WeChall/WC_ChallSolved.php';
$table = GDO::table('WC_ChallSolved');
if (false === ($result = $table->selectAll('*', "csolve_date>='{$date}'", 'csolve_date DESC', NULL, $amt))) {
return '';
}
$back = '';
foreach ($result as $row) {
if (false === ($user = GWF_User::getByID($row['csolve_uid']))) {
continue;
}
if (false === ($chall = WC_Challenge::getByID($row['csolve_cid']))) {
continue;
}
$row['username'] = $user->getVar('user_name');
$row['challname'] = $chall->getVar('chall_title');
$row['solvecount'] = $chall->getVar('chall_solvecount');
$row['curl'] = $chall->getVar('chall_url');
$row = array_map(array(__CLASS__, 'escapeCSV'), $row);
$back .= implode('::', $row) . PHP_EOL;
}
return $back;
}
public static function newNews($date, $catid, $userid, $langid, $title, $message, $fake = false, $options = 0)
{
$news = new GWF_News(array('news_date' => $date, 'news_catid' => $catid, 'news_userid' => $userid, 'news_readby' => ':', 'news_options' => $options));
if ($fake === false) {
if (false === $news->insert()) {
return false;
}
} else {
$news->setVar('news_id', '0');
}
$transdata = array('newst_langid' => $langid, 'newst_newsid' => $news->getID(), 'newst_title' => $title, 'newst_message' => $message, 'newst_options' => '0', 'newst_threadid' => '0');
if ($fake === false) {
$trans = new GWF_NewsTranslation($transdata);
if (false === $trans->insert()) {
return false;
}
} else {
// $news->setVar('news_trans', array($langid=>$transdata));
$news->setVar('news_userid', GWF_User::getByID($userid));
$news->translations = array($transdata);
}
return $news;
}
public function onRemFromGroup($uid)
{
$uid = (int) $uid;
$gid = $this->group->getID();
if (false === GDO::table('GWF_UserGroup')->deleteWhere("ug_userid={$uid} AND ug_groupid={$gid}")) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
if (false === GWF_UserGroup::fixGroupMC()) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
return $this->module->message('msg_removed_from_grp', array(GWF_User::getByID($uid)->displayUsername(), $this->group->display('group_name')));
}
private function onUnFreeze($data)
{
if (false !== ($err = GWF_Form::validateCSRF_WeakS())) {
return GWF_HTML::error('WeChall', $err);
}
if (!is_array($data)) {
return GWF_HTML::err('ERR_GENERAL', array(__FILE__, __LINE__));
}
foreach ($data as $key => $value) {
break;
}
$data = explode(',', $key);
if (count($data) !== 2) {
return GWF_HTML::err('ERR_GENERAL', array(__FILE__, __LINE__));
}
$userid = intval($data[0]);
$siteid = intval($data[1]);
if (false === ($user = GWF_User::getByID($userid))) {
return GWF_HTML::err('ERR_UNKNOWN_USER');
}
if (false === ($site = WC_Site::getByID($siteid))) {
return $this->module->error('err_site');
}
if (WC_Freeze::isUserFrozenOnSite($userid, $siteid)) {
# Unfreeze
if (false === WC_Freeze::unfreezeUser($userid, $siteid)) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
# Insert event.
$rank = WC_RegAt::calcExactRank($user);
WC_HistoryUser2::insertEntry($user, $site, 'unban');
}
# Done
return $this->module->message('msg_unfrozen', array($user->displayUsername(), $site->displayName()));
}
/**
* Validate external token.
* @param string $token
* @return boolean
*/
private function checkExternalToken($token)
{
if (false === ($this->user = GWF_User::getByID(Common::getGet('uid')))) {
return false;
}
if (false === ($options = GWF_ForumOptions::getUserOptions($this->user))) {
return false;
}
if ($token !== $options->getToken()) {
return false;
}
return true;
}
private function onUnLinkSite($array)
{
if (false !== ($error = GWF_Form::validateCSRF_WeakS())) {
return GWF_HTML::error('WeChall', $error);
}
if (!is_array($array)) {
return '';
}
// TODO: Replace with appropiate PHP function
foreach ($array as $siteid => $stub) {
break;
}
if (false === ($site = WC_Site::getByID($siteid))) {
return $this->module->error('err_site');
}
$user = GWF_Session::getUser();
$userid = GWF_Session::getUserID();
$old_totalscore = $user->getVar('user_level');
if (WC_Freeze::isUserFrozen($userid)) {
return $this->module->error('err_frozen');
}
if (false === ($regat = WC_RegAt::getRegatRow($userid, $site->getID()))) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
if (false === WC_RegAt::unlink($userid, $site->getID())) {
return GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__));
}
$site->increase('site_linkcount', -1);
WC_RegAt::calcTotalscores();
# (GWF_Session::getUser());
$user = GWF_User::getByID($userid);
$new_totalscore = $user->getVar('user_level');
require_once GWF_CORE_PATH . 'module/WeChall/WC_HistoryUser2.php';
WC_HistoryUser2::insertEntry($user, $site, 'unlink', 0, $regat->getOnsiteScore(), $new_totalscore - $old_totalscore);
return $this->module->message('msg_site_unlinked', array($site->displayName()));
}
public function cfgBotUser()
{
return GWF_User::getByID($this->cfgBotUserID());
}
private function sendModMail($userid, GWF_Page $page)
{
if (false === ($user = GWF_User::getByID($userid))) {
return false;
}
if ('' === ($email = $user->getValidMail())) {
return false;
}
$mail = new GWF_Mail();
$mail->setSender(GWF_BOT_EMAIL);
$mail->setReceiver($email);
$mail->setSubject($this->module->lang('subj_mod'));
# Collect data
$token = $page->getHashcode();
$pid = $page->getID();
$href_enable = Common::getAbsoluteURL(sprintf('index.php?mo=PageBuilder&me=Moderate&token=%s&pageid=%s&action=unlock', $token, $pid));
$href_delete = Common::getAbsoluteURL(sprintf('index.php?mo=PageBuilder&me=Moderate&token=%s&pageid=%s&action=delete', $token, $pid));
$mail->setBody($this->module->lang('body_mod', array($user->displayUsername(), $page->display('page_author_name'), $page->display('page_url'), $page->display('page_title'), $page->display('page_meta_tags'), $page->display('page_meta_desc'), $page->display('page_inline_css'), $page->display('page_content'), GWF_HTML::anchor($href_enable, $href_enable), GWF_HTML::anchor($href_delete, $href_delete))));
return $mail->sendToUser($user);
}
/**
* @return GWF_User
*/
public function getUser()
{
return GWF_User::getByID($this->getUserID());
}
private static function createSpider($spiderid)
{
$table = self::table(__CLASS__);
if (false === ($session = $table->getBy('sess_sid', $spiderid, GDO::ARRAY_O, array('user')))) {
$session = new self(array('sess_id' => 0, 'sess_sid' => $spiderid, 'sess_user' => $spiderid, 'sess_data' => '', 'sess_time' => time(), 'sess_ip' => NULL, 'sess_lasturl' => ''));
if (false === $session->insert()) {
return false;
}
}
$spider = GWF_User::getByID($spiderid);
// $session->setVar('sess_user', $spider);
self::$USER = $spider;
self::$SESSION = $session;
self::$SESSDATA = array();
// self::setCookies($session->getVar('sess_id'), $spiderid, $spiderid);
return true;
}
private function onSendCommentedMail($user, GWF_Comment $comment)
{
foreach ($this->getStaffIDs() as $admin_id) {
if (false !== ($admin = GWF_User::getByID($admin_id))) {
$this->onSendCommentedMailB($user, $comment, $admin);
}
}
return $this->module->message('msg_commented');
}
private static function sendEmailB(Module_Account $module, $userid, $email)
{
$token = GWF_AccountChange::createToken($userid, 'email2', $email);
$mail = new GWF_Mail();
$mail->setSender($module->cfgMailSender());
$mail->setReceiver($email);
$mail->setSubject($module->lang('chmailb_subj'));
if (false === ($user = GWF_User::getByID($userid))) {
return GWF_HTML::err('ERR_UNKNOWN_USER');
}
$link = self::getLinkB($token, $userid);
$body = $module->lang('chmailb_body', array($user->display('user_name'), $link));
$mail->setBody($body);
if (!$mail->sendToUser($user)) {
return GWF_HTML::err('ERR_MAIL_SENT');
}
return $module->message('msg_mail_sent', array(htmlspecialchars($email)));
}
/**
* @return GWF_User
*/
public function getOwner()
{
return GWF_User::getByID($this->getVar('pm_owner'));
}
public static function insertEntry(GWF_User $user, WC_Site $site, $type, $onsitescore_new = 0, $onsitescore_old = 0, $scoregain = 0, $onsiterank = 0)
{
$uid = $user->getID();
$user = GWF_User::getByID($uid);
$max = $site->getOnsiteScore();
$perc_new = $max <= 0 ? 0 : round($onsitescore_new / $max * 10000);
$perc_old = $max <= 0 ? 0 : round($onsitescore_old / $max * 10000);
$perc_gain = $perc_new - $perc_old;
$options = 0;
$data = $user->getUserData();
if (isset($data['WC_NO_XSS'])) {
$options |= self::NO_XSS;
}
$entry = new self(array('userhist_uid' => $uid, 'userhist_date' => time(), 'userhist_sid' => $site->getID(), 'userhist_percent' => $perc_new, 'userhist_onsitescore' => $onsitescore_new, 'userhist_rank' => WC_RegAt::calcExactRank($user), 'userhist_totalscore' => $user->getVar('user_level'), 'userhist_gain_perc' => $perc_gain, 'userhist_gain_score' => $scoregain, 'userhist_type' => $type, 'userhist_onsiterank' => $onsiterank, 'userhist_options' => $options));
if (WECHALL_DEBUG_SCORING) {
echo WC_HTML::message('Inserting User History entry...');
}
return $entry->insert();
}
private static function sendModMail(Module_Forum $module, $boardtxt, $threadtxt, $usertxt, $title, $message, $addtxt, $remtxt)
{
if ($usertxt === '') {
$usertxt = GWF_HTML::lang('guest');
}
$addtxt = GWF_HTML::anchor($addtxt, $addtxt);
$remtxt = GWF_HTML::anchor($remtxt, $remtxt);
// $showtime = GWF_Time::humanDuration($module->getModerationTime());
$showtime = GWF_HTML::langAdmin('never');
if (false === ($admin_ids = GDO::table('GWF_UserGroup')->selectColumn('ug_userid', "group_name='admin'", '', array('group')))) {
return false;
}
foreach ($admin_ids as $userid) {
if (false === ($admin = GWF_User::getByID($userid))) {
continue;
}
if ('' === ($rec = $admin->getValidMail())) {
continue;
}
$mail = new GWF_Mail();
$mail->setSender($module->getModerationSender());
$mail->setReceiver($rec);
$mail->setSubject($module->langUser($admin, 'modmail_subj'));
$mail->setBody($module->langUser($admin, 'modmail_body', array($boardtxt, $threadtxt, $usertxt, $title, $message, $remtxt, $addtxt, $showtime)));
$mail->sendToUser($admin);
}
return true;
}
public static function validateUserID($arg, $allow_zero = false, $key = 'userid', $unset = false)
{
if ($allow_zero && $arg == 0) {
return false;
}
if (false !== ($user = GWF_User::getByID($arg))) {
return false;
}
if ($unset) {
unset($_POST[$key]);
}
return GWF_HTML::err('ERR_UNKNOWN_USER');
}
/**
* Get a user for an exact site rank.
* @param int $siteid
* @param int $rank
* @return GWF_User
*/
public static function getUserBySiteRank($siteid, $rank)
{
$siteid = (int) $siteid;
if (0 >= ($rank = (int) $rank)) {
return false;
}
$table = GDO::table('WC_RegAt');
if (false === ($regats = $table->selectObjects('*', "regat_sid={$siteid} AND regat_options&4=0", 'regat_solved DESC, regat_uid ASC', 1, $rank - 1))) {
return false;
}
if (count($regats) === 1) {
$regat = $regats[0];
return GWF_User::getByID($regat->getVar('regat_uid'));
} else {
return false;
}
}
/**
* Get the creator of this ticket.
* @return GWF_User
*/
public function getCreator()
{
return GWF_User::getByID($this->getVar('hdt_uid'));
}
/**
* @return GWF_User
*/
public function getUser()
{
return GWF_User::getByID($this->getVar('nl_userid'));
}
