/** * Adds a topic to a user's list of email subscriptions and then does a * redirect to the previous page. * this function is called from teh * @param \tx_mmforum_base $forumObj The plugin object * @return string An error message in case the redirect attempt to * the previous page fails. */ static function set(tx_mmforum_base $forumObj) { tx_mmforum_havealook::addSubscription($forumObj, $forumObj->piVars['tid'], $GLOBALS['TSFE']->fe_user->user['uid']); // Redirecting visitor back to previous page $forumObj->redirectToReferrer(); return $forumObj->pi_getLL('subscr.addSuccess') . '<br/>' . $forumObj->pi_getLL('redirect.error') . '<br />'; }
/** * * Creates a new post. * This function creates a new post. Also automatically updates all database counters. * * @author Martin Helmich * @version 2007-07-23 * @param int $topicId The UID of the topic the new post is to be created in * @param int $author The UID of the fe_user creating this post * @param string $text The post's text * @param int $date The date of post creation as unix timestamp * @param string $ip The post author's IP address * @param array $attachments An array of attachments that are to be attached * to this post. * @param boolean $noUpdate Set to TRUE in order to prevent the database counters from * being updated directly after creating this post. Instead, * the elements to be updated will be stored in an "update queue" * and will be updated after all posts/topics have been created. * This minimizes database load. * @param boolean $subscribe * @return int/boolean If post creation was successfull, the post's UID is returned, * otherwise FALSE. */ function create_post($topicId, $author, $text, $date, $ip, $attachments = array(), $noUpdate = false, $subscribe = FALSE) { $author = intval($author); // Retrieve forum uid $forumId = $this->getForumUIDByTopic($topicId); if ($forumId === false) { return false; } // Generate post record $insertArray = array('pid' => $this->getFirstPid(), 'tstamp' => $GLOBALS['EXEC_TIME'], 'crdate' => $GLOBALS['EXEC_TIME'], 'topic_id' => $topicId, 'forum_id' => $forumId, 'poster_id' => $author, 'post_time' => $date, 'poster_ip' => $ip, 'attachment' => is_array($attachments) ? implode(',', $attachments) : ''); // Include hooks if (is_array($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['mm_forum']['postfactory']['insertPost'])) { foreach ($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['mm_forum']['postfactory']['insertPost'] as $_classRef) { $_procObj =& GeneralUtility::getUserObj($_classRef); $insertArray = $_procObj->processPostInsertArray($insertArray, $this); } } // Insert post record if (!$this->databaseHandle->exec_INSERTquery('tx_mmforum_posts', $insertArray)) { return false; } // Retrieve post uid $postId = $this->databaseHandle->sql_insert_id(); // Update attachment record if (is_array($attachments) && count($attachments)) { $this->databaseHandle->exec_UPDATEquery('tx_mmforum_attachments', 'uid IN (' . implode(',', $attachments) . ')', array('post_id' => $postId)); } // Generate post text record $insertArray = array('pid' => $this->getFirstPid(), 'tstamp' => $GLOBALS['EXEC_TIME'], 'crdate' => $GLOBALS['EXEC_TIME'], 'post_id' => $postId, 'post_text' => $text, 'cache_text' => $text); // Include hooks if (is_array($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['mm_forum']['postfactory']['insertPostText'])) { foreach ($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['mm_forum']['postfactory']['insertPostText'] as $_classRef) { $_procObj =& GeneralUtility::getUserObj($_classRef); $insertArray = $_procObj->processPostTextInsertArray($insertArray, $this); } } // Insert post text record if (!$this->databaseHandle->exec_INSERTquery('tx_mmforum_posts_text', $insertArray)) { $this->databaseHandle->exec_DELETEquery('tx_mmforum_posts', 'uid = ' . $postId); return false; } // Clear topic for indexing if (class_exists('tx_mmforum_indexing')) { tx_mmforum_indexing::delete_topic_ind_date($topicId); } // Send notification email to users who have subscribed this topic if ($this->parent != null) { // Subscribe to the topic if ($subscribe) { $this->tx_mmforum_havealook->addSubscription($this->parent, $topicId, $author); } $this->tx_mmforum_havealook->notifyTopicSubscribers($topicId, $this->parent); } // Set topic for all users to "not read" $this->databaseHandle->exec_DELETEquery('tx_mmforum_postsread', 'topic_id = ' . $topicId); // Update topic and forum post counters if (!$noUpdate) { $this->updateTopicPostCount($topicId); $this->updateForumPostCount($forumId); $this->updateUserPostCount($author); } else { $this->updateQueue_addTopic($topicId); $this->updateQueue_addForum($forumId); $this->updateQueue_addUser($author); } return $postId; }
/** * Displays the form for creating a new post an answer to an existing topic. * @param string $content The plugin content * @param array $conf The plugin's configuration vars * @return string The content */ function new_post($content, $conf) { $loginUser = $GLOBALS['TSFE']->loginUser; $topicId = intval($this->piVars['tid']); $topicData = $this->getTopicData($topicId); $forumId = $topicData['forum_id']; if ($loginUser && $this->get_topic_is($topicId) == 0 || $loginUser && $this->getIsModOrAdmin($forumId)) { if (!$this->getMayWrite_topic($topicId)) { return $content . $this->errorMessage($conf, $this->pi_getLL('newTopic.noAccess')); } if ($this->piVars['button'] == $this->pi_getLL('newPost.save')) { if (!$this->piVars['message']) { $content .= $this->errorMessage($this->conf, $this->pi_getLL('newTopic.noText')); unset($this->piVars['button']); return $this->new_post($content, $conf); } //Check CSRF Attacks if ($GLOBALS["TSFE"]->fe_user->getKey('ses', "token") != $this->piVars['token'] || $this->piVars['token'] == false) { $content .= $this->errorMessage($this->conf, $this->pi_getLL('newPost.quote.error')); unset($this->piVars['button']); return $this->new_post($content, $conf); } // Checks if the current user has already written a post in a certain interval // from now on. If so, the write attempt is blocked for security reasons. $interval = $conf['spamblock_interval']; $time = $GLOBALS['EXEC_TIME'] - $interval; $res = $this->databaseHandle->exec_SELECTquery('*', 'tx_mmforum_posts', 'poster_id=' . $this->getUserID() . ' AND post_time>=' . $time . $this->cObj->enableFields('tx_mmforum_posts')); if ($this->databaseHandle->sql_num_rows($res) > 0) { $template = $this->cObj->fileResource($conf['template.']['login_error']); $template = $this->cObj->getSubpart($template, "###LOGINERROR###"); $marker = array(); $llMarker = array('###SPAMBLOCK###' => $interval); $marker['###LOGINERROR_MESSAGE###'] = $this->cObj->substituteMarkerArray($this->pi_getLL('newPost.spamBlock'), $llMarker); $content .= $this->cObj->substituteMarkerArrayCached($template, $marker); return $content; } // Create a topic subscription if the user checked the regarding checkbox. if ($this->piVars['havealook']) { tx_mmforum_havealook::addSubscription($this, $topicId, $this->getUserID()); } // Check file upload if ($_FILES['tx_mmforum_pi1_attachment_1']['size'] > 0) { $res = $this->performAttachmentUpload(); if (!is_array($res)) { $content .= $res; unset($this->piVars['button']); return $this->new_post($content, $conf); } else { $attachment_ids = $res; } } else { $attachment_ids = 0; } // Instantiate postfactory class $postfactory = GeneralUtility::makeInstance('tx_mmforum_postfactory'); $postfactory->init($this->conf, $this); if ($this->isModeratedForum() && !$this->getIsAdmin() && !$this->getIsMod($this->piVars['fid'])) { // Create post using postfactory $postfactory->create_post_queue($topicId, $this->getUserID(), $this->piVars['message'], $GLOBALS['EXEC_TIME'], $this->tools->ip2hex(GeneralUtility::getIndpEnv("REMOTE_ADDR")), $attachment_ids); return $this->successMessage($conf, $this->pi_getLL('postqueue-success')); } else { // Create post using postfactory $postId = $postfactory->create_post($topicId, $this->getUserID(), $this->piVars['message'], $GLOBALS['EXEC_TIME'], $this->tools->ip2hex(GeneralUtility::getIndpEnv("REMOTE_ADDR")), $attachment_ids, false, $this->piVars['havealook'] == 'havealook'); // Redirect user to new post $linkParams = array('tx_mmforum_pi1[action]' => 'list_post', 'tx_mmforum_pi1[tid]' => $topicId, 'tx_mmforum_pi1[pid]' => $postId); if (is_array($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['mm_forum']['forum']['newPost_linkParams'])) { foreach ($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['mm_forum']['forum']['newPost_linkParams'] as $classRef) { $procObj =& GeneralUtility::getUserObj($classRef); $linkParams = $procObj->newPost_linkParams($linkParams, $this); } } $link = $this->pi_getPageLink($GLOBALS['TSFE']->id, '', $linkParams); HttpUtility::redirect($link . '#pid' . $postId); } } else { $this->generateToken(); // Show post preview if ($this->piVars['button'] == $this->pi_getLL('newPost.preview')) { $template = $this->cObj->fileResource($conf['template.']['list_post']); $template = $this->cObj->getSubpart($template, '###LIST_POSTS###'); $template = $this->cObj->substituteSubpart($template, '###ATTACHMENT_SECTION###', ''); $userSignature = $this->tx_mmforum_postfunctions->marker_getUserSignature($GLOBALS['TSFE']->fe_user->user); $posttext = $this->piVars['message']; $posttext = $this->tx_mmforum_postparser->main($this, $conf, $posttext, 'textparser') . ($this->conf['list_posts.']['appendSignatureToPostText'] ? $userSignature : ''); $marker['###POSTOPTIONS###'] = ''; $marker['###MESSAGEMENU###'] = ''; $marker['###PROFILEMENU###'] = ''; $marker['###POSTMENU###'] = ''; $marker['###POSTUSER###'] = $this->ident_user($this->getUserID(), $conf); $marker['###POSTTEXT###'] = $posttext; $marker['###ANKER###'] = ''; $marker['###POSTANCHOR###'] = ''; $marker['###POSTDATE###'] = $this->pi_getLL('post.writtenOn') . ': ' . $this->formatDate($GLOBALS['EXEC_TIME']); $marker['###POSTRATING###'] = ''; // Include hooks if (is_array($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['mm_forum']['forum']['newPost_INpreview'])) { foreach ($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['mm_forum']['forum']['newPost_INpreview'] as $classRef) { $procObj =& GeneralUtility::getUserObj($classRef); $marker = $procObj->newPost_INpreview($marker, $this); } } $previewTemplate = $this->cObj->fileResource($conf['template.']['new_post']); $previewTemplate = $this->cObj->getSubpart($previewTemplate, "###PREVIEW###"); $previewMarker = array('###LABEL_PREVIEW###' => $this->pi_getLL('newPost.preview'), '###PREVIEW_POST###' => $this->cObj->substituteMarkerArrayCached($template, $marker)); // Include hooks if (is_array($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['mm_forum']['forum']['newPost_preview'])) { foreach ($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['mm_forum']['forum']['newPost_preview'] as $classRef) { $procObj =& GeneralUtility::getUserObj($classRef); $previewMarker = $procObj->newPost_preview($previewMarker, $this); } } $previewContent = $this->cObj->substituteMarkerArrayCached($previewTemplate, $previewMarker); } $template = $this->cObj->fileResource($conf['template.']['new_post']); $template = $this->cObj->getSubpart($template, stristr($template, '###NEWTOPIC###') === false ? '###NEWPOST###' : '###NEWTOPIC###'); // compatibility: typo in template file fixed. was 'NEWTOPIC' $marker = array('###LABEL_SEND###' => $this->pi_getLL('newPost.save'), '###LABEL_PREVIEW###' => $this->pi_getLL('newPost.preview'), '###LABEL_RESET###' => $this->pi_getLL('newPost.reset'), '###LABEL_ATTENTION###' => $this->pi_getLL('newPost.attention'), '###LABEL_NOTECODESAMPLES###' => $this->pi_getLL('newPost.codeSamples'), '###LABEL_ATTACHMENT###' => $this->pi_getLL('newPost.attachment'), '###LABEL_SETHAVEALOOK###' => $this->pi_getLL('newTopic.setHaveALook'), '###TOKEN###' => $GLOBALS["TSFE"]->fe_user->getKey('ses', "token")); $marker['###POSTTITLE###'] = $this->escape($topicData['topic_title']); $marker['###POST_PREVIEW###'] = (string) $previewContent; // Remove file attachment section if file attachments are disabled if (!$this->conf['attachments.']['enable']) { $template = $this->cObj->substituteSubpart($template, "###ATTACHMENT_SECTION###", ''); } // Remove file attachment edit section $template = $this->cObj->substituteSubpart($template, '###ATTACHMENT_EDITSECTION###', ''); // Add attachment input fields according to TypoScript setting $fieldCount = $this->conf['attachments.']['maxCount'] ? $this->conf['attachments.']['maxCount'] : 1; $aTemplate = $this->cObj->getSubpart($template, '###ATTACHMENT_FIELD###'); $aContent = ''; for ($i = 1; $i <= $fieldCount; $i++) { $aMarker = array('###ATTACHMENT_NO###' => $i); $aContent .= $this->cObj->substituteMarkerArray($aTemplate, $aMarker); } $template = $this->cObj->substituteSubpart($template, '###ATTACHMENT_FIELD###', $aContent); // Remove poll section $template = $this->cObj->substituteSubpart($template, '###POLL_SECTION###', ''); // Maximum file size $mFileSize = $this->conf['attachments.']['maxFileSize'] . ' B'; if ($this->conf['attachments.']['maxFileSize'] >= 1024) { $mFileSize = round($this->conf['attachments.']['maxFileSize'] / 1024, 2) . ' KB'; } if ($this->conf['attachments.']['maxFileSize'] >= 1024 * 1024) { $mFileSize = round($this->conf['attachments.']['maxFileSize'] / (1024 * 1024), 2) . ' MB'; } $marker['###MAXFILESIZE_TEXT###'] = sprintf($this->pi_getLL('newPost.maxFileSize'), $mFileSize); $marker['###MAXFILESIZE_TEXT###'] = $this->cObj->stdWrap($marker['###MAXFILESIZE_TEXT###'], $this->conf['attachments.']['maxFileSize_stdWrap.']); $marker['###MAXFILESIZE###'] = $this->conf['attachments.']['maxFileSize']; // Inserting predefined message if ($this->piVars['message']) { $marker['###POSTTEXT###'] = $this->escape($this->piVars['message']); } else { // Load post to be quoted if ($this->piVars['quote']) { if (!$this->getMayRead_post($this->piVars['quote'])) { return $content . $this->errorMessage($conf, $this->pi_getLL('newPost.quote.error')); } // Get user UID of quoted user $res = $this->databaseHandle->exec_SELECTquery('poster_id', 'tx_mmforum_posts', 'uid=' . intval($this->piVars['quote'])); list($quoteuserid) = $this->databaseHandle->sql_fetch_row($res); // Get user name of quoted user $quoteuser_array = tx_mmforum_tools::get_userdata($quoteuserid); $quoteuser = $quoteuser_array[$this->getUserNameField()]; // Get text to be quoted $res = $this->databaseHandle->exec_SELECTquery('post_text', 'tx_mmforum_posts_text', 'post_id=' . intval($this->piVars['quote'])); list($posttext) = $this->databaseHandle->sql_fetch_row($res); // Insert quote into message text. $marker['###POSTTEXT###'] = '[quote="' . $quoteuser . '"]' . "\r\n" . $posttext . "\r\n" . '[/quote]'; } else { $marker['###POSTTEXT###'] = ''; } } $actionParams[$this->prefixId] = array('action' => 'new_post', 'tid' => $this->piVars['tid']); if ($this->useRealUrl()) { $actionParams[$this->prefixId]['fid'] = $forumId; } $actionLink = $this->pi_getPageLink($GLOBALS['TSFE']->id, '', $actionParams); $bbCodeButtons_template = $this->cObj->getSubpart($template, '###BBCODEBUTTONS###'); if (empty($conf['jQueryEditorJavaScript'])) { $bbCodeButtons = $this->generateBBCodeButtons($bbCodeButtons_template); } else { $bbCodeButtons = stristr($bbCodeButtons_template, '<td>') ? '<td></td>' : ''; } $template = $this->cObj->substituteSubpart($template, '###BBCODEBUTTONS###', $bbCodeButtons); $marker['###SMILIES###'] = $this->show_smilie_db($conf); $marker['###ACTION###'] = htmlspecialchars($actionLink); $marker['###LABEL_CREATETOPIC###'] = $this->pi_getLL('newPost.title'); $marker['###TOKEN###'] = $GLOBALS["TSFE"]->fe_user->getKey('ses', "token"); $conf['slimPostList'] = 1; $marker['###OLDPOSTTEXT###'] = '<hr />' . $this->tx_mmforum_postfunctions->list_post('', $conf, 'DESC'); if ($this->conf['disableRootline']) { $template = $this->cObj->substituteSubpart($template, '###ROOTLINE_CONTAINER###', ''); } else { $marker['###FORUMPATH###'] = $this->get_forum_path($forumId, ''); } } } else { $template = $this->cObj->fileResource($conf['template.']['login_error']); $template = $this->cObj->getSubpart($template, "###LOGINERROR###"); $marker = array('###LOGINERROR_MESSAGE###' => $this->pi_getLL('newPost.noLogin')); } // Include hooks if (is_array($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['mm_forum']['forum']['newPost_formMarker'])) { foreach ($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['mm_forum']['forum']['newPost_formMarker'] as $classRef) { $procObj =& GeneralUtility::getUserObj($classRef); $marker = $procObj->newPost_formMarker($marker, $this); } } $marker['###HAVEALOOK###'] = $this->piVars['havealook'] ? 'checked="checked"' : ''; // TODO: include this via TYPO3 API $marker['###STARTJAVASCRIPT###'] = $this->includeEditorJavaScript(); $content .= $this->cObj->substituteMarkerArray($template, $marker); return $content; }