public function ins_posts($post_info, $offset = 0) { $posts = array(); $i = 0; //$defs = array(); $html = new \Ext\Html(); //imessage -> pure text MD or BBCode can be used //omessage -> HTML foreach ($post_info as $post) { //$posts[$i] = $this->set_value($post, $defs); $posts[$i] = $post; $posts[$i]["post_id"] += $offset; if (isset($post['imessage']) && isset($post['omessage'])) { //everything is perfect } else { $posts[$i]["imessage"] = Format::br2nl(Format::imessage($post['message'])); $posts[$i]["omessage"] = $html->filter(Format::parseBBCode($post['message']), false, true); } if (method_exists($this->driver, 'modify_posts')) { $posts[$i] = $this->driver->modify_posts($posts[$i]); } $i++; } // var_dump($cats); $attrs = array("post_id", "topic_id", "cat_id", "uid", "imessage", "omessage", "post_created"); $qry = $this->prepare_ins_qry($posts, $attrs, "codo_posts"); //$this->query .= $qry; }
/** * Inserts a new post in codo_posts * * @param type $catid * @param type $tid * @param type $imesg * @param type $omesg */ public function ins_post($catid, $tid, $imesg, $omesg, $needsModeration = false) { \CODOF\Hook::call('before_post_insert'); $time = time(); $uid = $_SESSION[UID . 'USER']['id']; $post_status = Topic::APPROVED; if ($needsModeration) { $post_status = Topic::MODERATION_BY_FILTER; } //$message = \CODOF\Filter::msg_safe($mesg); //$mesg = nl2br($message); $qry = 'INSERT INTO codo_posts (topic_id,cat_id,uid,imessage,omessage,post_created,post_status) ' . 'VALUES(:tid, :cid, :uid, :imesg, :omesg, :post_created,:post_status)'; $stmt = $this->db->prepare($qry); $params = array(":tid" => $tid, ":cid" => $catid, ":uid" => $uid, ":imesg" => \CODOF\Format::imessage($imesg), ":omesg" => \CODOF\Format::omessage($omesg), ":post_created" => $time, ":post_status" => $post_status); $this->success = $stmt->execute($params); $pid = $this->db->lastInsertId(); if ($this->success && !$needsModeration) { $this->incPostCount($catid, $tid, $uid); \CODOF\Hook::call('after_post_insert', $pid); return $pid; } return false; }
public function create() { //hacking attempt if ($_POST['end_of_line'] != "") { exit; } if (isset($_POST['title']) && isset($_POST['cat']) && isset($_POST['imesg']) && isset($_POST['omesg'])) { $catid = (int) $_POST['cat']; $category = new \CODOF\Forum\Category($this->db); if (!$category->exists($catid) || !$category->canCreateTopicIn($catid)) { exit(_t("No such category exists!")); } $post = new \CODOF\Forum\Post($this->db); $topic = new \CODOF\Forum\Topic($this->db); $notifier = new \CODOF\Forum\Notification\Notifier(); $subscriber = new \CODOF\Forum\Notification\Subscriber(); $title = \CODOF\Format::title($_POST['title']); $filter = new \CODOF\SpamFilter(); $needsModeration = false; $sticky = $_POST['sticky'] === "true" ? 'yes' : 'no'; $frontpage = $_POST['frontpage'] === "true" ? 'yes' : 'no'; if ($filter->isSpam($_POST['imesg'])) { $needsModeration = true; } $user = \CODOF\User\User::get(); if ($sticky == 'yes' && $user->can('make sticky')) { if ($frontpage == 'yes') { $tid = $topic->ins_topic($catid, $title, $needsModeration, \CODOF\Forum\Forum::STICKY); } else { $tid = $topic->ins_topic($catid, $title, $needsModeration, \CODOF\Forum\Forum::STICKY_ONLY_CATEGORY); } } else { $tid = $topic->ins_topic($catid, $title, $needsModeration, \CODOF\Forum\Forum::APPROVED); } $pid = $post->ins_post($catid, $tid, $_POST['imesg'], $_POST['omesg']); $topic->link_topic_post($pid, $tid); //get any @mentions from the topic post $mentions = $subscriber->getMentions($_POST['imesg']); //get userids from mentions that actually exists in the database $ids = $subscriber->getIdsThatExisits($mentions); //subscribe self to topic as a Subscriber::NOTIFIED $subscriber->toTopic($catid, $tid, \CODOF\Forum\Notification\Subscriber::$NOTIFIED); //if post was inserted successfully if ($pid) { $topicData = array("label" => 'New topic', "cid" => $catid, "tid" => $tid, "tuid" => $user->id, "pid" => $pid, "mentions" => $ids, "message" => \CODOF\Util::start_cut(\CODOF\Format::imessage($_POST['imesg']), 120), "notification" => "%actor% created <b>%title%</b>", "bindings" => array("title" => \CODOF\Util::start_cut($title, 100))); $notifier->queueNotify('new_topic', $topicData); //$notifier->dequeueNotify(); \CODOF\Hook::call('after_topic_insert', $topicData); } //insert tags if any present in the topic if (isset($_POST['tags']) && $user->can('add tags')) { //the method does the filtering $topic->insertTags($tid, $_POST['tags']); } echo json_encode(array('tid' => $tid)); } }
/** * * Edits current topic */ public function edit_topic($cid, $tid, $pid, $title, $imessage, $omessage, $topic_status = Forum::APPROVED) { $tid = (int) $tid; $pid = (int) $pid; $title = \CODOF\Format::title($title); $qry = 'UPDATE ' . PREFIX . 'codo_topics SET cat_id=:cat_id, title=:title, topic_updated=:time, topic_status=:topic_status ' . 'WHERE topic_id=:tid'; $t_stmt = $this->db->prepare($qry); $t_stmt->execute(array(":cat_id" => $cid, ":title" => $title, ":time" => time(), ":tid" => $tid, ":topic_status" => $topic_status)); $qry = 'UPDATE ' . PREFIX . 'codo_posts SET cat_id=:cat_id,imessage=:imesg, omessage=:omesg,' . 'post_modified=:time WHERE post_id=:pid'; $p_stmt = $this->db->prepare($qry); $p_stmt->execute(array(":cat_id" => $cid, ":imesg" => \CODOF\Format::imessage($imessage), ":omesg" => \CODOF\Format::omessage($omessage), ":time" => time(), ":pid" => $pid)); }