fixed url

[nucleus-jp/nucleus-jp-ancient.git] / nucleus / libs / ACTION.php

<?php\r
\r
/*\r
 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)\r
 * Copyright (C) 2002-2005 The Nucleus Group\r
 *\r
 * This program is free software; you can redistribute it and/or\r
 * modify it under the terms of the GNU General Public License\r
 * as published by the Free Software Foundation; either version 2\r
 * of the License, or (at your option) any later version.\r
 * (see nucleus/documentation/index.html#license for more info)\r
 */\r
/**\r
 * Actions that can be called via action.php\r
 *\r
 * @license http://nucleuscms.org/license.txt GNU General Public License\r
 * @copyright Copyright (C) 2002-2005 The Nucleus Group\r
 * @version $Id: ACTION.php,v 1.3 2005-08-13 07:30:01 kimitake Exp $\r
 * $NucleusJP: ACTION.php,v 1.2 2005/03/12 06:19:04 kimitake Exp $\r
 */\r
class ACTION\r
{\r
        function ACTION()\r
        {\r
        \r
        }\r
        \r
        function doAction($action) \r
        {\r
                switch($action) {\r
                        case 'addcomment':\r
                                return $this->addComment();\r
                                break;\r
                        case 'sendmessage':\r
                                return $this->sendMessage();\r
                                break;\r
                        case 'createaccount':\r
                                return $this->createAccount();\r
                                break;          \r
                        case 'forgotpassword':\r
                                return $this->forgotPassword();\r
                                break;\r
                        case 'votepositive':\r
                                return $this->doKarma('pos');\r
                                break;\r
                        case 'votenegative':\r
                                return $this->doKarma('neg');\r
                                break;\r
                        case 'plugin':\r
                                return $this->callPlugin();\r
                                break;\r
                        default:\r
                                doError(_ERROR_BADACTION);\r
                }\r
        }\r
        \r
        function addComment() {\r
                global $CONF, $errormessage, $manager;\r
\r
                $post['itemid'] =       intPostVar('itemid');\r
                $post['user'] =         postVar('user');\r
                $post['userid'] =       postVar('userid');\r
                $post['body'] =         postVar('body');\r
\r
                // set cookies when required\r
                $remember = intPostVar('remember');\r
                if ($remember == 1) {\r
                        $lifetime = time()+2592000;\r
                        setcookie($CONF['CookiePrefix'] . 'comment_user',$post['user'],$lifetime,'/','',0);\r
                        setcookie($CONF['CookiePrefix'] . 'comment_userid', $post['userid'],$lifetime,'/','',0);\r
                }\r
\r
                $comments = new COMMENTS($post['itemid']);\r
\r
                $blogid = getBlogIDFromItemID($post['itemid']);\r
                $this->checkban($blogid);\r
                $blog =& $manager->getBlog($blogid);\r
\r
                // note: PreAddComment and PostAddComment gets called somewhere inside addComment\r
                $errormessage = $comments->addComment($blog->getCorrectTime(),$post);\r
\r
                if ($errormessage == '1') {             \r
                        // redirect when adding comments succeeded\r
                        if (postVar('url')) {\r
                                redirect(postVar('url'));\r
                        } else {\r
                                $url = createItemLink($post['itemid']);\r
                                redirect($url);\r
                        }\r
                } else {\r
                        // else, show error message using default skin for blog\r
                        return array(\r
                                'message' => $errormessage,\r
                                'skinid' => $blog->getDefaultSkin()\r
                        );\r
                }\r
                \r
                exit;\r
        }\r
\r
        // Sends a message from the current member to the member given as argument\r
        function sendMessage() {\r
                global $CONF, $member;\r
\r
                $error = $this->validateMessage();\r
                if ($error != '')\r
                        return array('message' => $error);\r
\r
                if (!$member->isLoggedIn()) {\r
                        $fromMail = postVar('frommail');\r
                        $fromName = _MMAIL_FROMANON;\r
                } else {\r
                        $fromMail = $member->getEmail();\r
                        $fromName = $member->getDisplayName();\r
                }\r
\r
                $tomem = new MEMBER();\r
                $tomem->readFromId(postVar('memberid'));\r
\r
                $message  = _MMAIL_MSG . ' ' . $fromName . "\n"\r
                          . '(' . _MMAIL_FROMNUC. ' ' . $CONF['IndexURL'] .") \n\n"\r
                          . _MMAIL_MAIL . " \n\n"\r
                          . postVar('message');\r
                $message .= getMailFooter();\r
\r
                $title = _MMAIL_TITLE . ' ' . $fromName;\r
                mb_language('ja');\r
                mb_internal_encoding(_CHARSET);\r
                @mb_send_mail($tomem->getEmail(), $title, $message, "From: ". $fromMail);\r
\r
                if (postVar('url')) {\r
                        redirect(postVar('url'));\r
                } else {\r
                        $CONF['MemberURL'] = $CONF['IndexURL'];\r
                        if ($CONF['URLMode'] == 'pathinfo')\r
                                $url = createMemberLink($tomem->getID());\r
                        else\r
                                $url = $CONF['IndexURL'] . createMemberLink($tomem->getID());\r
                        redirect($url);\r
                }\r
                \r
                exit;\r
\r
        }\r
        \r
        function validateMessage() {\r
                global $CONF, $member, $manager;\r
\r
                if (!$CONF['AllowMemberMail']) \r
                        return _ERROR_MEMBERMAILDISABLED;\r
\r
                if (!$member->isLoggedIn() && !$CONF['NonmemberMail'])\r
                        return _ERROR_DISALLOWED;\r
\r
                if (!$member->isLoggedIn() && (!isValidMailAddress(postVar('frommail'))))\r
                        return _ERROR_BADMAILADDRESS;\r
                        \r
                // let plugins do verification (any plugin which thinks the comment is invalid\r
                // can change 'error' to something other than '')\r
                $result = '';\r
                $manager->notify('ValidateForm', array('type' => 'membermail', 'error' => &$result));\r
                \r
                return $result;\r
                \r
        }\r
\r
        // creates a new user account\r
        function createAccount() {\r
                global $CONF, $manager;\r
\r
                if (!$CONF['AllowMemberCreate']) \r
                        doError(_ERROR_MEMBERCREATEDISABLED);\r
\r
                // even though the member can not log in, set some random initial password. One never knows.\r
                srand((double)microtime()*1000000);\r
                $initialPwd = md5(uniqid(rand(), true));\r
\r
                // create member (non admin/can not login/no notes/random string as password)\r
                $r = MEMBER::create(postVar('name'), postVar('realname'), $initialPwd, postVar('email'), postVar('url'), 0, 0, '');\r
                \r
                if ($r != 1)\r
                        doError($r);\r
                        \r
                // send message containing password.\r
                $newmem = new MEMBER();\r
                $newmem->readFromName(postVar('name'));\r
                $newmem->sendActivationLink('register');\r
\r
                $manager->notify('PostRegister',array('member' => &$newmem));           \r
\r
                if (postVar('desturl')) {\r
                        redirect(postVar('desturl'));\r
                } else {\r
                        header ("Content-Type: text/html; charset="._CHARSET);\r
                        echo _MSG_ACTIVATION_SENT;\r
                }\r
                \r
                exit;\r
        }\r
\r
        // sends a new password \r
        function forgotPassword() {\r
                $membername = trim(postVar('name'));\r
\r
                if (!MEMBER::exists($membername))\r
                        doError(_ERROR_NOSUCHMEMBER);\r
                $mem = MEMBER::createFromName($membername);\r
\r
                if (!$mem->canLogin())\r
                        doError(_ERROR_NOLOGON_NOACTIVATE);\r
\r
                // check if e-mail address is correct\r
                if (!($mem->getEmail() == postVar('email')))\r
                        doError(_ERROR_INCORRECTEMAIL);\r
\r
                // send activation link\r
                $mem->sendActivationLink('forgot');\r
\r
                if (postVar('url')) {\r
                        redirect(postVar('url'));\r
                } else {\r
                        header ("Content-Type: text/html; charset="._CHARSET);\r
                        echo _MSG_ACTIVATION_SENT;\r
                }\r
                \r
                exit;\r
        }\r
\r
        // handle karma votes\r
        function doKarma($type) {\r
                global $itemid, $member, $CONF, $manager;\r
\r
                // check if itemid exists\r
                if (!$manager->existsItem($itemid,0,0)) \r
                        doError(_ERROR_NOSUCHITEM);\r
\r
                $blogid = getBlogIDFromItemID($itemid);\r
                $this->checkban($blogid);       \r
\r
                $karma =& $manager->getKarma($itemid);\r
\r
                // check if not already voted\r
                if (!$karma->isVoteAllowed(serverVar('REMOTE_ADDR'))) \r
                        doError(_ERROR_VOTEDBEFORE);            \r
\r
                // check if item does allow voting\r
                $item =& $manager->getItem($itemid,0,0);\r
                if ($item['closed'])\r
                        doError(_ERROR_ITEMCLOSED);\r
\r
                switch($type) {\r
                        case 'pos': \r
                                $karma->votePositive();\r
                                break;\r
                        case 'neg':\r
                                $karma->voteNegative();\r
                                break;\r
                }\r
\r
                $blogid = getBlogIDFromItemID($itemid);\r
                $blog =& $manager->getBlog($blogid);\r
\r
                // send email to notification address, if any\r
                if ($blog->getNotifyAddress() && $blog->notifyOnVote()) {\r
\r
                        $mailto_msg = _NOTIFY_KV_MSG . ' ' . $itemid . "\n";\r
                        $mailto_msg .= $CONF['IndexURL'] . 'index.php?itemid=' . $itemid . "\n\n";\r
                        if ($member->isLoggedIn()) {\r
                                $mailto_msg .= _NOTIFY_MEMBER . ' ' . $member->getDisplayName() . ' (ID=' . $member->getID() . ")\n";\r
                        }\r
                        $mailto_msg .= _NOTIFY_IP . ' ' . serverVar('REMOTE_ADDR') . "\n";\r
                        $mailto_msg .= _NOTIFY_HOST . ' ' .  gethostbyaddr(serverVar('REMOTE_ADDR'))  . "\n";\r
                        $mailto_msg .= _NOTIFY_VOTE . "\n " . $type . "\n";\r
                        $mailto_msg .= getMailFooter();\r
\r
                        $mailto_title = _NOTIFY_KV_TITLE . ' ' . strip_tags($item['title']) . ' (' . $itemid . ')';\r
\r
                        $frommail = $member->getNotifyFromMailAddress();\r
\r
                        $notify = new NOTIFICATION($blog->getNotifyAddress());\r
                        $notify->notify($mailto_title, $mailto_msg , $frommail);\r
                }\r
\r
\r
                $refererUrl = serverVar('HTTP_REFERER');\r
                if ($refererUrl)\r
                        $url = $refererUrl;\r
                else\r
                        $url = $CONF['IndexURL'] . 'index.php?itemid=' . $itemid;\r
\r
                redirect($url); \r
                exit;\r
        }\r
\r
        /**\r
          * Calls a plugin action\r
          */\r
        function callPlugin() {\r
                global $manager;\r
\r
                $pluginName = 'NP_' . requestVar('name');\r
                $actionType = requestVar('type');\r
\r
                // 1: check if plugin is installed\r
                if (!$manager->pluginInstalled($pluginName))\r
                        doError(_ERROR_NOSUCHPLUGIN);\r
\r
                // 2: call plugin\r
                $pluginObject =& $manager->getPlugin($pluginName);\r
                if ($pluginObject)\r
                        $error = $pluginObject->doAction($actionType);\r
                else\r
                        $error = 'Could not load plugin (see actionlog)';\r
\r
                // doAction returns error when:\r
                // - an error occurred (duh)\r
                // - no actions are allowed (doAction is not implemented)\r
                if ($error)\r
                        doError($error);\r
                        \r
                exit;\r
\r
        }\r
\r
        function checkban($blogid) {\r
                // check if banned\r
                $ban = BAN::isBanned($blogid, serverVar('REMOTE_ADDR'));\r
                if ($ban != 0) {\r
                        doError(_ERROR_BANNED1 . $ban->iprange . _ERROR_BANNED2 . $ban->message . _ERROR_BANNED3);\r
                }\r
\r
        }\r
\r
\r
}\r
\r
?>\r