+++ /dev/null
-<?php\r
-\r
-/**\r
- * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/) \r
- * Copyright (C) 2002-2005 The Nucleus Group\r
- *\r
- * This program is free software; you can redistribute it and/or\r
- * modify it under the terms of the GNU General Public License\r
- * as published by the Free Software Foundation; either version 2\r
- * of the License, or (at your option) any later version.\r
- * (see nucleus/documentation/index.html#license for more info)\r
- *\r
- * Actions that can be called via action.php\r
- *\r
- * $Id: ACTION.php,v 1.3 2005-08-13 07:22:10 kimitake Exp $\r
- * $NucleusJP: ACTION.php,v 1.2 2005/03/16 08:10:35 kimitake Exp $\r
- */\r
-class ACTION\r
-{\r
- function ACTION()\r
- {\r
- \r
- }\r
- \r
- function doAction($action) \r
- {\r
- switch($action) {\r
- case 'addcomment':\r
- return $this->addComment();\r
- break;\r
- case 'sendmessage':\r
- return $this->sendMessage();\r
- break;\r
- case 'createaccount':\r
- return $this->createAccount();\r
- break; \r
- case 'forgotpassword':\r
- return $this->forgotPassword();\r
- break;\r
- case 'votepositive':\r
- return $this->doKarma('pos');\r
- break;\r
- case 'votenegative':\r
- return $this->doKarma('neg');\r
- break;\r
- case 'plugin':\r
- return $this->callPlugin();\r
- break;\r
- default:\r
- doError(_ERROR_BADACTION);\r
- }\r
- }\r
- \r
- function addComment() {\r
- global $CONF, $errormessage, $manager;\r
-\r
- $post['itemid'] = intPostVar('itemid');\r
- $post['user'] = postVar('user');\r
- $post['userid'] = postVar('userid');\r
- $post['body'] = postVar('body');\r
-\r
- // set cookies when required\r
- $remember = intPostVar('remember');\r
- if ($remember == 1) {\r
- $lifetime = time()+2592000;\r
- setcookie($CONF['CookiePrefix'] . 'comment_user',$post['user'],$lifetime,'/','',0);\r
- setcookie($CONF['CookiePrefix'] . 'comment_userid', $post['userid'],$lifetime,'/','',0);\r
- }\r
-\r
- $comments = new COMMENTS($post['itemid']);\r
-\r
- $blogid = getBlogIDFromItemID($post['itemid']);\r
- $this->checkban($blogid);\r
- $blog =& $manager->getBlog($blogid);\r
-\r
- // note: PreAddComment and PostAddComment gets called somewhere inside addComment\r
- $errormessage = $comments->addComment($blog->getCorrectTime(),$post);\r
-\r
- if ($errormessage == '1') { \r
- // redirect when adding comments succeeded\r
- if (postVar('url')) {\r
- redirect(postVar('url'));\r
- } else {\r
- $url = createItemLink($post['itemid']);\r
- redirect($url);\r
- }\r
- } else {\r
- // else, show error message using default skin for blog\r
- return array(\r
- 'message' => $errormessage,\r
- 'skinid' => $blog->getDefaultSkin()\r
- );\r
- }\r
- \r
- exit;\r
- }\r
-\r
- // Sends a message from the current member to the member given as argument\r
- function sendMessage() {\r
- global $CONF, $member;\r
-\r
- $error = $this->validateMessage();\r
- if ($error != '')\r
- return array('message' => $error);\r
-\r
- if (!$member->isLoggedIn()) {\r
- $fromMail = postVar('frommail');\r
- $fromName = _MMAIL_FROMANON;\r
- } else {\r
- $fromMail = $member->getEmail();\r
- $fromName = $member->getDisplayName();\r
- }\r
-\r
- $tomem = new MEMBER();\r
- $tomem->readFromId(postVar('memberid'));\r
-\r
- $message = _MMAIL_MSG . ' ' . $fromName . "\n"\r
- . '(' . _MMAIL_FROMNUC. ' ' . $CONF['IndexURL'] .") \n\n"\r
- . _MMAIL_MAIL . " \n\n"\r
- . postVar('message');\r
- $message .= getMailFooter();\r
-\r
- $title = _MMAIL_TITLE . ' ' . $fromName;\r
- mb_language('ja');\r
- mb_internal_encoding(_CHARSET);\r
- @mb_send_mail($tomem->getEmail(), $title, $message, "From: ". $fromMail);\r
-\r
- if (postVar('url')) {\r
- redirect(postVar('url'));\r
- } else {\r
- $CONF['MemberURL'] = $CONF['IndexURL'];\r
- if ($CONF['URLMode'] == 'pathinfo')\r
- $url = createMemberLink($tomem->getID());\r
- else\r
- $url = $CONF['IndexURL'] . createMemberLink($tomem->getID());\r
- redirect($url);\r
- }\r
- \r
- exit;\r
-\r
- }\r
- \r
- function validateMessage() {\r
- global $CONF, $member, $manager;\r
-\r
- if (!$CONF['AllowMemberMail']) \r
- return _ERROR_MEMBERMAILDISABLED;\r
-\r
- if (!$member->isLoggedIn() && !$CONF['NonmemberMail'])\r
- return _ERROR_DISALLOWED;\r
-\r
- if (!$member->isLoggedIn() && (!isValidMailAddress(postVar('frommail'))))\r
- return _ERROR_BADMAILADDRESS;\r
- \r
- // let plugins do verification (any plugin which thinks the comment is invalid\r
- // can change 'error' to something other than '')\r
- $result = '';\r
- $manager->notify('ValidateForm', array('type' => 'membermail', 'error' => &$result));\r
- \r
- return $result;\r
- \r
- }\r
-\r
- // creates a new user account\r
- function createAccount() {\r
- global $CONF, $manager;\r
-\r
- if (!$CONF['AllowMemberCreate']) \r
- doError(_ERROR_MEMBERCREATEDISABLED);\r
-\r
- // even though the member can not log in, set some random initial password. One never knows.\r
- srand((double)microtime()*1000000);\r
- $initialPwd = md5(uniqid(rand(), true));\r
-\r
- // create member (non admin/can not login/no notes/random string as password)\r
- $r = MEMBER::create(postVar('name'), postVar('realname'), $initialPwd, postVar('email'), postVar('url'), 0, 0, '');\r
- \r
- if ($r != 1)\r
- doError($r);\r
- \r
- // send message containing password.\r
- $newmem = new MEMBER();\r
- $newmem->readFromName(postVar('name'));\r
- $newmem->sendActivationLink('register');\r
-\r
- $manager->notify('PostRegister',array('member' => &$newmem)); \r
-\r
- if (postVar('desturl')) {\r
- redirect(postVar('desturl'));\r
- } else {\r
- header ("Content-Type: text/html; charset="._CHARSET);\r
- echo _MSG_ACTIVATION_SENT;\r
- }\r
- \r
- exit;\r
- }\r
-\r
- // sends a new password \r
- function forgotPassword() {\r
- $membername = trim(postVar('name'));\r
-\r
- if (!MEMBER::exists($membername))\r
- doError(_ERROR_NOSUCHMEMBER);\r
- $mem = MEMBER::createFromName($membername);\r
-\r
- if (!$mem->canLogin())\r
- doError(_ERROR_NOLOGON_NOACTIVATE);\r
-\r
- // check if e-mail address is correct\r
- if (!($mem->getEmail() == postVar('email')))\r
- doError(_ERROR_INCORRECTEMAIL);\r
-\r
- // send activation link\r
- $mem->sendActivationLink('forgot');\r
-\r
- if (postVar('url')) {\r
- redirect(postVar('url'));\r
- } else {\r
- header ("Content-Type: text/html; charset="._CHARSET);\r
- echo _MSG_ACTIVATION_SENT;\r
- }\r
- \r
- exit;\r
- }\r
-\r
- // handle karma votes\r
- function doKarma($type) {\r
- global $itemid, $member, $CONF, $manager;\r
-\r
- // check if itemid exists\r
- if (!$manager->existsItem($itemid,0,0)) \r
- doError(_ERROR_NOSUCHITEM);\r
-\r
- $blogid = getBlogIDFromItemID($itemid);\r
- $this->checkban($blogid); \r
-\r
- $karma =& $manager->getKarma($itemid);\r
-\r
- // check if not already voted\r
- if (!$karma->isVoteAllowed(serverVar('REMOTE_ADDR'))) \r
- doError(_ERROR_VOTEDBEFORE); \r
-\r
- // check if item does allow voting\r
- $item =& $manager->getItem($itemid,0,0);\r
- if ($item['closed'])\r
- doError(_ERROR_ITEMCLOSED);\r
-\r
- switch($type) {\r
- case 'pos': \r
- $karma->votePositive();\r
- break;\r
- case 'neg':\r
- $karma->voteNegative();\r
- break;\r
- }\r
-\r
- $blogid = getBlogIDFromItemID($itemid);\r
- $blog =& $manager->getBlog($blogid);\r
-\r
- // send email to notification address, if any\r
- if ($blog->getNotifyAddress() && $blog->notifyOnVote()) {\r
-\r
- $mailto_msg = _NOTIFY_KV_MSG . ' ' . $itemid . "\n";\r
- $mailto_msg .= $CONF['IndexURL'] . 'index.php?itemid=' . $itemid . "\n\n";\r
- if ($member->isLoggedIn()) {\r
- $mailto_msg .= _NOTIFY_MEMBER . ' ' . $member->getDisplayName() . ' (ID=' . $member->getID() . ")\n";\r
- }\r
- $mailto_msg .= _NOTIFY_IP . ' ' . serverVar('REMOTE_ADDR') . "\n";\r
- $mailto_msg .= _NOTIFY_HOST . ' ' . gethostbyaddr(serverVar('REMOTE_ADDR')) . "\n";\r
- $mailto_msg .= _NOTIFY_VOTE . "\n " . $type . "\n";\r
- $mailto_msg .= getMailFooter();\r
-\r
- $mailto_title = _NOTIFY_KV_TITLE . ' ' . strip_tags($item['title']) . ' (' . $itemid . ')';\r
-\r
- $frommail = $member->getNotifyFromMailAddress();\r
-\r
- $notify = new NOTIFICATION($blog->getNotifyAddress());\r
- $notify->notify($mailto_title, $mailto_msg , $frommail);\r
- }\r
-\r
-\r
- $refererUrl = serverVar('HTTP_REFERER');\r
- if ($refererUrl)\r
- $url = $refererUrl;\r
- else\r
- $url = $CONF['IndexURL'] . 'index.php?itemid=' . $itemid;\r
-\r
- redirect($url); \r
- exit;\r
- }\r
-\r
- /**\r
- * Calls a plugin action\r
- */\r
- function callPlugin() {\r
- global $manager;\r
-\r
- $pluginName = 'NP_' . requestVar('name');\r
- $actionType = requestVar('type');\r
-\r
- // 1: check if plugin is installed\r
- if (!$manager->pluginInstalled($pluginName))\r
- doError(_ERROR_NOSUCHPLUGIN);\r
-\r
- // 2: call plugin\r
- $pluginObject =& $manager->getPlugin($pluginName);\r
- if ($pluginObject)\r
- $error = $pluginObject->doAction($actionType);\r
- else\r
- $error = 'Could not load plugin (see actionlog)';\r
-\r
- // doAction returns error when:\r
- // - an error occurred (duh)\r
- // - no actions are allowed (doAction is not implemented)\r
- if ($error)\r
- doError($error);\r
- \r
- exit;\r
-\r
- }\r
-\r
- function checkban($blogid) {\r
- // check if banned\r
- $ban = BAN::isBanned($blogid, serverVar('REMOTE_ADDR'));\r
- if ($ban != 0) {\r
- doError(_ERROR_BANNED1 . $ban->iprange . _ERROR_BANNED2 . $ban->message . _ERROR_BANNED3);\r
- }\r
-\r
- }\r
-\r
-\r
-}\r
-\r
-?>\r
+++ /dev/null
-<?php\r
-/**\r
- * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/) \r
- * Copyright (C) 2002-2005 The Nucleus Group\r
- *\r
- * This program is free software; you can redistribute it and/or\r
- * modify it under the terms of the GNU General Public License\r
- * as published by the Free Software Foundation; either version 2\r
- * of the License, or (at your option) any later version.\r
- * (see nucleus/documentation/index.html#license for more info)\r
- *\r
- * Actionlog class for Nucleus\r
- *\r
- * $Id: ACTIONLOG.php,v 1.3 2005-03-16 08:10:35 kimitake Exp $\r
- * $NucleusJP: ACTIONLOG.php,v 1.3 2005/03/12 06:19:04 kimitake Exp $\r
- */\r
-define('ERROR',1); // only errors\r
-define('WARNING',2); // errors and warnings\r
-define('INFO',3); // info, errors and warnings\r
-define('DEBUG',4); // everything \r
-$CONF['LogLevel'] = INFO;\r
-\r
-class ACTIONLOG {\r
-\r
- /**\r
- * (Static) Method to add message to log\r
- */\r
- function add($level, $message) {\r
- global $member, $CONF;\r
- \r
- if ($CONF['LogLevel'] < $level)\r
- return;\r
- \r
- if ($member && $member->isLoggedIn())\r
- $message = "[" . $member->getDisplayName() . "] " . $message;\r
- \r
- $message = addslashes($message); // add slashes\r
- $timestamp = date("Y-m-d H:i:s",time()); // format timestamp\r
- $query = "INSERT INTO " . sql_table('actionlog') . " (timestamp, message) VALUES ('$timestamp', '$message')";\r
- \r
- sql_query($query);\r
- \r
- ACTIONLOG::trimLog();\r
- }\r
- \r
- /**\r
- * (Static) Method to clear log\r
- */\r
- function clear() {\r
- global $manager;\r
- \r
- $query = 'DELETE FROM ' . sql_table('actionlog');\r
-\r
- $manager->notify('ActionLogCleared',array());\r
- \r
- return sql_query($query);\r
- }\r
- \r
- function trimLog() {\r
- static $checked = 0;\r
- \r
- // only check once per run\r
- if ($checked) return;\r
- \r
- // trim\r
- $checked = 1;\r
- \r
- $iTotal = quickQuery('SELECT COUNT(*) AS result FROM ' . sql_table('actionlog'));\r
- \r
- // if size > 500, drop back to about 250\r
- $iMaxSize = 500;\r
- $iDropSize = 250;\r
- if ($iTotal > $iMaxSize) {\r
- $tsChop = quickQuery('SELECT timestamp as result FROM ' . sql_table('actionlog') . ' ORDER BY timestamp DESC LIMIT '.$iDropSize.',1');\r
- sql_query('DELETE FROM ' . sql_table('actionlog') . ' WHERE timestamp < \'' . $tsChop . '\'');\r
- }\r
- \r
- }\r
-\r
-}\r
-\r
-?>\r
OSDN Git Service
