4 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
\r
5 * Copyright (C) 2002-2009 The Nucleus Group
\r
7 * This program is free software; you can redistribute it and/or
\r
8 * modify it under the terms of the GNU General Public License
\r
9 * as published by the Free Software Foundation; either version 2
\r
10 * of the License, or (at your option) any later version.
\r
11 * (see nucleus/documentation/index.html#license for more info)
\r
14 * Actions that can be called via action.php
\r
16 * @license http://nucleuscms.org/license.txt GNU General Public License
\r
17 * @copyright Copyright (C) 2002-2009 The Nucleus Group
\r
18 * @version $Id: ACTION.php 1646 2012-01-29 10:47:32Z sakamocchi $
\r
24 * Constructor for an new ACTION object
\r
36 * ACTION::doAction()
\r
37 * Calls functions that handle an action called from action.php
\r
39 * @param string $action action type
\r
42 function doAction($action)
\r
47 return $this->autoDraft();
\r
50 case 'updateticket':
\r
51 return $this->updateTicket();
\r
55 return $this->addComment();
\r
59 return $this->sendMessage();
\r
62 case 'createaccount':
\r
63 return $this->createAccount();
\r
66 case 'forgotpassword':
\r
67 return $this->forgotPassword();
\r
70 case 'votepositive':
\r
71 return $this->doKarma('pos');
\r
74 case 'votenegative':
\r
75 return $this->doKarma('neg');
\r
79 return $this->callPlugin();
\r
83 doError(_ERROR_BADACTION);
\r
89 * ACTION::addComment()
\r
90 * Adds a new comment to an item (if IP isn't banned)
\r
96 function addComment()
\r
98 global $CONF, $errormessage, $manager;
\r
100 $post['itemid'] = intPostVar('itemid');
\r
101 $post['user'] = postVar('user');
\r
102 $post['userid'] = postVar('userid');
\r
103 $post['email'] = postVar('email');
\r
104 $post['body'] = postVar('body');
\r
105 $post['remember'] = intPostVar('remember');
\r
107 // begin if: "Remember Me" box checked
\r
108 if ( $post['remember'] == 1 )
\r
110 $lifetime = time() + 2592000;
\r
111 setcookie($CONF['CookiePrefix'] . 'comment_user', $post['user'], $lifetime, '/', '', 0);
\r
112 setcookie($CONF['CookiePrefix'] . 'comment_userid', $post['userid'], $lifetime, '/', '', 0);
\r
113 setcookie($CONF['CookiePrefix'] . 'comment_email', $post['email'], $lifetime, '/', '', 0);
\r
116 $comments = new COMMENTS($post['itemid']);
\r
118 $blog_id = getBlogIDFromItemID($post['itemid']);
\r
119 $this->checkban($blog_id);
\r
120 $blog =& $manager->getBlog($blog_id);
\r
122 // note: PreAddComment and PostAddComment gets called somewhere inside addComment
\r
123 $errormessage = $comments->addComment($blog->getCorrectTime(), $post);
\r
125 if ( $errormessage != '1' )
\r
127 // show error message using default skin for blo
\r
129 'message' => $errormessage,
\r
130 'skinid' => $blog->getDefaultSkin()
\r
135 // redirect when adding comments succeeded
\r
136 if ( postVar('url') )
\r
138 redirect(postVar('url') );
\r
142 $url = LINK::create_item_link($post['itemid']);
\r
150 * ACTION::sendMessage()
\r
151 * Sends a message from the current member to the member given as argument
\r
157 function sendMessage()
\r
159 global $CONF, $member;
\r
161 $error = $this->validateMessage();
\r
163 if ( $error != '' )
\r
165 return array('message' => $error);
\r
168 if ( !$member->isLoggedIn() )
\r
170 $fromMail = postVar('frommail');
\r
171 $fromName = _MMAIL_FROMANON;
\r
175 $fromMail = $member->getEmail();
\r
176 $fromName = $member->getDisplayName();
\r
179 $tomem = new MEMBER();
\r
180 $tomem->readFromId(postVar('memberid') );
\r
182 $message = _MMAIL_MSG . ' ' . $fromName . "\n"
\r
183 . '(' . _MMAIL_FROMNUC. ' ' . $CONF['IndexURL'] .") \n\n"
\r
184 . _MMAIL_MAIL . " \n\n"
\r
185 . postVar('message');
\r
186 $message .= NOTIFICATION::get_mail_footer();
\r
188 $title = _MMAIL_TITLE . ' ' . $fromName;
\r
189 NOTIFICATION::mail($tomem->getEmail(), $title, $message, $fromMail, i18n::get_current_charset());
\r
191 if ( !postVar('url') )
\r
193 $CONF['MemberURL'] = $CONF['IndexURL'];
\r
195 if ( $CONF['URLMode'] == 'pathinfo' )
\r
197 $url = LINK::create_link('member', array('memberid' => $tomem->getID(), 'name' => $tomem->getDisplayName() ) );
\r
201 $url = $CONF['IndexURL'] . LINK::create_member_link($tomem->getID());
\r
207 redirect(postVar('url') );
\r
213 * ACTION::validateMessage()
\r
214 * Checks if a mail to a member is allowed
\r
215 * Returns a string with the error message if the mail is disallowed
\r
218 * @return String Null character string
\r
221 function validateMessage()
\r
223 global $CONF, $member, $manager;
\r
225 if ( !$CONF['AllowMemberMail'] )
\r
227 return _ERROR_MEMBERMAILDISABLED;
\r
230 if ( !$member->isLoggedIn() && !$CONF['NonmemberMail'] )
\r
232 return _ERROR_DISALLOWED;
\r
235 if ( !$member->isLoggedIn() && !NOTIFICATION::address_validation(postVar('frommail')) )
\r
237 return _ERROR_BADMAILADDRESS;
\r
241 * let plugins do verification (any plugin which thinks the comment is
\r
242 * invalid can change 'error' to something other than '')
\r
245 $manager->notify('ValidateForm', array('type' => 'membermail', 'error' => &$result) );
\r
251 * ACTION::createAccount()
\r
252 * Creates a new user account
\r
258 function createAccount()
\r
260 global $CONF, $manager;
\r
262 if ( !$CONF['AllowMemberCreate'] )
\r
264 doError(_ERROR_MEMBERCREATEDISABLED);
\r
267 // evaluate content from FormExtra
\r
269 $data = array('type' => 'membermail', 'error' => &$result);
\r
270 $manager->notify('ValidateForm', $data);
\r
272 if ( $result != 1 )
\r
277 // even though the member can not log in, set some random initial password. One never knows.
\r
278 srand( (double) microtime() * 1000000);
\r
279 $initialPwd = md5(uniqid(rand(), TRUE) );
\r
281 // create member (non admin/can not login/no notes/random string as password)
\r
282 $name = ENTITY::shorten(postVar('name'), 32, '');
\r
283 $r = MEMBER::create($name, postVar('realname'), $initialPwd, postVar('email'), postVar('url'), 0, 0, '');
\r
290 // send message containing password.
\r
291 $newmem = new MEMBER();
\r
292 $newmem->readFromName($name);
\r
293 $newmem->sendActivationLink('register');
\r
295 $manager->notify('PostRegister', array('member' => &$newmem) );
\r
297 if ( postVar('desturl') )
\r
299 redirect(postVar('desturl') );
\r
305 * ACTION::forgotPassword()
\r
306 * Sends a new password
\r
312 function forgotPassword()
\r
314 $membername = trim(postVar('name') );
\r
316 if ( !MEMBER::exists($membername) )
\r
318 doError(_ERROR_NOSUCHMEMBER);
\r
321 $mem = MEMBER::createFromName($membername);
\r
323 // check if e-mail address is correct
\r
324 if ( $mem->getEmail() != postVar('email') )
\r
326 doError(_ERROR_INCORRECTEMAIL);
\r
329 // send activation link
\r
330 $mem->sendActivationLink('forgot');
\r
332 if ( !postVar('url') )
\r
334 echo _MSG_ACTIVATION_SENT;
\r
335 echo '<br /><br />Return to <a href="'.$CONF['IndexURL'].'" title="'.$CONF['SiteName'].'">'.$CONF['SiteName'].'</a>';
\r
339 redirect(postVar('url') );
\r
345 * ACTION::doKarma()
\r
346 * Handle karma votes
\r
348 * @param String $type pos or neg
\r
352 function doKarma($type)
\r
354 global $itemid, $member, $CONF, $manager;
\r
356 // check if itemid exists
\r
357 if ( !$manager->existsItem($itemid, 0, 0) )
\r
359 doError(_ERROR_NOSUCHITEM);
\r
362 $blogid = getBlogIDFromItemID($itemid);
\r
363 $this->checkban($blogid);
\r
365 $karma =& $manager->getKarma($itemid);
\r
367 // check if not already voted
\r
368 if ( !$karma->isVoteAllowed(serverVar('REMOTE_ADDR') ) )
\r
370 doError(_ERROR_VOTEDBEFORE);
\r
373 // check if item does allow voting
\r
374 $item =& $manager->getItem($itemid, 0, 0);
\r
376 if ( $item['closed'] )
\r
378 doError(_ERROR_ITEMCLOSED);
\r
384 $karma->votePositive();
\r
388 $karma->voteNegative();
\r
392 $blog =& $manager->getBlog($blogid);
\r
394 // send email to notification address, if any
\r
395 if ( $blog->getNotifyAddress() && $blog->notifyOnVote() )
\r
397 $message = _NOTIFY_KV_MSG . ' ' . $itemid . "\n";
\r
398 $itemLink = LINK::create_item_link(intval($itemid) );
\r
399 $temp = parse_url($itemLink);
\r
401 if ( !$temp['scheme'] )
\r
403 $itemLink = $CONF['IndexURL'] . $itemLink;
\r
406 $message .= $itemLink . "\n\n";
\r
408 if ( $member->isLoggedIn() )
\r
410 $message .= _NOTIFY_MEMBER . ' ' . $member->getDisplayName() . ' (ID=' . $member->getID() . ")\n";
\r
413 $message .= _NOTIFY_IP . ' ' . serverVar('REMOTE_ADDR') . "\n";
\r
414 $message .= _NOTIFY_HOST . ' ' . gethostbyaddr(serverVar('REMOTE_ADDR')) . "\n";
\r
415 $message .= _NOTIFY_VOTE . "\n " . $type . "\n";
\r
416 $message .= NOTIFICATION::get_mail_footer();
\r
418 $subject = _NOTIFY_KV_TITLE . ' ' . strip_tags($item['title']) . ' (' . $itemid . ')';
\r
420 $from = $member->getNotifyFromMailAddress();
\r
422 NOTIFICATION::mail($blog->getNotifyAddress(), $subject, $message, $from, i18n::get_current_charset());
\r
425 $refererUrl = serverVar('HTTP_REFERER');
\r
427 if ( !$refererUrl )
\r
433 $url = $refererUrl;
\r
441 * ACTION::callPlugin()
\r
442 * Calls a plugin action
\r
448 function callPlugin()
\r
452 $pluginName = 'NP_' . requestVar('name');
\r
453 $actionType = requestVar('type');
\r
455 // 1: check if plugin is installed
\r
456 if ( !$manager->pluginInstalled($pluginName) )
\r
458 doError(_ERROR_NOSUCHPLUGIN);
\r
462 $pluginObject =& $manager->getPlugin($pluginName);
\r
464 if ( !$pluginObject )
\r
466 $error = 'Could not load plugin (see actionlog)';
\r
470 $error = $pluginObject->doAction($actionType);
\r
474 * doAction returns error when:
\r
475 * - an error occurred (duh)
\r
476 * - no actions are allowed (doAction is not implemented)
\r
486 * ACTION::checkban()
\r
487 * Checks if an IP or IP range is banned
\r
489 * @param integer $blogid
\r
493 function checkban($blogid)
\r
496 $ban = BAN::isBanned($blogid, serverVar('REMOTE_ADDR') );
\r
500 doError(_ERROR_BANNED1 . $ban->iprange . _ERROR_BANNED2 . $ban->message . _ERROR_BANNED3);
\r
506 * ACTION::updateTicket()
\r
507 * Gets a new ticket
\r
510 * @return boolean FALSE
\r
513 function updateTicket()
\r
517 if ( !$manager->checkTicket() )
\r
519 echo _ERROR . ':' . _ERROR_BADTICKET;
\r
523 echo $manager->getNewTicket();
\r
529 * ACTION::autoDraft()
\r
530 * Handles AutoSaveDraft
\r
533 * @return boolean FALSE
\r
536 function autoDraft()
\r
540 if ( !$manager->checkTicket() )
\r
542 echo _ERROR . ':' . _ERROR_BADTICKET;
\r
546 $manager->loadClass('ITEM');
\r
547 $info = ITEM::createDraftFromRequest();
\r
549 if ( $info['status'] != 'error' )
\r
551 echo $info['draftid'];
\r
555 echo $info['message'];
\r