autoDraft();
break;
case 'updateticket':
return $this->updateTicket();
break;
case 'addcomment':
return $this->addComment();
break;
case 'sendmessage':
return $this->sendMessage();
break;
case 'createaccount':
return $this->createAccount();
break;
case 'forgotpassword':
return $this->forgotPassword();
break;
case 'votepositive':
return $this->doKarma('pos');
break;
case 'votenegative':
return $this->doKarma('neg');
break;
case 'plugin':
return $this->callPlugin();
break;
default:
doError(_ERROR_BADACTION);
break;
}
}
/**
* Adds a new comment to an item (if IP isn't banned)
*/
function addComment()
{
global $CONF, $errormessage, $manager;
$post['itemid'] = intPostVar('itemid');
$post['user'] = postVar('user');
$post['userid'] = postVar('userid');
$post['email'] = postVar('email');
$post['body'] = postVar('body');
$post['remember'] = intPostVar('remember');
// set cookies when required
#$remember = intPostVar('remember');
// begin if: "Remember Me" box checked
if ( $post['remember'] == 1 )
{
$lifetime = time() + 2592000;
setcookie($CONF['CookiePrefix'] . 'comment_user', $post['user'], $lifetime, '/', '', 0);
setcookie($CONF['CookiePrefix'] . 'comment_userid', $post['userid'], $lifetime, '/', '', 0);
setcookie($CONF['CookiePrefix'] . 'comment_email', $post['email'], $lifetime, '/', '', 0);
} // end if
$comments = new COMMENTS($post['itemid']);
$blog_id = getBlogIDFromItemID($post['itemid']);
$this->checkban($blog_id);
$blog =& $manager->getBlog($blog_id);
// note: PreAddComment and PostAddComment gets called somewhere inside addComment
$errormessage = $comments->addComment($blog->getCorrectTime(), $post);
// begin if:
if ( $errormessage == '1' )
{
// redirect when adding comments succeeded
if ( postVar('url') )
{
redirect(postVar('url') );
}
else
{
$url = createItemLink($post['itemid']);
redirect($url);
} // end if
}
// else, show error message using default skin for blo
else
{
return array(
'message' => $errormessage,
'skinid' => $blog->getDefaultSkin()
);
} // end if
exit;
}
/**
* Sends a message from the current member to the member given as argument
*/
function sendMessage()
{
global $CONF, $member;
$error = $this->validateMessage();
if ( $error != '' )
{
return array('message' => $error);
}
if ( !$member->isLoggedIn() )
{
$fromMail = postVar('frommail');
$fromName = _MMAIL_FROMANON;
}
else
{
$fromMail = $member->getEmail();
$fromName = $member->getDisplayName();
}
$tomem = new MEMBER();
$tomem->readFromId(postVar('memberid') );
$message = _MMAIL_MSG . ' ' . $fromName . "\n"
. '(' . _MMAIL_FROMNUC. ' ' . $CONF['IndexURL'] .") \n\n"
. _MMAIL_MAIL . " \n\n"
. postVar('message');
$message .= getMailFooter();
$title = _MMAIL_TITLE . ' ' . $fromName;
i18n::mail($tomem->getEmail(), $title, $message, $fromMail);
if ( postVar('url') )
{
redirect(postVar('url') );
}
else
{
$CONF['MemberURL'] = $CONF['IndexURL'];
if ( $CONF['URLMode'] == 'pathinfo' )
{
$url = createLink('member', array('memberid' => $tomem->getID(), 'name' => $tomem->getDisplayName() ) );
}
else
{
$url = $CONF['IndexURL'] . createMemberLink($tomem->getID());
}
redirect($url);
}
exit;
}
/**
* Checks if a mail to a member is allowed
* Returns a string with the error message if the mail is disallowed
*/
function validateMessage()
{
global $CONF, $member, $manager;
if ( !$CONF['AllowMemberMail'] )
{
return _ERROR_MEMBERMAILDISABLED;
}
if ( !$member->isLoggedIn() && !$CONF['NonmemberMail'] )
{
return _ERROR_DISALLOWED;
}
if ( !$member->isLoggedIn() && (!isValidMailAddress(postVar('frommail') ) ) )
{
return _ERROR_BADMAILADDRESS;
}
// let plugins do verification (any plugin which thinks the comment is invalid
// can change 'error' to something other than '')
$result = '';
$manager->notify('ValidateForm', array('type' => 'membermail', 'error' => &$result) );
return $result;
}
/**
* Creates a new user account
*/
function createAccount()
{
global $CONF, $manager;
if ( !$CONF['AllowMemberCreate'] )
{
doError(_ERROR_MEMBERCREATEDISABLED);
}
// evaluate content from FormExtra
$result = 1;
$data = array('type' => 'membermail', 'error' => &$result);
$manager->notify('ValidateForm', &$data);
if ( $result != 1 )
{
return $result;
}
else
{
// even though the member can not log in, set some random initial password. One never knows.
srand( (double) microtime() * 1000000);
$initialPwd = md5(uniqid(rand(), TRUE) );
// create member (non admin/can not login/no notes/random string as password)
$name = shorten(postVar('name'), 32, '');
$r = MEMBER::create($name, postVar('realname'), $initialPwd, postVar('email'), postVar('url'), 0, 0, '');
if ( $r != 1 )
{
return $r;
}
// send message containing password.
$newmem = new MEMBER();
$newmem->readFromName($name);
$newmem->sendActivationLink('register');
$manager->notify('PostRegister', array('member' => &$newmem) );
if ( postVar('desturl') )
{
redirect(postVar('desturl') );
}
else
{
echo _MSG_ACTIVATION_SENT;
echo '
Return to '.$CONF['SiteName'].'';
echo "\n