-<?php
-
-/*
- * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
- * Copyright (C) 2002-2009 The Nucleus Group
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- * (see nucleus/documentation/index.html#license for more info)
- */
-/**
- * Actions that can be called via action.php
- *
- * @license http://nucleuscms.org/license.txt GNU General Public License
- * @copyright Copyright (C) 2002-2009 The Nucleus Group
- * @version $Id: ACTION.php 1646 2012-01-29 10:47:32Z sakamocchi $
- */
-class ACTION
-{
-
- /**
- * Constructor for an new ACTION object
- */
- function ACTION()
- {
- // do nothing
- }
-
-
- /**
- * Calls functions that handle an action called from action.php
- */
- function doAction($action)
- {
- switch($action)
- {
- case 'autodraft':
- return $this->autoDraft();
- break;
-
- case 'updateticket':
- return $this->updateTicket();
- break;
-
- case 'addcomment':
- return $this->addComment();
- break;
-
- case 'sendmessage':
- return $this->sendMessage();
- break;
-
- case 'createaccount':
- return $this->createAccount();
- break;
-
- case 'forgotpassword':
- return $this->forgotPassword();
- break;
-
- case 'votepositive':
- return $this->doKarma('pos');
- break;
-
- case 'votenegative':
- return $this->doKarma('neg');
- break;
-
- case 'plugin':
- return $this->callPlugin();
- break;
-
- default:
- doError(_ERROR_BADACTION);
- break;
- }
- }
-
- /**
- * ACTION::addComment()
- * Adds a new comment to an item (if IP isn't banned)
- *
- * @param Void
- * @return Void
- */
- function addComment()
- {
- global $CONF, $errormessage, $manager;
-
- $post['itemid'] = intPostVar('itemid');
- $post['user'] = postVar('user');
- $post['userid'] = postVar('userid');
- $post['email'] = postVar('email');
- $post['body'] = postVar('body');
- $post['remember'] = intPostVar('remember');
-
- // begin if: "Remember Me" box checked
- if ( $post['remember'] == 1 )
- {
- $lifetime = time() + 2592000;
- setcookie($CONF['CookiePrefix'] . 'comment_user', $post['user'], $lifetime, '/', '', 0);
- setcookie($CONF['CookiePrefix'] . 'comment_userid', $post['userid'], $lifetime, '/', '', 0);
- setcookie($CONF['CookiePrefix'] . 'comment_email', $post['email'], $lifetime, '/', '', 0);
- }
-
- $comments = new COMMENTS($post['itemid']);
-
- $blog_id = getBlogIDFromItemID($post['itemid']);
- $this->checkban($blog_id);
- $blog =& $manager->getBlog($blog_id);
-
- // note: PreAddComment and PostAddComment gets called somewhere inside addComment
- $errormessage = $comments->addComment($blog->getCorrectTime(), $post);
-
- if ( $errormessage == '1' )
- {
- // redirect when adding comments succeeded
- if ( postVar('url') )
- {
- redirect(postVar('url') );
- }
- else
- {
- $url = LINK::create_item_link($post['itemid']);
- redirect($url);
- }
- }
- // else, show error message using default skin for blo
- else
- {
- return array(
- 'message' => $errormessage,
- 'skinid' => $blog->getDefaultSkin()
- );
- }
- exit;
- }
-
- /**
- * ACTION::sendMessage()
- * Sends a message from the current member to the member given as argument
- *
- * @param Void
- * @return Void
- */
- function sendMessage()
- {
- global $CONF, $member;
-
- $error = $this->validateMessage();
-
- if ( $error != '' )
- {
- return array('message' => $error);
- }
-
- if ( !$member->isLoggedIn() )
- {
- $fromMail = postVar('frommail');
- $fromName = _MMAIL_FROMANON;
- }
- else
- {
- $fromMail = $member->getEmail();
- $fromName = $member->getDisplayName();
- }
-
- $tomem = new MEMBER();
- $tomem->readFromId(postVar('memberid') );
-
- $message = _MMAIL_MSG . ' ' . $fromName . "\n"
- . '(' . _MMAIL_FROMNUC. ' ' . $CONF['IndexURL'] .") \n\n"
- . _MMAIL_MAIL . " \n\n"
- . postVar('message');
- $message .= NOTIFICATION::get_mail_footer();
-
- $title = _MMAIL_TITLE . ' ' . $fromName;
- NOTIFICATION::mail($tomem->getEmail(), $title, $message, $fromMail, i18n::get_current_charset());
-
- if ( postVar('url') )
- {
- redirect(postVar('url') );
- }
- else
- {
- $CONF['MemberURL'] = $CONF['IndexURL'];
-
- if ( $CONF['URLMode'] == 'pathinfo' )
- {
- $url = LINK::create_link('member', array('memberid' => $tomem->getID(), 'name' => $tomem->getDisplayName() ) );
- }
- else
- {
- $url = $CONF['IndexURL'] . LINK::create_member_link($tomem->getID());
- }
-
- redirect($url);
- }
- exit;
- }
-
- /**
- * ACTION::validateMessage()
- * Checks if a mail to a member is allowed
- * Returns a string with the error message if the mail is disallowed
- *
- * @param void
- * @return String Null character string
- */
- function validateMessage()
- {
- global $CONF, $member, $manager;
-
- if ( !$CONF['AllowMemberMail'] )
- {
- return _ERROR_MEMBERMAILDISABLED;
- }
-
- if ( !$member->isLoggedIn() && !$CONF['NonmemberMail'] )
- {
- return _ERROR_DISALLOWED;
- }
-
- if ( !$member->isLoggedIn() && !NOTIFICATION::address_validation(postVar('frommail')) )
- {
- return _ERROR_BADMAILADDRESS;
- }
-
- // let plugins do verification (any plugin which thinks the comment is invalid
- // can change 'error' to something other than '')
- $result = '';
- $manager->notify('ValidateForm', array('type' => 'membermail', 'error' => &$result) );
-
- return $result;
- }
-
- /**
- * ACTION::createAccount()
- * Creates a new user account
- *
- * @param Void
- * @return Mixed
- */
- function createAccount()
- {
- global $CONF, $manager;
-
- if ( !$CONF['AllowMemberCreate'] )
- {
- doError(_ERROR_MEMBERCREATEDISABLED);
- }
-
- // evaluate content from FormExtra
- $result = 1;
- $data = array('type' => 'membermail', 'error' => &$result);
- $manager->notify('ValidateForm', $data);
-
- if ( $result != 1 )
- {
- return $result;
- }
-
- // even though the member can not log in, set some random initial password. One never knows.
- srand( (double) microtime() * 1000000);
- $initialPwd = md5(uniqid(rand(), TRUE) );
-
- // create member (non admin/can not login/no notes/random string as password)
- $name = ENTITY::shorten(postVar('name'), 32, '');
- $r = MEMBER::create($name, postVar('realname'), $initialPwd, postVar('email'), postVar('url'), 0, 0, '');
-
- if ( $r != 1 )
- {
- return $r;
- }
-
- // send message containing password.
- $newmem = new MEMBER();
- $newmem->readFromName($name);
- $newmem->sendActivationLink('register');
-
- $manager->notify('PostRegister', array('member' => &$newmem) );
-
- if ( postVar('desturl') )
- {
- redirect(postVar('desturl') );
- }
- else
- {
- echo _MSG_ACTIVATION_SENT;
- echo '<br /><br />Return to <a href="'.$CONF['IndexURL'].'" title="'.$CONF['SiteName'].'">'.$CONF['SiteName'].'</a>';
- echo "\n</body>\n</html>";
- }
-
- exit;
- }
-
-
- /**
- * Sends a new password
- */
- function forgotPassword()
- {
- $membername = trim(postVar('name') );
-
- if ( !MEMBER::exists($membername) )
- {
- doError(_ERROR_NOSUCHMEMBER);
- }
-
- $mem = MEMBER::createFromName($membername);
-
- /* below keeps regular users from resetting passwords using forgot password feature
- Removing for now until clear why it is required.*/
- /*if (!$mem->canLogin())
- doError(_ERROR_NOLOGON_NOACTIVATE);*/
-
- // check if e-mail address is correct
- if ( !($mem->getEmail() == postVar('email') ) )
- {
- doError(_ERROR_INCORRECTEMAIL);
- }
-
- // send activation link
- $mem->sendActivationLink('forgot');
-
- if ( postVar('url') )
- {
- redirect(postVar('url') );
- }
- else
- {
- echo _MSG_ACTIVATION_SENT;
- echo '<br /><br />Return to <a href="'.$CONF['IndexURL'].'" title="'.$CONF['SiteName'].'">'.$CONF['SiteName'].'</a>';
- }
-
- exit;
- }
-
-
- /**
- * ACTION::doKarma()
- * Handle karma votes
- *
- * @param String $type pos or neg
- * @return Void
- */
- function doKarma($type)
- {
- global $itemid, $member, $CONF, $manager;
-
- // check if itemid exists
- if ( !$manager->existsItem($itemid, 0, 0) )
- {
- doError(_ERROR_NOSUCHITEM);
- }
-
- $blogid = getBlogIDFromItemID($itemid);
- $this->checkban($blogid);
-
- $karma =& $manager->getKarma($itemid);
-
- // check if not already voted
- if ( !$karma->isVoteAllowed(serverVar('REMOTE_ADDR') ) )
- {
- doError(_ERROR_VOTEDBEFORE);
- }
-
- // check if item does allow voting
- $item =& $manager->getItem($itemid, 0, 0);
-
- if ( $item['closed'] )
- {
- doError(_ERROR_ITEMCLOSED);
- }
-
- switch ( $type )
- {
- case 'pos':
- $karma->votePositive();
- break;
-
- case 'neg':
- $karma->voteNegative();
- break;
- }
-
- $blog =& $manager->getBlog($blogid);
-
- // send email to notification address, if any
- if ( $blog->getNotifyAddress() && $blog->notifyOnVote() )
- {
- $message = _NOTIFY_KV_MSG . ' ' . $itemid . "\n";
- $itemLink = LINK::create_item_link(intval($itemid) );
- $temp = parse_url($itemLink);
-
- if ( !$temp['scheme'] )
- {
- $itemLink = $CONF['IndexURL'] . $itemLink;
- }
-
- $message .= $itemLink . "\n\n";
-
- if ( $member->isLoggedIn() )
- {
- $message .= _NOTIFY_MEMBER . ' ' . $member->getDisplayName() . ' (ID=' . $member->getID() . ")\n";
- }
-
- $message .= _NOTIFY_IP . ' ' . serverVar('REMOTE_ADDR') . "\n";
- $message .= _NOTIFY_HOST . ' ' . gethostbyaddr(serverVar('REMOTE_ADDR')) . "\n";
- $message .= _NOTIFY_VOTE . "\n " . $type . "\n";
- $message .= NOTIFICATION::get_mail_footer();
-
- $subject = _NOTIFY_KV_TITLE . ' ' . strip_tags($item['title']) . ' (' . $itemid . ')';
-
- $from = $member->getNotifyFromMailAddress();
-
- NOTIFICATION::mail($blog->getNotifyAddress(), $subject, $message, $from, i18n::get_current_charset());
- }
-
- $refererUrl = serverVar('HTTP_REFERER');
-
- if ( $refererUrl )
- {
- $url = $refererUrl;
- }
- else
- {
- $url = $itemLink;
- }
-
- redirect($url);
- exit;
- }
-
-
- /**
- * Calls a plugin action
- */
- function callPlugin()
- {
- global $manager;
-
- $pluginName = 'NP_' . requestVar('name');
- $actionType = requestVar('type');
-
- // 1: check if plugin is installed
- if ( !$manager->pluginInstalled($pluginName) )
- {
- doError(_ERROR_NOSUCHPLUGIN);
- }
-
- // 2: call plugin
- $pluginObject =& $manager->getPlugin($pluginName);
-
- if ( $pluginObject )
- {
- $error = $pluginObject->doAction($actionType);
- }
- else
- {
- $error = 'Could not load plugin (see actionlog)';
- }
-
- // doAction returns error when:
- // - an error occurred (duh)
- // - no actions are allowed (doAction is not implemented)
- if ( $error )
- {
- doError($error);
- }
-
- exit;
-
- }
-
-
- /**
- * Checks if an IP or IP range is banned
- */
- function checkban($blogid)
- {
- // check if banned
- $ban = BAN::isBanned($blogid, serverVar('REMOTE_ADDR') );
-
- if ( $ban != 0 )
- {
- doError(_ERROR_BANNED1 . $ban->iprange . _ERROR_BANNED2 . $ban->message . _ERROR_BANNED3);
- }
-
- }
-
-
- /**
- * Gets a new ticket
- */
- function updateTicket()
- {
- global $manager;
-
- if ( $manager->checkTicket() )
- {
- echo $manager->getNewTicket();
- }
- else
- {
- echo _ERROR . ':' . _ERROR_BADTICKET;
- }
-
- return FALSE;
- }
-
-
- /**
- * Handles AutoSaveDraft
- */
- function autoDraft()
- {
- global $manager;
-
- if ( $manager->checkTicket() )
- {
- $manager->loadClass('ITEM');
- $info = ITEM::createDraftFromRequest();
-
- if ( $info['status'] == 'error' )
- {
- echo $info['message'];
- }
- else
- {
- echo $info['draftid'];
- }
- }
- else
- {
- echo _ERROR . ':' . _ERROR_BADTICKET;
- }
-
- return FALSE;
- }
-
-}
-
+<?php\r
+\r
+/*\r
+ * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)\r
+ * Copyright (C) 2002-2009 The Nucleus Group\r
+ *\r
+ * This program is free software; you can redistribute it and/or\r
+ * modify it under the terms of the GNU General Public License\r
+ * as published by the Free Software Foundation; either version 2\r
+ * of the License, or (at your option) any later version.\r
+ * (see nucleus/documentation/index.html#license for more info)\r
+ */\r
+/**\r
+ * Actions that can be called via action.php\r
+ *\r
+ * @license http://nucleuscms.org/license.txt GNU General Public License\r
+ * @copyright Copyright (C) 2002-2009 The Nucleus Group\r
+ * @version $Id: ACTION.php 1646 2012-01-29 10:47:32Z sakamocchi $\r
+ */\r
+class Action\r
+{\r
+ /**\r
+ * Action::__construct()\r
+ * Constructor for an new ACTION object\r
+ * \r
+ * @param void\r
+ * @return void\r
+ */\r
+ public function __construct()\r
+ {\r
+ return;\r
+ }\r
+ \r
+ /**\r
+ * Action::doAction()\r
+ * Calls functions that handle an action called from action.php\r
+ * \r
+ * @param string $action action type\r
+ * @return mixed\r
+ */\r
+ public function doAction($action)\r
+ {\r
+ switch ( $action )\r
+ {\r
+ case 'autodraft':\r
+ return $this->autoDraft();\r
+ break;\r
+ case 'updateticket':\r
+ return $this->updateTicket();\r
+ break;\r
+ case 'addcomment':\r
+ return $this->addComment();\r
+ break;\r
+ case 'sendmessage':\r
+ return $this->sendMessage();\r
+ break;\r
+ case 'createaccount':\r
+ return $this->createAccount();\r
+ break;\r
+ case 'forgotpassword':\r
+ return $this->forgotPassword();\r
+ break;\r
+ case 'votepositive':\r
+ return $this->doKarma('pos');\r
+ break;\r
+ case 'votenegative':\r
+ return $this->doKarma('neg');\r
+ break;\r
+ case 'plugin':\r
+ return $this->callPlugin();\r
+ break;\r
+ default:\r
+ doError(_ERROR_BADACTION);\r
+ break;\r
+ }\r
+ return;\r
+ }\r
+ \r
+ /**\r
+ * Action::addComment()\r
+ * Adds a new comment to an item (if IP isn't banned)\r
+ * \r
+ * @param void\r
+ * @return void\r
+ */\r
+ private function addComment()\r
+ {\r
+ global $CONF, $errormessage, $manager;\r
+ \r
+ $post['itemid'] = intPostVar('itemid');\r
+ $post['user'] = postVar('user');\r
+ $post['userid'] = postVar('userid');\r
+ $post['email'] = postVar('email');\r
+ $post['body'] = postVar('body');\r
+ $post['remember'] = intPostVar('remember');\r
+ \r
+ // begin if: "Remember Me" box checked\r
+ if ( $post['remember'] == 1 )\r
+ {\r
+ $lifetime = time() + 2592000;\r
+ setcookie($CONF['CookiePrefix'] . 'comment_user', $post['user'], $lifetime, '/', '', 0);\r
+ setcookie($CONF['CookiePrefix'] . 'comment_userid', $post['userid'], $lifetime, '/', '', 0);\r
+ setcookie($CONF['CookiePrefix'] . 'comment_email', $post['email'], $lifetime, '/', '', 0);\r
+ }\r
+ \r
+ $item =& $manager->getItem($post['itemid'], 0, 0);\r
+ $this->checkban($item['blogid']);\r
+ $blog =& $manager->getBlog($item['blogid']);\r
+ \r
+ // note: PreAddComment and PostAddComment gets called somewhere inside addComment\r
+ $comments = new Comments($post['itemid']);\r
+ $errormessage = $comments->addComment($blog->getCorrectTime(), $post);\r
+ \r
+ if ( $errormessage != '1' )\r
+ {\r
+ // show error message using default skin for blo\r
+ return array(\r
+ 'message' => $errormessage,\r
+ 'skinid' => $blog->getDefaultSkin()\r
+ );\r
+ }\r
+ else\r
+ {\r
+ // redirect when adding comments succeeded\r
+ if ( postVar('url') )\r
+ {\r
+ redirect(postVar('url') );\r
+ }\r
+ else\r
+ {\r
+ $url = Link::create_item_link($post['itemid']);\r
+ redirect($url);\r
+ }\r
+ }\r
+ return;\r
+ }\r
+ \r
+ /**\r
+ * Action::sendMessage()\r
+ * Sends a message from the current member to the member given as argument\r
+ * \r
+ * @param void\r
+ * @return void\r
+ */\r
+ private function sendMessage()\r
+ {\r
+ global $CONF, $member;\r
+ \r
+ $error = $this->validateMessage();\r
+ \r
+ if ( $error != '' )\r
+ {\r
+ return array('message' => $error);\r
+ }\r
+ \r
+ if ( !$member->isLoggedIn() )\r
+ {\r
+ $fromMail = postVar('frommail');\r
+ $fromName = _MMAIL_FROMANON;\r
+ }\r
+ else\r
+ {\r
+ $fromMail = $member->getEmail();\r
+ $fromName = $member->getDisplayName();\r
+ }\r
+ \r
+ /* TODO: validation */\r
+ $memberid = postVar('memberid');\r
+ $tomem = new Member();\r
+ $tomem->readFromId($memberid);\r
+ \r
+ /* TODO: validation */\r
+ $message = postVar('message');\r
+ $message = _MMAIL_MSG . ' ' . $fromName . "\n"\r
+ . '(' . _MMAIL_FROMNUC. ' ' . $CONF['IndexURL'] .") \n\n"\r
+ . _MMAIL_MAIL . " \n\n"\r
+ . $message;\r
+ $message .= Notification::get_mail_footer();\r
+ \r
+ $title = _MMAIL_TITLE . ' ' . $fromName;\r
+ Notification::mail($tomem->getEmail(), $title, $message, $fromMail, i18n::get_current_charset());\r
+ \r
+ /* TODO: validation */\r
+ $url = postVar('url');\r
+ if ( empty($url) )\r
+ {\r
+ $CONF['MemberURL'] = $CONF['IndexURL'];\r
+ \r
+ if ( $CONF['URLMode'] == 'pathinfo' )\r
+ {\r
+ $data = array(\r
+ 'memberid' => $tomem->getID(),\r
+ 'name' => $tomem->getDisplayName()\r
+ );\r
+ $url = Link::create_link('member', $data);\r
+ }\r
+ else\r
+ {\r
+ $url = $CONF['IndexURL'] . Link::create_member_link($tomem->getID());\r
+ }\r
+ }\r
+ redirect($url );\r
+ \r
+ return;\r
+ }\r
+ \r
+ /**\r
+ * Action::validateMessage()\r
+ * Checks if a mail to a member is allowed\r
+ * Returns a string with the error message if the mail is disallowed\r
+ * \r
+ * @param void\r
+ * @return String Null character string\r
+ */\r
+ private function validateMessage()\r
+ {\r
+ global $CONF, $member, $manager;\r
+ \r
+ if ( !$CONF['AllowMemberMail'] )\r
+ {\r
+ return _ERROR_MEMBERMAILDISABLED;\r
+ }\r
+ \r
+ if ( !$member->isLoggedIn() && !$CONF['NonmemberMail'] )\r
+ {\r
+ return _ERROR_DISALLOWED;\r
+ }\r
+ \r
+ if ( !$member->isLoggedIn() && !Notification::address_validation(postVar('frommail')) )\r
+ {\r
+ return _ERROR_BADMAILADDRESS;\r
+ }\r
+ \r
+ /*\r
+ * let plugins do verification (any plugin which thinks the comment is\r
+ * invalid can change 'error' to something other than '')\r
+ */\r
+ $result = '';\r
+ $data = array(\r
+ 'type' => 'membermail',\r
+ 'error' => &$result\r
+ );\r
+ $manager->notify('ValidateForm', $data);\r
+ \r
+ return $result;\r
+ }\r
+ \r
+ /**\r
+ * Action::createAccount()\r
+ * Creates a new user account\r
+ * \r
+ * @param void\r
+ * @return mixed\r
+ */\r
+ private function createAccount()\r
+ {\r
+ global $CONF, $manager;\r
+ \r
+ if ( array_key_exists('AllowMemberCreate', $CONF) && !$CONF['AllowMemberCreate'] )\r
+ {\r
+ doError(_ERROR_MEMBERCREATEDISABLED);\r
+ }\r
+ \r
+ // evaluate content from FormExtra\r
+ $result = 1;\r
+ $data = array(\r
+ 'type' => 'membermail',\r
+ 'error' => &$result\r
+ );\r
+ $manager->notify('ValidateForm', $data);\r
+ \r
+ if ( $result != 1 )\r
+ {\r
+ return $result;\r
+ }\r
+ \r
+ // even though the member can not log in, set some random initial password. One never knows.\r
+ srand((double) microtime() * 1000000);\r
+ $initialPwd = md5(uniqid(rand(), TRUE) );\r
+ \r
+ // create member (non admin/can not login/no notes/random string as password)\r
+ $name = Entity::shorten(postVar('name'), 32, '');\r
+ $relname = postVar('realname');\r
+ $email = postVar('email');\r
+ $url = postVar('url');\r
+ \r
+ $r = Member::create($name, $realname, $initialPwd, $email, $url, 0, 0, '');\r
+ \r
+ if ( $r != 1 )\r
+ {\r
+ return $r;\r
+ }\r
+ \r
+ // send message containing password.\r
+ $newmem = new Member();\r
+ $newmem->readFromName($name);\r
+ $newmem->sendActivationLink('register');\r
+ \r
+ $manager->notify('PostRegister', array('member' => &$newmem) );\r
+ \r
+ if ( postVar('desturl') )\r
+ {\r
+ redirect(postVar('desturl') );\r
+ }\r
+ \r
+ return 1;\r
+ }\r
+ \r
+ /**\r
+ * Action::forgotPassword()\r
+ * Sends a new password\r
+ * \r
+ * @param void\r
+ * @return void\r
+ */\r
+ private function forgotPassword()\r
+ {\r
+ $membername = trim(postVar('name') );\r
+ \r
+ if ( !Member::exists($membername) )\r
+ {\r
+ doError(_ERROR_NOSUCHMEMBER);\r
+ }\r
+ \r
+ $mem = Member::createFromName($membername);\r
+ \r
+ // check if e-mail address is correct\r
+ $email = postVar('email');\r
+ if ( $mem->getEmail() != $email )\r
+ {\r
+ doError(_ERROR_INCORRECTEMAIL);\r
+ }\r
+ \r
+ // send activation link\r
+ $mem->sendActivationLink('forgot');\r
+ \r
+ // redirection\r
+ $url = postVar('url');\r
+ if ( !empty($url) )\r
+ {\r
+ redirect(postVar('url') );\r
+ }\r
+ else\r
+ {\r
+ echo _MSG_ACTIVATION_SENT;\r
+ echo "<br />"\r
+ . "<br />"\r
+ . "Return to <a href=\"{$CONF['IndexURL']}\" title=\"{$CONF['SiteName']}\">{$CONF['SiteName']}</a>\n";\r
+ }\r
+ \r
+ return;\r
+ }\r
+ \r
+ /**\r
+ * Action::doKarma()\r
+ * Handle karma votes\r
+ * \r
+ * @param string $type pos or neg\r
+ * @return Void\r
+ */\r
+ private function doKarma($type)\r
+ {\r
+ global $itemid, $member, $CONF, $manager;\r
+ \r
+ // check if itemid exists\r
+ if ( !$manager->existsItem($itemid, 0, 0) )\r
+ {\r
+ doError(_ERROR_NOSUCHITEM);\r
+ }\r
+ \r
+ $item =& $manager->getItem($itemid, 0, 0);\r
+ $this->checkban($item['blogid']);\r
+ \r
+ $karma =& $manager->getKarma($itemid);\r
+ \r
+ // check if not already voted\r
+ if ( !$karma->isVoteAllowed(serverVar('REMOTE_ADDR') ) )\r
+ {\r
+ doError(_ERROR_VOTEDBEFORE);\r
+ }\r
+ \r
+ // check if item does allow voting\r
+ $item =& $manager->getItem($itemid, 0, 0);\r
+ \r
+ if ( $item['closed'] )\r
+ {\r
+ doError(_ERROR_ITEMCLOSED);\r
+ }\r
+ \r
+ switch ( $type )\r
+ {\r
+ case 'pos':\r
+ $karma->votePositive();\r
+ break;\r
+ \r
+ case 'neg':\r
+ $karma->voteNegative();\r
+ break;\r
+ }\r
+ \r
+ $blog =& $manager->getBlog($blogid);\r
+ \r
+ // send email to notification address, if any\r
+ if ( $blog->getNotifyAddress() && $blog->notifyOnVote() )\r
+ {\r
+ $message = _NOTIFY_KV_MSG . ' ' . $itemid . "\n";\r
+ $itemLink = Link::create_item_link((integer)$itemid);\r
+ $temp = parse_url($itemLink);\r
+ \r
+ if ( !$temp['scheme'] )\r
+ {\r
+ $itemLink = $CONF['IndexURL'] . $itemLink;\r
+ }\r
+ \r
+ $message .= $itemLink . "\n\n";\r
+ \r
+ if ( $member->isLoggedIn() )\r
+ {\r
+ $message .= _NOTIFY_MEMBER . ' ' . $member->getDisplayName() . ' (ID=' . $member->getID() . ")\n";\r
+ }\r
+ \r
+ $message .= _NOTIFY_IP . ' ' . serverVar('REMOTE_ADDR') . "\n";\r
+ $message .= _NOTIFY_HOST . ' ' . gethostbyaddr(serverVar('REMOTE_ADDR')) . "\n";\r
+ $message .= _NOTIFY_VOTE . "\n " . $type . "\n";\r
+ $message .= Notification::get_mail_footer();\r
+ \r
+ $subject = _NOTIFY_KV_TITLE . ' ' . strip_tags($item['title']) . ' (' . $itemid . ')';\r
+ \r
+ $from = $member->getNotifyFromMailAddress();\r
+ \r
+ Notification::mail($blog->getNotifyAddress(), $subject, $message, $from, i18n::get_current_charset());\r
+ }\r
+ \r
+ $refererUrl = serverVar('HTTP_REFERER');\r
+ \r
+ if ( !$refererUrl )\r
+ {\r
+ $url = $itemLink;\r
+ }\r
+ else\r
+ {\r
+ $url = $refererUrl;\r
+ }\r
+ \r
+ redirect($url);\r
+ return;\r
+ }\r
+ \r
+ /**\r
+ * Action::callPlugin()\r
+ * Calls a plugin action\r
+ * \r
+ * @param void\r
+ * @return void\r
+ */\r
+ private function callPlugin()\r
+ {\r
+ global $manager;\r
+ \r
+ $name = requestVar('name');\r
+ $pluginName = "NP_{$name}";\r
+ $actionType = requestVar('type');\r
+ \r
+ // 1: check if plugin is installed\r
+ if ( !$manager->pluginInstalled($pluginName) )\r
+ {\r
+ doError(_ERROR_NOSUCHPLUGIN);\r
+ }\r
+ \r
+ // 2: call plugin\r
+ $pluginObject =& $manager->getPlugin($pluginName);\r
+ if ( !$pluginObject )\r
+ {\r
+ $error = 'Could not load plugin (see actionlog)';\r
+ }\r
+ else\r
+ {\r
+ $error = $pluginObject->doAction($actionType);\r
+ }\r
+ \r
+ /*\r
+ * doAction returns error when:\r
+ * - an error occurred (duh)\r
+ * - no actions are allowed (doAction is not implemented)\r
+ */\r
+ if ( $error )\r
+ {\r
+ doError($error);\r
+ }\r
+ \r
+ return;\r
+ }\r
+ \r
+ /**\r
+ * Action::checkban()\r
+ * Checks if an IP or IP range is banned\r
+ * \r
+ * @param integer $blogid\r
+ * @return void\r
+ */\r
+ private function checkban($blogid)\r
+ {\r
+ // check if banned\r
+ $ban = Ban::isBanned($blogid, serverVar('REMOTE_ADDR') );\r
+ \r
+ if ( $ban != 0 )\r
+ {\r
+ doError(_ERROR_BANNED1 . $ban->iprange . _ERROR_BANNED2 . $ban->message . _ERROR_BANNED3);\r
+ }\r
+ \r
+ return;\r
+ }\r
+ \r
+ /**\r
+ * Action::updateTicket()\r
+ * Gets a new ticket\r
+ * \r
+ * @param void\r
+ * @return boolean FALSE\r
+ */\r
+ private function updateTicket()\r
+ {\r
+ global $manager;\r
+ \r
+ if ( !$manager->checkTicket() )\r
+ {\r
+ echo _ERROR . ':' . _ERROR_BADTICKET;\r
+ }\r
+ else\r
+ {\r
+ echo $manager->getNewTicket();\r
+ }\r
+ \r
+ return FALSE;\r
+ }\r
+ \r
+ /**\r
+ * Action::autoDraft()\r
+ * Handles AutoSaveDraft\r
+ * \r
+ * @param void\r
+ * @return boolean FALSE\r
+ */\r
+ private function autoDraft()\r
+ {\r
+ global $manager;\r
+ \r
+ if ( !$manager->checkTicket() )\r
+ {\r
+ echo _ERROR . ':' . _ERROR_BADTICKET;\r
+ }\r
+ else\r
+ {\r
+ $manager->loadClass('ITEM');\r
+ $info = Item::createDraftFromRequest();\r
+ \r
+ if ( $info['status'] != 'error' )\r
+ {\r
+ echo $info['draftid'];\r
+ }\r
+ else\r
+ {\r
+ echo $info['message'];\r
+ }\r
+ }\r
+ \r
+ return FALSE;\r
+ }\r
+}\r
+\r
OSDN Git Service
