OSDN Git Service

a89fa87b8f1ed179173af383a7fb676c1e0c5140
[nucleus-jp/nucleus-jp-ancient.git] / utf8 / nucleus / libs / ACTION.php
1 <?php
2
3 /*
4  * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
5  * Copyright (C) 2002-2007 The Nucleus Group
6  *
7  * This program is free software; you can redistribute it and/or
8  * modify it under the terms of the GNU General Public License
9  * as published by the Free Software Foundation; either version 2
10  * of the License, or (at your option) any later version.
11  * (see nucleus/documentation/index.html#license for more info)
12  */
13 /**
14  * Actions that can be called via action.php
15  *
16  * @license http://nucleuscms.org/license.txt GNU General Public License
17  * @copyright Copyright (C) 2002-2007 The Nucleus Group
18  * @version $Id: ACTION.php,v 1.10 2007-05-31 07:23:39 kimitake Exp $
19  * $NucleusJP: ACTION.php,v 1.9 2007/05/10 08:11:32 kimitake Exp $
20  */
21 class ACTION
22 {
23         /**
24          *  Constructor for an new ACTION object
25          */
26         function ACTION()
27         {
28                 // do nothing
29         }
30
31         /**
32          *  Calls functions that handle an action called from action.php
33          */
34         function doAction($action)
35         {
36                 switch($action) {
37                         case 'autodraft':
38                                 return $this->autoDraft();
39                                 break;
40                         case 'updateticket':
41                                 return $this->updateTicket();
42                                 break;
43                         case 'addcomment':
44                                 return $this->addComment();
45                                 break;
46                         case 'sendmessage':
47                                 return $this->sendMessage();
48                                 break;
49                         case 'createaccount':
50                                 return $this->createAccount();
51                                 break;
52                         case 'forgotpassword':
53                                 return $this->forgotPassword();
54                                 break;
55                         case 'votepositive':
56                                 return $this->doKarma('pos');
57                                 break;
58                         case 'votenegative':
59                                 return $this->doKarma('neg');
60                                 break;
61                         case 'plugin':
62                                 return $this->callPlugin();
63                                 break;
64                         default:
65                                 doError(_ERROR_BADACTION);
66                 }
67         }
68
69         /**
70          *  Adds a new comment to an item (if IP isn't banned)
71          */
72         function addComment() {
73                 global $CONF, $errormessage, $manager;
74
75                 $post['itemid'] =       intPostVar('itemid');
76                 $post['user'] =         postVar('user');
77                 $post['userid'] =       postVar('userid');
78                 $post['email'] =   postVar('email');
79                 $post['body'] =         postVar('body');
80
81                 // set cookies when required
82                 $remember = intPostVar('remember');
83                 if ($remember == 1) {
84                         $lifetime = time()+2592000;
85                         setcookie($CONF['CookiePrefix'] . 'comment_user',$post['user'],$lifetime,'/','',0);
86                         setcookie($CONF['CookiePrefix'] . 'comment_userid', $post['userid'],$lifetime,'/','',0);
87                         setcookie($CONF['CookiePrefix'] . 'comment_email',  $post['email'], $lifetime,'/','',0);
88                 }
89
90                 $comments = new COMMENTS($post['itemid']);
91
92                 $blogid = getBlogIDFromItemID($post['itemid']);
93                 $this->checkban($blogid);
94                 $blog =& $manager->getBlog($blogid);
95
96                 // note: PreAddComment and PostAddComment gets called somewhere inside addComment
97                 $errormessage = $comments->addComment($blog->getCorrectTime(),$post);
98
99                 if ($errormessage == '1') {
100                         // redirect when adding comments succeeded
101                         if (postVar('url')) {
102                                 redirect(postVar('url'));
103                         } else {
104                                 $url = createItemLink($post['itemid']);
105                                 redirect($url);
106                         }
107                 } else {
108                         // else, show error message using default skin for blog
109                         return array(
110                                 'message' => $errormessage,
111                                 'skinid' => $blog->getDefaultSkin()
112                         );
113                 }
114
115                 exit;
116         }
117
118         /**
119          *  Sends a message from the current member to the member given as argument
120          */
121         function sendMessage() {
122                 global $CONF, $member;
123
124                 $error = $this->validateMessage();
125                 if ($error != '')
126                         return array('message' => $error);
127
128                 if (!$member->isLoggedIn()) {
129                         $fromMail = postVar('frommail');
130                         $fromName = _MMAIL_FROMANON;
131                 } else {
132                         $fromMail = $member->getEmail();
133                         $fromName = $member->getDisplayName();
134                 }
135
136                 $tomem = new MEMBER();
137                 $tomem->readFromId(postVar('memberid'));
138
139                 $message  = _MMAIL_MSG . ' ' . $fromName . "\n"
140                           . '(' . _MMAIL_FROMNUC. ' ' . $CONF['IndexURL'] .") \n\n"
141                           . _MMAIL_MAIL . " \n\n"
142                           . postVar('message');
143                 $message .= getMailFooter();
144
145                 $title = _MMAIL_TITLE . ' ' . $fromName;
146                 mb_language('ja');
147                 mb_internal_encoding(_CHARSET);
148                 @mb_send_mail($tomem->getEmail(), $title, $message, "From: ". $fromMail);
149
150                 if (postVar('url')) {
151                         redirect(postVar('url'));
152                 } else {
153                         $CONF['MemberURL'] = $CONF['IndexURL'];
154                         if ($CONF['URLMode'] == 'pathinfo')
155                         {
156                                 $url = createLink('member', array('memberid' => $tomem->getID(), 'name' => $tomem->getDisplayName()));
157                         }
158                         else
159                         {
160                                 $url = $CONF['IndexURL'] . createMemberLink($tomem->getID());
161                         }
162                         redirect($url);
163                 }
164                 exit;
165         }
166
167         /**
168          *  Checks if a mail to a member is allowed
169          *  Returns a string with the error message if the mail is disallowed
170          */
171         function validateMessage() {
172                 global $CONF, $member, $manager;
173
174                 if (!$CONF['AllowMemberMail'])
175                         return _ERROR_MEMBERMAILDISABLED;
176
177                 if (!$member->isLoggedIn() && !$CONF['NonmemberMail'])
178                         return _ERROR_DISALLOWED;
179
180                 if (!$member->isLoggedIn() && (!isValidMailAddress(postVar('frommail'))))
181                         return _ERROR_BADMAILADDRESS;
182
183                 // let plugins do verification (any plugin which thinks the comment is invalid
184                 // can change 'error' to something other than '')
185                 $result = '';
186                 $manager->notify('ValidateForm', array('type' => 'membermail', 'error' => &$result));
187
188                 return $result;
189
190         }
191
192         /**
193          *  Creates a new user account
194          */
195         function createAccount() {
196                 global $CONF, $manager;
197
198                 if (!$CONF['AllowMemberCreate'])
199                         doError(_ERROR_MEMBERCREATEDISABLED);
200
201                 // even though the member can not log in, set some random initial password. One never knows.
202                 srand((double)microtime()*1000000);
203                 $initialPwd = md5(uniqid(rand(), true));
204
205                 // create member (non admin/can not login/no notes/random string as password)
206                 $r = MEMBER::create(postVar('name'), postVar('realname'), $initialPwd, postVar('email'), postVar('url'), 0, 0, '');
207
208                 if ($r != 1)
209                         doError($r);
210
211                 // send message containing password.
212                 $newmem = new MEMBER();
213                 $newmem->readFromName(postVar('name'));
214                 $newmem->sendActivationLink('register');
215
216                 $manager->notify('PostRegister',array('member' => &$newmem));
217
218                 if (postVar('desturl')) {
219                         redirect(postVar('desturl'));
220                 } else {
221                         header ("Content-Type: text/html; charset="._CHARSET);
222                         echo _MSG_ACTIVATION_SENT;
223                 }
224                 exit;
225         }
226
227         /**
228          *  Sends a new password
229          */
230         function forgotPassword() {
231                 $membername = trim(postVar('name'));
232
233                 if (!MEMBER::exists($membername))
234                         doError(_ERROR_NOSUCHMEMBER);
235                 $mem = MEMBER::createFromName($membername);
236
237                 if (!$mem->canLogin())
238                         doError(_ERROR_NOLOGON_NOACTIVATE);
239
240                 // check if e-mail address is correct
241                 if (!($mem->getEmail() == postVar('email')))
242                         doError(_ERROR_INCORRECTEMAIL);
243
244                 // send activation link
245                 $mem->sendActivationLink('forgot');
246
247                 if (postVar('url')) {
248                         redirect(postVar('url'));
249                 } else {
250                         header ("Content-Type: text/html; charset="._CHARSET);
251                         echo _MSG_ACTIVATION_SENT;
252                 }
253                 exit;
254         }
255
256         /**
257          *  Handle karma votes
258          */
259         function doKarma($type) {
260                 global $itemid, $member, $CONF, $manager;
261
262                 // check if itemid exists
263                 if (!$manager->existsItem($itemid,0,0))
264                         doError(_ERROR_NOSUCHITEM);
265
266                 $blogid = getBlogIDFromItemID($itemid);
267                 $this->checkban($blogid);
268
269                 $karma =& $manager->getKarma($itemid);
270
271                 // check if not already voted
272                 if (!$karma->isVoteAllowed(serverVar('REMOTE_ADDR')))
273                         doError(_ERROR_VOTEDBEFORE);
274
275                 // check if item does allow voting
276                 $item =& $manager->getItem($itemid,0,0);
277                 if ($item['closed'])
278                         doError(_ERROR_ITEMCLOSED);
279
280                 switch($type) {
281                         case 'pos':
282                                 $karma->votePositive();
283                                 break;
284                         case 'neg':
285                                 $karma->voteNegative();
286                                 break;
287                 }
288
289                 $blogid = getBlogIDFromItemID($itemid);
290                 $blog =& $manager->getBlog($blogid);
291
292                 // send email to notification address, if any
293                 if ($blog->getNotifyAddress() && $blog->notifyOnVote()) {
294
295                         $mailto_msg = _NOTIFY_KV_MSG . ' ' . $itemid . "\n";
296                         $mailto_msg .= $CONF['IndexURL'] . 'index.php?itemid=' . $itemid . "\n\n";
297                         if ($member->isLoggedIn()) {
298                                 $mailto_msg .= _NOTIFY_MEMBER . ' ' . $member->getDisplayName() . ' (ID=' . $member->getID() . ")\n";
299                         }
300                         $mailto_msg .= _NOTIFY_IP . ' ' . serverVar('REMOTE_ADDR') . "\n";
301                         $mailto_msg .= _NOTIFY_HOST . ' ' .  gethostbyaddr(serverVar('REMOTE_ADDR'))  . "\n";
302                         $mailto_msg .= _NOTIFY_VOTE . "\n " . $type . "\n";
303                         $mailto_msg .= getMailFooter();
304
305                         $mailto_title = _NOTIFY_KV_TITLE . ' ' . strip_tags($item['title']) . ' (' . $itemid . ')';
306
307                         $frommail = $member->getNotifyFromMailAddress();
308
309                         $notify = new NOTIFICATION($blog->getNotifyAddress());
310                         $notify->notify($mailto_title, $mailto_msg , $frommail);
311                 }
312
313
314                 $refererUrl = serverVar('HTTP_REFERER');
315                 if ($refererUrl)
316                         $url = $refererUrl;
317                 else
318                         $url = $CONF['IndexURL'] . 'index.php?itemid=' . $itemid;
319
320                 redirect($url);
321                 exit;
322         }
323
324         /**
325           * Calls a plugin action
326           */
327         function callPlugin() {
328                 global $manager;
329
330                 $pluginName = 'NP_' . requestVar('name');
331                 $actionType = requestVar('type');
332
333                 // 1: check if plugin is installed
334                 if (!$manager->pluginInstalled($pluginName))
335                         doError(_ERROR_NOSUCHPLUGIN);
336
337                 // 2: call plugin
338                 $pluginObject =& $manager->getPlugin($pluginName);
339                 if ($pluginObject)
340                         $error = $pluginObject->doAction($actionType);
341                 else
342                         $error = 'Could not load plugin (see actionlog)';
343
344                 // doAction returns error when:
345                 // - an error occurred (duh)
346                 // - no actions are allowed (doAction is not implemented)
347                 if ($error)
348                         doError($error);
349
350                 exit;
351
352         }
353
354         /**
355          *  Checks if an IP or IP range is banned
356          */
357         function checkban($blogid) {
358                 // check if banned
359                 $ban = BAN::isBanned($blogid, serverVar('REMOTE_ADDR'));
360                 if ($ban != 0) {
361                         doError(_ERROR_BANNED1 . $ban->iprange . _ERROR_BANNED2 . $ban->message . _ERROR_BANNED3);
362                 }
363
364         }
365
366         /**
367          * Gets a new ticket
368          */
369         function updateTicket() {
370                 global $manager;
371                 if ($manager->checkTicket()) {
372                         echo $manager->getNewTicket();
373                 }
374                 else {
375                         echo 'err:' . _ERROR_BADTICKET;
376                 }
377                 return false;
378         }
379
380         /**
381          * Handles AutoSaveDraft
382          */
383         function autoDraft() {
384                 global $manager;
385                 if ($manager->checkTicket()) {
386                         $manager->loadClass('ITEM');
387                         $info = ITEM::CreateDraftFromRequest();
388                         if ($info['status'] == 'error') {
389                                 echo $info['message'];
390                         }
391                         else {
392                                 echo $info['draftid'];
393                         }
394                 }
395                 else {
396                         echo 'err:' . _ERROR_BADTICKET;
397                 }
398                 return false;
399         }
400
401
402 }
403
404 ?>