*\r
* File containing actions that can be performed by visitors of the site,\r
* like adding comments, etc...\r
- *\r
- * $Id: action.php,v 1.1 2005-02-28 07:13:48 kimitake Exp $\r
*/\r
\r
$CONF = array();\r
include('./config.php'); // common functions\r
-include_once($DIR_LIBS . 'ACTION.php');\r
\r
$action = requestVar('action');\r
+switch($action) {\r
+ case 'addcomment':\r
+ addComment();\r
+ break;\r
+ case 'sendmessage':\r
+ sendMessage();\r
+ break;\r
+ case 'createaccount':\r
+ createAccount();\r
+ break; \r
+ case 'forgotpassword':\r
+ forgotPassword();\r
+ break;\r
+ case 'votepositive':\r
+ doKarma('pos');\r
+ break;\r
+ case 'votenegative':\r
+ doKarma('neg');\r
+ break;\r
+ case 'plugin':\r
+ callPlugin();\r
+ break;\r
+ default:\r
+ doError(_ERROR_BADACTION);\r
+}\r
+\r
+function addComment() {\r
+ global $CONF, $errormessage, $manager;\r
+ \r
+ $post['itemid'] = intPostVar('itemid');\r
+ $post['user'] = postVar('user');\r
+ $post['userid'] = postVar('userid');\r
+ $post['body'] = postVar('body');\r
+ \r
+ \r
+ // set cookies when required\r
+ $remember = intPostVar('remember');\r
+ if ($remember == 1) {\r
+ $lifetime = time()+2592000;\r
+ setcookie('comment_user',$post['user'],$lifetime,'/','',0);\r
+ setcookie('comment_userid', $post['userid'],$lifetime,'/','',0);\r
+ }\r
+\r
+ $comments = new COMMENTS($post['itemid']);\r
+\r
+ $blogid = getBlogIDFromItemID($post['itemid']);\r
+ checkban($blogid);\r
+ $blog =& $manager->getBlog($blogid);\r
+\r
+ // note: PreAddComment and PostAddComment gets called somewhere inside addComment\r
+ $errormessage = $comments->addComment($blog->getCorrectTime(),$post);\r
+ \r
+ if ($errormessage == '1') { \r
+ // redirect when adding comments succeeded\r
+ if (postVar('url')) {\r
+ redirect(postVar('url'));\r
+ } else {\r
+ $url = createItemLink($post['itemid']);\r
+ redirect($url);\r
+ }\r
+ } else {\r
+ // else, show error message using default skin for blog\r
+ doError($errormessage, new SKIN($blog->getDefaultSkin()));\r
+ }\r
+}\r
+\r
+// Sends a message from the current member to the member given as argument\r
+function sendMessage() {\r
+ global $CONF, $member;\r
+ \r
+ $error = validateMessage();\r
+ if ($error != '')\r
+ doError($error);\r
+ \r
+ if (!$member->isLoggedIn()) {\r
+ $fromMail = postVar('frommail');\r
+ if (!isValidMailAddress($fromMail))\r
+ doError(_ERROR_BADMAILADDRESS);\r
+ $fromName = _MMAIL_FROMANON;\r
+ } else {\r
+ $fromMail = $member->getEmail();\r
+ $fromName = $member->getDisplayName();\r
+ }\r
+ \r
+ $tomem = new MEMBER();\r
+ $tomem->readFromId(postVar('memberid'));\r
+\r
+ $message = _MMAIL_MSG . ' ' . $fromName . "\n"\r
+ . '(' . _MMAIL_FROMNUC. ' ' . $CONF['IndexURL'] .") \n\n"\r
+ . _MMAIL_MAIL . " \n\n"\r
+ . postVar('message');\r
+ $message .= getMailFooter();\r
+\r
+ $title = _MMAIL_TITLE . ' ' . $fromName;\r
+// mail($tomem->getEmail(), $title, $message, 'From: '. $fromMail);\r
+ mb_language('ja');\r
+ mb_internal_encoding(_CHARSET);\r
+ @mb_send_mail($tomem->getEmail(), $title, $message, "From: ". $fromMail);\r
+\r
+ if (postVar('url')) {\r
+ redirect(postVar('url'));\r
+ } else {\r
+ $CONF['MemberURL'] = $CONF['IndexURL'];\r
+ if ($CONF['URLMode'] == 'pathinfo')\r
+ $url = createMemberLink($tomem->getID());\r
+ else\r
+ $url = $CONF['IndexURL'] . createMemberLink($tomem->getID());\r
+ redirect($url);\r
+ }\r
+\r
+}\r
+\r
+ function validateMessage() {\r
+ global $CONF, $member, $manager;\r
+\r
+ if (!$CONF['AllowMemberMail']) \r
+ return _ERROR_MEMBERMAILDISABLED;\r
+\r
+ if (!$member->isLoggedIn() && !$CONF['NonmemberMail'])\r
+ return _ERROR_DISALLOWED;\r
+\r
+ if (!$member->isLoggedIn() && (!isValidMailAddress(postVar('frommail'))))\r
+ return _ERROR_BADMAILADDRESS;\r
+ \r
+ // let plugins do verification (any plugin which thinks the comment is invalid\r
+ // can change 'error' to something other than '')\r
+ $result = '';\r
+ $manager->notify('ValidateForm', array('type' => 'membermail', 'error' => &$result));\r
+ \r
+ return $result;\r
+ \r
+ }\r
+\r
+\r
+// creates a new user account\r
+function createAccount() {\r
+ global $CONF, $manager;\r
+ \r
+ if (!$CONF['AllowMemberCreate']) \r
+ doError(_ERROR_MEMBERCREATEDISABLED);\r
+\r
+ // create random password\r
+ $pw = genPassword(10);\r
+ // create member (non admin/can login/no notes)\r
+ $r = MEMBER::create(postVar('name'), postVar('realname'), $pw, postVar('email'), postVar('url'), 0, $CONF['NewMemberCanLogon'], '');\r
+ if ($r != 1)\r
+ doError($r);\r
+ // send message containing password.\r
+ $newmem = new MEMBER();\r
+ $newmem->readFromName(postVar('name'));\r
+ $newmem->sendPassword($pw);\r
\r
-$a =& new ACTION();\r
-$errorInfo = $a->doAction($action);\r
+ $manager->notify('PostRegister',array('member' => &$newmem)); \r
\r
-if ($errorInfo)\r
-{\r
- doError($errorInfo['message'], new SKIN($errorInfo['skinid'])); \r
+ if (postVar('desturl')) {\r
+ redirect(postVar('desturl'));\r
+ } else {\r
+ echo _MSG_ACCOUNTCREATED;\r
+ }\r
}\r
\r
-?>
\ No newline at end of file
+// sends a new password \r
+function forgotPassword() {\r
+ $membername = trim(postVar('name'));\r
+ \r
+ if (!MEMBER::exists($membername))\r
+ doError(_ERROR_NOSUCHMEMBER);\r
+ $mem = MEMBER::createFromName($membername);\r
+ \r
+ // check if e-mail address is correct\r
+ if (!($mem->getEmail() == postVar('email')))\r
+ doError(_ERROR_INCORRECTEMAIL);\r
+ \r
+ $pw = genPassword(10);\r
+ $mem->setPassword($pw); // change password\r
+ $mem->write(); // save\r
+ $mem->sendPassword($pw);// send\r
+ \r
+ if (postVar('url')) {\r
+ redirect(postVar('url'));\r
+ } else {\r
+ echo _MSG_PASSWORDSENT;\r
+ }\r
+}\r
+\r
+// handle karma votes\r
+function doKarma($type) {\r
+ global $itemid, $member, $CONF, $manager;\r
+\r
+ // check if itemid exists\r
+ if (!$manager->existsItem($itemid,0,0)) \r
+ doError(_ERROR_NOSUCHITEM);\r
+\r
+ $blogid = getBlogIDFromItemID($itemid);\r
+ checkban($blogid); \r
+ \r
+ $karma =& $manager->getKarma($itemid);\r
+ \r
+ // check if not already voted\r
+ if (!$karma->isVoteAllowed(serverVar('REMOTE_ADDR'))) \r
+ doError(_ERROR_VOTEDBEFORE); \r
+ \r
+ // check if item does allow voting\r
+ $item =& $manager->getItem($itemid,0,0);\r
+ if ($item['closed'])\r
+ doError(_ERROR_ITEMCLOSED);\r
+ \r
+ switch($type) {\r
+ case 'pos': \r
+ $karma->votePositive();\r
+ break;\r
+ case 'neg':\r
+ $karma->voteNegative();\r
+ break;\r
+ }\r
+ \r
+ $blogid = getBlogIDFromItemID($itemid);\r
+ $blog =& $manager->getBlog($blogid);\r
+ \r
+ // send email to notification address, if any\r
+ if ($blog->getNotifyAddress() && $blog->notifyOnVote()) {\r
+\r
+ $mailto_msg = _NOTIFY_KV_MSG . ' ' . $itemid . "\n";\r
+ $mailto_msg .= $CONF['IndexURL'] . 'index.php?itemid=' . $itemid . "\n\n";\r
+ if ($member->isLoggedIn()) {\r
+ $mailto_msg .= _NOTIFY_MEMBER . ' ' . $member->getDisplayName() . ' (ID=' . $member->getID() . ")\n";\r
+ }\r
+ $mailto_msg .= _NOTIFY_IP . ' ' . serverVar('REMOTE_ADDR') . "\n";\r
+ $mailto_msg .= _NOTIFY_HOST . ' ' . gethostbyaddr(serverVar('REMOTE_ADDR')) . "\n";\r
+ $mailto_msg .= _NOTIFY_VOTE . "\n " . $type . "\n";\r
+ $mailto_msg .= getMailFooter();\r
+\r
+ $mailto_title = _NOTIFY_KV_TITLE . ' ' . strip_tags($item['title']) . ' (' . $itemid . ')';\r
+\r
+ $frommail = $member->getNotifyFromMailAddress();\r
+\r
+ $notify = new NOTIFICATION($blog->getNotifyAddress());\r
+ $notify->notify($mailto_title, $mailto_msg , $frommail);\r
+ }\r
+ \r
+ \r
+ $refererUrl = serverVar('HTTP_REFERER');\r
+ if ($refererUrl)\r
+ $url = $refererUrl;\r
+ else\r
+ $url = $CONF['IndexURL'] . 'index.php?itemid=' . $itemid;\r
+\r
+ redirect($url); \r
+}\r
+\r
+/**\r
+ * Calls a plugin action\r
+ */\r
+function callPlugin() {\r
+ global $manager;\r
+ \r
+ $pluginName = 'NP_' . requestVar('name');\r
+ $actionType = requestVar('type');\r
+ \r
+ // 1: check if plugin is installed\r
+ if (!$manager->pluginInstalled($pluginName))\r
+ doError(_ERROR_NOSUCHPLUGIN);\r
+ \r
+ // 2: call plugin\r
+ $pluginObject =& $manager->getPlugin($pluginName);\r
+ if ($pluginObject)\r
+ $error = $pluginObject->doAction($actionType);\r
+ else\r
+ $error = 'Could not load plugin (see actionlog)';\r
+ \r
+ // doAction returns error when:\r
+ // - an error occurred (duh)\r
+ // - no actions are allowed (doAction is not implemented)\r
+ if ($error)\r
+ doError($error);\r
+ \r
+}\r
+\r
+function checkban($blogid) {\r
+ // check if banned\r
+ $ban = BAN::isBanned($blogid, serverVar('REMOTE_ADDR'));\r
+ if ($ban != 0) {\r
+ doError(_ERROR_BANNED1 . $ban->iprange . _ERROR_BANNED2 . $ban->message . _ERROR_BANNED3);\r
+ }\r
+\r
+}\r
+\r
+\r
+\r
+?>\r