merged 3.2 original code

[nucleus-jp/nucleus-jp-ancient.git] / utf8 / nucleus / libs / ACTION.php
diff --git a/utf8/nucleus/libs/ACTION.php b/utf8/nucleus/libs/ACTION.php

index ddbdc7d..1d5cadd 100755 (executable)
--- a/utf8/nucleus/libs/ACTION.php
+++ b/utf8/nucleus/libs/ACTION.php
@@ -1,331 +1,334 @@
-<?php
-
-/**
-  * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/) 
-  * Copyright (C) 2002-2004 The Nucleus Group
-  *
-  * This program is free software; you can redistribute it and/or
-  * modify it under the terms of the GNU General Public License
-  * as published by the Free Software Foundation; either version 2
-  * of the License, or (at your option) any later version.
-  * (see nucleus/documentation/index.html#license for more info)
-  *
-  * Actions that can be called via action.php
-  *
-  * $Id: ACTION.php,v 1.1.1.1 2005-02-28 07:14:43 kimitake Exp $
-  */
-class ACTION
-{
-       function ACTION()
-       {
-       
-       }
-       
-       function doAction($action) 
-       {
-               switch($action) {
-                       case 'addcomment':
-                               return $this->addComment();
-                               break;
-                       case 'sendmessage':
-                               return $this->sendMessage();
-                               break;
-                       case 'createaccount':
-                               return $this->createAccount();
-                               break;          
-                       case 'forgotpassword':
-                               return $this->forgotPassword();
-                               break;
-                       case 'votepositive':
-                               return $this->doKarma('pos');
-                               break;
-                       case 'votenegative':
-                               return $this->doKarma('neg');
-                               break;
-                       case 'plugin':
-                               return $this->callPlugin();
-                               break;
-                       default:
-                               doError(_ERROR_BADACTION);
-               }
-       }
-       
-       function addComment() {
-               global $CONF, $errormessage, $manager;
-
-               $post['itemid'] =       intPostVar('itemid');
-               $post['user'] =         postVar('user');
-               $post['userid'] =       postVar('userid');
-               $post['body'] =         postVar('body');
-
-               // set cookies when required
-               $remember = intPostVar('remember');
-               if ($remember == 1) {
-                       $lifetime = time()+2592000;
-                       setcookie($CONF['CookiePrefix'] . 'comment_user',$post['user'],$lifetime,'/','',0);
-                       setcookie($CONF['CookiePrefix'] . 'comment_userid', $post['userid'],$lifetime,'/','',0);
-               }
-
-               $comments = new COMMENTS($post['itemid']);
-
-               $blogid = getBlogIDFromItemID($post['itemid']);
-               $this->checkban($blogid);
-               $blog =& $manager->getBlog($blogid);
-
-               // note: PreAddComment and PostAddComment gets called somewhere inside addComment
-               $errormessage = $comments->addComment($blog->getCorrectTime(),$post);
-
-               if ($errormessage == '1') {             
-                       // redirect when adding comments succeeded
-                       if (postVar('url')) {
+<?php\r
+\r
+/**\r
+  * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/) \r
+  * Copyright (C) 2002-2005 The Nucleus Group\r
+  *\r
+  * This program is free software; you can redistribute it and/or\r
+  * modify it under the terms of the GNU General Public License\r
+  * as published by the Free Software Foundation; either version 2\r
+  * of the License, or (at your option) any later version.\r
+  * (see nucleus/documentation/index.html#license for more info)\r
+  *\r
+  * Actions that can be called via action.php\r
+  *\r
+  * $Id: ACTION.php,v 1.2 2005-03-12 06:19:04 kimitake Exp $\r
+  * $NucleusJP$\r
+  */\r
+class ACTION\r
+{\r
+       function ACTION()\r
+       {\r
+       \r
+       }\r
+       \r
+       function doAction($action) \r
+       {\r
+               switch($action) {\r
+                       case 'addcomment':\r
+                               return $this->addComment();\r
+                               break;\r
+                       case 'sendmessage':\r
+                               return $this->sendMessage();\r
+                               break;\r
+                       case 'createaccount':\r
+                               return $this->createAccount();\r
+                               break;          \r
+                       case 'forgotpassword':\r
+                               return $this->forgotPassword();\r
+                               break;\r
+                       case 'votepositive':\r
+                               return $this->doKarma('pos');\r
+                               break;\r
+                       case 'votenegative':\r
+                               return $this->doKarma('neg');\r
+                               break;\r
+                       case 'plugin':\r
+                               return $this->callPlugin();\r
+                               break;\r
+                       default:\r
+                               doError(_ERROR_BADACTION);\r
+               }\r
+       }\r
+       \r
+       function addComment() {\r
+               global $CONF, $errormessage, $manager;\r
+\r
+               $post['itemid'] =       intPostVar('itemid');\r
+               $post['user'] =         postVar('user');\r
+               $post['userid'] =       postVar('userid');\r
+               $post['body'] =         postVar('body');\r
+\r
+               // set cookies when required\r
+               $remember = intPostVar('remember');\r
+               if ($remember == 1) {\r
+                       $lifetime = time()+2592000;\r
+                       setcookie($CONF['CookiePrefix'] . 'comment_user',$post['user'],$lifetime,'/','',0);\r
+                       setcookie($CONF['CookiePrefix'] . 'comment_userid', $post['userid'],$lifetime,'/','',0);\r
+               }\r
+\r
+               $comments = new COMMENTS($post['itemid']);\r
+\r
+               $blogid = getBlogIDFromItemID($post['itemid']);\r
+               $this->checkban($blogid);\r
+               $blog =& $manager->getBlog($blogid);\r
+\r
+               // note: PreAddComment and PostAddComment gets called somewhere inside addComment\r
+               $errormessage = $comments->addComment($blog->getCorrectTime(),$post);\r
+\r
+               if ($errormessage == '1') {             \r
+                       // redirect when adding comments succeeded\r
+                       if (postVar('url')) {\r
                                 redirect(postVar('url'));\r
                         } else {\r
                                 $url = $CONF['IndexURL'] . createItemLink($post['itemid']);\r
-                               redirect($url);
-                       }
-               } else {
-                       // else, show error message using default skin for blog
-                       return array(
-                               'message' => $errormessage,
-                               'skinid' => $blog->getDefaultSkin()
-                       );
-               }
-               
-               exit;
-       }
-
-       // Sends a message from the current member to the member given as argument
-       function sendMessage() {
-               global $CONF, $member;
-
-               $error = $this->validateMessage();
-               if ($error != '')
-                       return array('message' => $error);
-
-               if (!$member->isLoggedIn()) {
-                       $fromMail = postVar('frommail');
-                       $fromName = _MMAIL_FROMANON;
-               } else {
-                       $fromMail = $member->getEmail();
-                       $fromName = $member->getDisplayName();
-               }
-
-               $tomem = new MEMBER();
-               $tomem->readFromId(postVar('memberid'));
-
-               $message  = _MMAIL_MSG . ' ' . $fromName . "\n"
-                         . '(' . _MMAIL_FROMNUC. ' ' . $CONF['IndexURL'] .") \n\n"
-                         . _MMAIL_MAIL . " \n\n"
-                         . postVar('message');
-               $message .= getMailFooter();
-
-               $title = _MMAIL_TITLE . ' ' . $fromName;
-               @mb_language('ja');
-               mb_internal_encoding(_CHARSET);
-               @mb_send_mail($tomem->getEmail(), $title, $message, "From: ". $fromMail);
-
-               if (postVar('url')) {
-                       redirect(postVar('url'));
-               } else {
-                       $CONF['MemberURL'] = $CONF['IndexURL'];
-                       if ($CONF['URLMode'] == 'pathinfo')
-                               $url = createMemberLink($tomem->getID());
-                       else
-                               $url = $CONF['IndexURL'] . createMemberLink($tomem->getID());
-                       redirect($url);
-               }
-               
-               exit;
-
-       }
-       
-       function validateMessage() {
-               global $CONF, $member, $manager;
-
-               if (!$CONF['AllowMemberMail']) 
-                       return _ERROR_MEMBERMAILDISABLED;
-
-               if (!$member->isLoggedIn() && !$CONF['NonmemberMail'])
-                       return _ERROR_DISALLOWED;
-
-               if (!$member->isLoggedIn() && (!isValidMailAddress(postVar('frommail'))))
-                       return _ERROR_BADMAILADDRESS;
-                       
-               // let plugins do verification (any plugin which thinks the comment is invalid
-               // can change 'error' to something other than '')
-               $result = '';
-               $manager->notify('ValidateForm', array('type' => 'membermail', 'error' => &$result));
-               
-               return $result;
-               
-       }
-
-       // creates a new user account
-       function createAccount() {
-               global $CONF, $manager;
-
-               if (!$CONF['AllowMemberCreate']) 
-                       doError(_ERROR_MEMBERCREATEDISABLED);
-
-               // even though the member can not log in, set some random initial password. One never knows.
-               srand((double)microtime()*1000000);
-               $initialPwd = md5(uniqid(rand(), true));
-
-               // create member (non admin/can not login/no notes/random string as password)
-               $r = MEMBER::create(postVar('name'), postVar('realname'), $initialPwd, postVar('email'), postVar('url'), 0, 0, '');
-               
-               if ($r != 1)
-                       doError($r);
-                       
-               // send message containing password.
-               $newmem = new MEMBER();
-               $newmem->readFromName(postVar('name'));
-               $newmem->sendActivationLink('register');
-
-               $manager->notify('PostRegister',array('member' => &$newmem));           
-
-               if (postVar('desturl')) {
-                       redirect(postVar('desturl'));
-               } else {
-                       echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n"._MSG_ACTIVATION_SENT;
-               }
-               
-               exit;
-       }
-
-       // sends a new password 
-       function forgotPassword() {
-               $membername = trim(postVar('name'));
-
-               if (!MEMBER::exists($membername))
-                       doError(_ERROR_NOSUCHMEMBER);
-               $mem = MEMBER::createFromName($membername);
-
-               if (!$mem->canLogin())
-                       doError(_ERROR_NOLOGON_NOACTIVATE);
-
-               // check if e-mail address is correct
-               if (!($mem->getEmail() == postVar('email')))
-                       doError(_ERROR_INCORRECTEMAIL);
-
-               // send activation link
-               $mem->sendActivationLink('forgot');
-
-               if (postVar('url')) {
-                       redirect(postVar('url'));
-               } else {
-                       echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n"._MSG_ACTIVATION_SENT;
-               }
-               
-               exit;
-       }
-
-       // handle karma votes
-       function doKarma($type) {
-               global $itemid, $member, $CONF, $manager;
-
-               // check if itemid exists
-               if (!$manager->existsItem($itemid,0,0)) 
-                       doError(_ERROR_NOSUCHITEM);
-
-               $blogid = getBlogIDFromItemID($itemid);
-               $this->checkban($blogid);       
-
-               $karma =& $manager->getKarma($itemid);
-
-               // check if not already voted
-               if (!$karma->isVoteAllowed(serverVar('REMOTE_ADDR'))) 
-                       doError(_ERROR_VOTEDBEFORE);            
-
-               // check if item does allow voting
-               $item =& $manager->getItem($itemid,0,0);
-               if ($item['closed'])
-                       doError(_ERROR_ITEMCLOSED);
-
-               switch($type) {
-                       case 'pos': 
-                               $karma->votePositive();
-                               break;
-                       case 'neg':
-                               $karma->voteNegative();
-                               break;
-               }
-
-               $blogid = getBlogIDFromItemID($itemid);
-               $blog =& $manager->getBlog($blogid);
-
-               // send email to notification address, if any
-               if ($blog->getNotifyAddress() && $blog->notifyOnVote()) {
-
-                       $mailto_msg = _NOTIFY_KV_MSG . ' ' . $itemid . "\n";
-                       $mailto_msg .= $CONF['IndexURL'] . 'index.php?itemid=' . $itemid . "\n\n";
-                       if ($member->isLoggedIn()) {
-                               $mailto_msg .= _NOTIFY_MEMBER . ' ' . $member->getDisplayName() . ' (ID=' . $member->getID() . ")\n";
-                       }
-                       $mailto_msg .= _NOTIFY_IP . ' ' . serverVar('REMOTE_ADDR') . "\n";
-                       $mailto_msg .= _NOTIFY_HOST . ' ' .  gethostbyaddr(serverVar('REMOTE_ADDR'))  . "\n";
-                       $mailto_msg .= _NOTIFY_VOTE . "\n " . $type . "\n";
-                       $mailto_msg .= getMailFooter();
-
-                       $mailto_title = _NOTIFY_KV_TITLE . ' ' . strip_tags($item['title']) . ' (' . $itemid . ')';
-
-                       $frommail = $member->getNotifyFromMailAddress();
-
-                       $notify = new NOTIFICATION($blog->getNotifyAddress());
-                       $notify->notify($mailto_title, $mailto_msg , $frommail);
-               }
-
-
-               $refererUrl = serverVar('HTTP_REFERER');
-               if ($refererUrl)
-                       $url = $refererUrl;
-               else
-                       $url = $CONF['IndexURL'] . 'index.php?itemid=' . $itemid;
-
-               redirect($url); 
-               exit;
-       }
-
-       /**
-         * Calls a plugin action
-         */
-       function callPlugin() {
-               global $manager;
-
-               $pluginName = 'NP_' . requestVar('name');
-               $actionType = requestVar('type');
-
-               // 1: check if plugin is installed
-               if (!$manager->pluginInstalled($pluginName))
-                       doError(_ERROR_NOSUCHPLUGIN);
-
-               // 2: call plugin
-               $pluginObject =& $manager->getPlugin($pluginName);
-               if ($pluginObject)
-                       $error = $pluginObject->doAction($actionType);
-               else
-                       $error = 'Could not load plugin (see actionlog)';
-
-               // doAction returns error when:
-               // - an error occurred (duh)
-               // - no actions are allowed (doAction is not implemented)
-               if ($error)
-                       doError($error);
-                       
-               exit;
-
-       }
-
-       function checkban($blogid) {
-               // check if banned
-               $ban = BAN::isBanned($blogid, serverVar('REMOTE_ADDR'));
-               if ($ban != 0) {
-                       doError(_ERROR_BANNED1 . $ban->iprange . _ERROR_BANNED2 . $ban->message . _ERROR_BANNED3);
-               }
-
-       }
-
-
-}
-
-?>
-\ No newline at end of file
+                               redirect($url);\r
+                       }\r
+               } else {\r
+                       // else, show error message using default skin for blog\r
+                       return array(\r
+                               'message' => $errormessage,\r
+                               'skinid' => $blog->getDefaultSkin()\r
+                       );\r
+               }\r
+               \r
+               exit;\r
+       }\r
+\r
+       // Sends a message from the current member to the member given as argument\r
+       function sendMessage() {\r
+               global $CONF, $member;\r
+\r
+               $error = $this->validateMessage();\r
+               if ($error != '')\r
+                       return array('message' => $error);\r
+\r
+               if (!$member->isLoggedIn()) {\r
+                       $fromMail = postVar('frommail');\r
+                       $fromName = _MMAIL_FROMANON;\r
+               } else {\r
+                       $fromMail = $member->getEmail();\r
+                       $fromName = $member->getDisplayName();\r
+               }\r
+\r
+               $tomem = new MEMBER();\r
+               $tomem->readFromId(postVar('memberid'));\r
+\r
+               $message  = _MMAIL_MSG . ' ' . $fromName . "\n"\r
+                         . '(' . _MMAIL_FROMNUC. ' ' . $CONF['IndexURL'] .") \n\n"\r
+                         . _MMAIL_MAIL . " \n\n"\r
+                         . postVar('message');\r
+               $message .= getMailFooter();\r
+\r
+               $title = _MMAIL_TITLE . ' ' . $fromName;\r
+               mb_language('ja');\r
+               mb_internal_encoding(_CHARSET);\r
+               @mb_send_mail($tomem->getEmail(), $title, $message, "From: ". $fromMail);\r
+\r
+               if (postVar('url')) {\r
+                       redirect(postVar('url'));\r
+               } else {\r
+                       $CONF['MemberURL'] = $CONF['IndexURL'];\r
+                       if ($CONF['URLMode'] == 'pathinfo')\r
+                               $url = createMemberLink($tomem->getID());\r
+                       else\r
+                               $url = $CONF['IndexURL'] . createMemberLink($tomem->getID());\r
+                       redirect($url);\r
+               }\r
+               \r
+               exit;\r
+\r
+       }\r
+       \r
+       function validateMessage() {\r
+               global $CONF, $member, $manager;\r
+\r
+               if (!$CONF['AllowMemberMail']) \r
+                       return _ERROR_MEMBERMAILDISABLED;\r
+\r
+               if (!$member->isLoggedIn() && !$CONF['NonmemberMail'])\r
+                       return _ERROR_DISALLOWED;\r
+\r
+               if (!$member->isLoggedIn() && (!isValidMailAddress(postVar('frommail'))))\r
+                       return _ERROR_BADMAILADDRESS;\r
+                       \r
+               // let plugins do verification (any plugin which thinks the comment is invalid\r
+               // can change 'error' to something other than '')\r
+               $result = '';\r
+               $manager->notify('ValidateForm', array('type' => 'membermail', 'error' => &$result));\r
+               \r
+               return $result;\r
+               \r
+       }\r
+\r
+       // creates a new user account\r
+       function createAccount() {\r
+               global $CONF, $manager;\r
+\r
+               if (!$CONF['AllowMemberCreate']) \r
+                       doError(_ERROR_MEMBERCREATEDISABLED);\r
+\r
+               // even though the member can not log in, set some random initial password. One never knows.\r
+               srand((double)microtime()*1000000);\r
+               $initialPwd = md5(uniqid(rand(), true));\r
+\r
+               // create member (non admin/can not login/no notes/random string as password)\r
+               $r = MEMBER::create(postVar('name'), postVar('realname'), $initialPwd, postVar('email'), postVar('url'), 0, 0, '');\r
+               \r
+               if ($r != 1)\r
+                       doError($r);\r
+                       \r
+               // send message containing password.\r
+               $newmem = new MEMBER();\r
+               $newmem->readFromName(postVar('name'));\r
+               $newmem->sendActivationLink('register');\r
+\r
+               $manager->notify('PostRegister',array('member' => &$newmem));           \r
+\r
+               if (postVar('desturl')) {\r
+                       redirect(postVar('desturl'));\r
+               } else {\r
+                       header ("Content-Type: text/html; charset="._CHARSET);\r
+                       echo _MSG_ACTIVATION_SENT;\r
+               }\r
+               \r
+               exit;\r
+       }\r
+\r
+       // sends a new password \r
+       function forgotPassword() {\r
+               $membername = trim(postVar('name'));\r
+\r
+               if (!MEMBER::exists($membername))\r
+                       doError(_ERROR_NOSUCHMEMBER);\r
+               $mem = MEMBER::createFromName($membername);\r
+\r
+               if (!$mem->canLogin())\r
+                       doError(_ERROR_NOLOGON_NOACTIVATE);\r
+\r
+               // check if e-mail address is correct\r
+               if (!($mem->getEmail() == postVar('email')))\r
+                       doError(_ERROR_INCORRECTEMAIL);\r
+\r
+               // send activation link\r
+               $mem->sendActivationLink('forgot');\r
+\r
+               if (postVar('url')) {\r
+                       redirect(postVar('url'));\r
+               } else {\r
+                       header ("Content-Type: text/html; charset="._CHARSET);\r
+                       echo _MSG_ACTIVATION_SENT;\r
+               }\r
+               \r
+               exit;\r
+       }\r
+\r
+       // handle karma votes\r
+       function doKarma($type) {\r
+               global $itemid, $member, $CONF, $manager;\r
+\r
+               // check if itemid exists\r
+               if (!$manager->existsItem($itemid,0,0)) \r
+                       doError(_ERROR_NOSUCHITEM);\r
+\r
+               $blogid = getBlogIDFromItemID($itemid);\r
+               $this->checkban($blogid);       \r
+\r
+               $karma =& $manager->getKarma($itemid);\r
+\r
+               // check if not already voted\r
+               if (!$karma->isVoteAllowed(serverVar('REMOTE_ADDR'))) \r
+                       doError(_ERROR_VOTEDBEFORE);            \r
+\r
+               // check if item does allow voting\r
+               $item =& $manager->getItem($itemid,0,0);\r
+               if ($item['closed'])\r
+                       doError(_ERROR_ITEMCLOSED);\r
+\r
+               switch($type) {\r
+                       case 'pos': \r
+                               $karma->votePositive();\r
+                               break;\r
+                       case 'neg':\r
+                               $karma->voteNegative();\r
+                               break;\r
+               }\r
+\r
+               $blogid = getBlogIDFromItemID($itemid);\r
+               $blog =& $manager->getBlog($blogid);\r
+\r
+               // send email to notification address, if any\r
+               if ($blog->getNotifyAddress() && $blog->notifyOnVote()) {\r
+\r
+                       $mailto_msg = _NOTIFY_KV_MSG . ' ' . $itemid . "\n";\r
+                       $mailto_msg .= $CONF['IndexURL'] . 'index.php?itemid=' . $itemid . "\n\n";\r
+                       if ($member->isLoggedIn()) {\r
+                               $mailto_msg .= _NOTIFY_MEMBER . ' ' . $member->getDisplayName() . ' (ID=' . $member->getID() . ")\n";\r
+                       }\r
+                       $mailto_msg .= _NOTIFY_IP . ' ' . serverVar('REMOTE_ADDR') . "\n";\r
+                       $mailto_msg .= _NOTIFY_HOST . ' ' .  gethostbyaddr(serverVar('REMOTE_ADDR'))  . "\n";\r
+                       $mailto_msg .= _NOTIFY_VOTE . "\n " . $type . "\n";\r
+                       $mailto_msg .= getMailFooter();\r
+\r
+                       $mailto_title = _NOTIFY_KV_TITLE . ' ' . strip_tags($item['title']) . ' (' . $itemid . ')';\r
+\r
+                       $frommail = $member->getNotifyFromMailAddress();\r
+\r
+                       $notify = new NOTIFICATION($blog->getNotifyAddress());\r
+                       $notify->notify($mailto_title, $mailto_msg , $frommail);\r
+               }\r
+\r
+\r
+               $refererUrl = serverVar('HTTP_REFERER');\r
+               if ($refererUrl)\r
+                       $url = $refererUrl;\r
+               else\r
+                       $url = $CONF['IndexURL'] . 'index.php?itemid=' . $itemid;\r
+\r
+               redirect($url); \r
+               exit;\r
+       }\r
+\r
+       /**\r
+         * Calls a plugin action\r
+         */\r
+       function callPlugin() {\r
+               global $manager;\r
+\r
+               $pluginName = 'NP_' . requestVar('name');\r
+               $actionType = requestVar('type');\r
+\r
+               // 1: check if plugin is installed\r
+               if (!$manager->pluginInstalled($pluginName))\r
+                       doError(_ERROR_NOSUCHPLUGIN);\r
+\r
+               // 2: call plugin\r
+               $pluginObject =& $manager->getPlugin($pluginName);\r
+               if ($pluginObject)\r
+                       $error = $pluginObject->doAction($actionType);\r
+               else\r
+                       $error = 'Could not load plugin (see actionlog)';\r
+\r
+               // doAction returns error when:\r
+               // - an error occurred (duh)\r
+               // - no actions are allowed (doAction is not implemented)\r
+               if ($error)\r
+                       doError($error);\r
+                       \r
+               exit;\r
+\r
+       }\r
+\r
+       function checkban($blogid) {\r
+               // check if banned\r
+               $ban = BAN::isBanned($blogid, serverVar('REMOTE_ADDR'));\r
+               if ($ban != 0) {\r
+                       doError(_ERROR_BANNED1 . $ban->iprange . _ERROR_BANNED2 . $ban->message . _ERROR_BANNED3);\r
+               }\r
+\r
+       }\r
+\r
+\r
+}\r
+\r
+?>\r