-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathplugin.php
More file actions
271 lines (225 loc) · 11.1 KB
/
plugin.php
File metadata and controls
271 lines (225 loc) · 11.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
<?php
// Shouts/plugin.php
// Allows members to leave short comments on other member profiles.
if (!defined("IN_ESO")) exit;
class Shouts extends Plugin {
var $id = "Shouts";
var $name = "Shouts";
var $version = "1.2";
var $description = "Allows members to leave short comments on other member profiles";
var $author = "eso";
var $limit = 50;
function init()
{
parent::init();
// Language definitions.
$this->eso->addLanguage("Shouts", "Shouts");
$this->eso->addLanguage("Shout it", "Shout it!");
$this->eso->addLanguage("Type a shout here", "Type a shout here...");
$this->eso->addLanguage("viewMoreShouts", "Your search found more than " . ($this->limit) . " shouts.");
$this->eso->addLanguage("confirmDeleteShout", "Are you sure you want to delete this shout?");
$this->eso->addLanguage("emailOnNewShout", "Email me when someone adds a shout to my profile");
$this->eso->addLanguage(array("emails", "newShout", "subject"), "%s, someone shouted on your profile");
$this->eso->addLanguage(array("emails", "newShout", "body"), "%s, %s has added a shout to your profile!\n\nTo view the new activity, check out the following link:\n%s");
$this->eso->addLanguageToJS("confirmDiscard");
// If we're on the profile view, initiate all the shout stuff.
if ($this->eso->action == "profile") {
$this->eso->controller->addHook("init", array($this, "addShoutsSection"));
$this->eso->controller->addHook("ajax", array($this, "ajax"));
$this->eso->addScript("plugins/Shouts/shouts.js");
$this->eso->addCSS("plugins/Shouts/shouts.css");
$this->eso->addLanguageToJS("confirmDeleteShout");
}
// If we're on the settings view, add the shouts settings!
if ($this->eso->action == "settings") {
$this->eso->controller->addHook("init", array($this, "addShoutsSettings"));
}
}
// Add an "email me when someone adds a shout to my profile" checkbox to the settings page.
function addShoutsSettings(&$settings)
{
global $language;
if (!isset($this->eso->user["emailOnNewShout"])) $_SESSION["emailOnNewShout"] = $this->eso->user["emailOnNewShout"] = 0;
$settings->addToForm("settingsOther", array(
"id" => "emailOnNewShout",
"html" => "<label for='emailOnNewShout' class='checkbox'>{$language["emailOnNewShout"]}</label> <input id='emailOnNewShout' type='checkbox' class='checkbox' name='emailOnNewShout' value='1' " . ($this->eso->user["emailOnNewShout"] ? "checked='checked' " : "") . "/>",
"databaseField" => "emailOnNewShout",
"checkbox" => true,
"required" => true
), 400);
}
// Add the shouts section to the profile view.
function addShoutsSection(&$controller)
{
global $language;
$this->member =& $controller->member;
// Do we need to add or delete a shout?
if (isset($_POST["shoutSubmit"]) and $this->eso->validateToken(@$_POST["token"]))
$this->addShout(@$_POST["shoutContent"]);
if (isset($_GET["deleteShout"]) and $this->eso->validateToken(@$_GET["token"]) and $shoutId = (int)$_GET["deleteShout"])
$this->deleteShout($shoutId);
// Get the shouts and generate the shout HTML.
if (!empty($_GET["limit"])) $this->limit = max(0, (int)$_GET["limit"]);
$controller->shouts = $this->getShouts($controller->member["memberId"], $this->limit);
$section = "
<div class='hdr'><h3>{$language["Shouts"]}</h3></div>
<div class='body shouts'>";
// If the user is not logged in, they can't send a shout! Otherwise, show the send shout form.
if (!$this->eso->user) $section .= $this->eso->htmlMessage("loginRequired");
else $section .= "<form action='" . curLink() . "' method='post' id='shoutForm'><div>
<input type='hidden' name='token' value='{$_SESSION["token"]}'/>
<input type='text' class='text' id='shoutContent' name='shoutContent'/> " . $this->eso->skin->button(array("value" => $language["Shout it"], "id" => "shoutSubmit", "name" => "shoutSubmit")) . "
<script type='text/javascript'>// <![CDATA[
makePlaceholder(getById(\"shoutContent\"), \"{$language["Type a shout here"]}\");
// ]]></script>
</div></form>";
// Loop through the shouts and output them.
$section .= "<div id='shouts'>";
foreach ($controller->shouts as $shout)
$section .= "<div id='shout{$shout["shoutId"]}'>" . $this->htmlShout($shout) . "</div>";
$section .= "</div>";
// If there are more shouts, show a 'view more' link.
if ($this->showViewMore) $section .= "<div id='more'><div class='msg info'>{$language["viewMoreShouts"]} <a href='" . makeLink("profile", $this->member["memberId"], "?limit=" . ($this->limit + 50)) . "'>View more</a></div></div>";
$section .= "</div>";
// Initialize the shout javascript.
if ($this->eso->user) $section .= "<script type='text/javascript'>// <![CDATA[
Shouts.member={$controller->member["memberId"]};Shouts.init();
// ]]></script>";
// Add the section!
$controller->addSection($section);
}
// Shout AJAX handler.
function ajax(&$controller)
{
global $config;
switch ($_POST["action"]) {
// Add a new shout.
case "shout":
if (!$this->eso->validateToken(@$_POST["token"])) return;
// Does this member exist?
if (!($this->member = $controller->getMember($_POST["memberTo"]))) {
$this->eso->message("memberDoesntExist");
return;
}
// Return the shout HTML and the shout ID if we successfully add the shout.
if ($shout = $this->addShout($_POST["content"])) {
return array(
"html" => $this->htmlShout($shout + array("name" => $this->eso->user["name"], "color" => $this->eso->user["color"], "avatarFormat" => $this->eso->user["avatarFormat"])),
"shoutId" => $shout["shoutId"]
);
}
break;
// Delete a shout. Easy!
case "deleteShout":
if (!$this->eso->validateToken(@$_POST["token"])) return;
$this->deleteShout($_POST["shoutId"]);
}
}
// Fetch the shouts from the database.
function getShouts($memberId, $limit = 50)
{
global $config;
$shouts = array();
$memberId = (int)$memberId;
$result = $this->eso->db->query("SELECT shoutId, memberFrom, name, color, avatarFormat, time, content FROM {$config["tablePrefix"]}shouts LEFT JOIN {$config["tablePrefix"]}members ON (memberId=memberFrom) WHERE memberTo=$memberId ORDER BY time DESC, shoutId DESC LIMIT " . ($limit + 1));
// We selected $limit + 1 results; if there is that +1 result, there are more results to display.
$this->showViewMore = $this->eso->db->numRows($result) > $limit;
// Put the results into an array.
for ($i = 0; $i < $limit and $shout = $this->eso->db->fetchAssoc($result); $i++) $shouts[] = $shout;
return $shouts;
}
// Generate the HTML for an individual shout.
function htmlShout($shout)
{
global $language;
// Generate the shout wrapper, avatar, name, and time.
$output = "<div class='p c{$shout["color"]}'><div class='hdr'>
<img src='" . $this->eso->getAvatar($shout["memberFrom"], $shout["avatarFormat"], "thumb") . "' alt='' class='avatar'/>
<div class='pInfo'><h4><a href='" . makeLink("profile", $shout["memberFrom"]) . "'>{$shout["name"]}</a></h4><br/><span>" . relativeTime($shout["time"]) . "</span></div>";
// If the user can delete this shout, show the delete link.
if ($this->canDeleteShout($shout["memberFrom"], $this->member["memberId"]) === true)
$output .= "<div class='controls'><a href='" . makeLink("profile", $this->member["memberId"], "?deleteShout={$shout["shoutId"]}&token={$_SESSION["token"]}") . "' onclick='Shouts.deleteShout({$shout["shoutId"]});return false'>{$language["delete"]}</a></div>";
// Finally, the shout content.
$output .= "<p>{$shout["content"]}</p>
</div></div>";
return $output;
}
// Add a shout to the database, and notify the member via email.
function addShout($content)
{
global $config;
// Does the shout have content? Is this user allowed to send a shout?
if (($error = !$content ? "emptyPost" : false) or ($error = $this->canAddShout()) !== true) {
$this->eso->message($error);
return;
}
// Prepare and add the shout to the database.
$shout = array(
"memberTo" => $this->member["memberId"],
"memberFrom" => $this->eso->user["memberId"],
"time" => time(),
"content" => $this->eso->formatter->format($content, array("bold", "italic", "strikethrough", "superscript", "link", "fixedInline", "specialCharacters", "emoticons"))
);
$this->eso->db->query("INSERT INTO {$config["tablePrefix"]}shouts (memberTo, memberFrom, time, content) VALUES ({$shout["memberTo"]}, {$shout["memberFrom"]}, {$shout["time"]}, '" . $this->eso->db->escape($shout["content"]) . "')");
$shout["shoutId"] = $this->eso->db->lastInsertId();
// Notify the member via email.
global $versions;
if ($shout["memberTo"] != $shout["memberFrom"]) {
list($emailOnNewShout, $email, $name, $language) = $this->eso->db->fetchRow("SELECT emailOnNewShout, email, name, language FROM {$config["tablePrefix"]}members WHERE memberId={$shout["memberTo"]}");
include "languages/" . sanitizeFileName(file_exists("languages/$language.php") ? $language : $config["language"]) . ".php";
if ($emailOnNewShout) sendEmail($email, sprintf($language["emails"]["newShout"]["subject"], $name), sprintf($language["emails"]["newShout"]["body"], $name, $this->eso->user["name"], $config["baseURL"] . makeLink("profile", $shout["memberTo"])));
unset($langauge, $messages);
}
return $shout;
}
// Delete a shout from the database.
function deleteShout($shoutId)
{
global $config;
$shoutId = (int)$shoutId;
// Can we find the shout we're trying to delete? Are we allowed to delete it?
if (!(list($memberFrom, $memberTo) = $this->eso->db->fetchRow("SELECT memberFrom, memberTo FROM {$config["tablePrefix"]}shouts WHERE shoutId=$shoutId"))) return;
if (($error = $this->canDeleteShout($memberFrom, $memberTo)) !== true) {
$this->eso->message($error);
return;
}
// Goodbye!
$this->eso->db->query("DELETE FROM {$config["tablePrefix"]}shouts WHERE shoutId=$shoutId");
}
// Does the current user have permission to add a shout? They must be logged in, not suspended, and can't have shouted
// recently.
function canAddShout()
{
if (!$this->eso->user) return "noPermission";
if ($this->eso->isSuspended()) return "suspended";
global $config;
if ($this->eso->db->result("SELECT 1 FROM {$config["tablePrefix"]}shouts WHERE memberFrom={$this->eso->user["memberId"]} AND time>UNIX_TIMESTAMP()-{$config["timeBetweenPosts"]}", 0)) return "waitToReply";
return true;
}
// Does the current user have permission to delete a shout? They must be the receiver or the sender of the shout.
function canDeleteShout($memberFrom, $memberTo)
{
if (!$this->eso->user["moderator"] and $this->eso->user["memberId"] != $memberFrom and $this->eso->user["memberId"] != $memberTo) return "noPermission";
return true;
}
// Add the table to the database.
function upgrade($oldVersion)
{
global $config;
if (!$this->eso->db->numRows("SHOW COLUMNS FROM {$config["tablePrefix"]}members LIKE 'emailOnNewShout'")) {
$this->eso->db->query("ALTER TABLE {$config["tablePrefix"]}members ADD COLUMN emailOnNewShout tinyint(1) NOT NULL default '0'");
}
if (!$oldVersion) {
if ($this->eso->db->numRows("SHOW TABLES LIKE '{$config["tablePrefix"]}shouts'")) return;
$this->eso->db->query("CREATE TABLE {$config["tablePrefix"]}shouts (
shoutId int unsigned NOT NULL auto_increment,
memberTo int unsigned NOT NULL,
memberFrom int unsigned NOT NULL,
time int unsigned NOT NULL,
content text NOT NULL,
PRIMARY KEY (shoutId)
) ENGINE=MyISAM DEFAULT CHARSET=utf8");
}
}
}
?>