detail.php

   1 <?php
   2 /**
   3  * Message Detail page
   4  *
   5  * @author Anthony Parsons (xmpp:ant@specialops.ath.cx)
   6  * @license file://COPYING
   7  * @version $Id$
   8  */
   9
  10 $prefetch = array('`points`', '`msglist_layout`');
  11 require 'con.php';
  12
  13 $page->title = 'Message Detail';
  14
  15 /* Error checks */
  16 if ( ! ($user instanceof User_Authenticated) ) {
  17         $page->errorfooter('login');
  18 }
  19 if ( ! $user->has_priv('moderate') ) {
  20         $page->errorfooter('level');
  21 }
  22 if ( empty($_SERVER['QUERY_STRING']) || !is_numeric($_SERVER['QUERY_STRING']) ) {
  23         $page->errorfooter('messageid');
  24 }
  25 if ( isset($_POST['action']) && !in_array($_POST['action'], array('add', 'sub')) ) {
  26         $page->errorfooter('request');
  27 }
  28
  29
  30 /* Get topic metadata */
  31 $topic = $DB->query('SELECT `board_name`, `boards`.`boardid`, `topic_title`, `view_restrict`, `topicid`
  32                                         FROM `boards` NATURAL LEFT JOIN `topics`
  33                                         WHERE `topicid` =
  34                                                 (SELECT `topicid` FROM `messages` WHERE `messageid` = '.intval($_SERVER['QUERY_STRING']).')');
  35
  36
  37 /* more error checks plz */
  38 if ( 0 === $topic->num_rows ) {
  39         $page->errorfooter('messageid');
  40 } else {
  41         $topic = $topic->fetch_assoc();
  42 }
  43
  44 if ( ! $user->has_priv('viewboard', $topic['view_restrict']) ) {
  45         $page->errorfooter('level');
  46 }
  47
  48
  49 /* Set header stuff */
  50 $page->title .= ': '.$topic['topic_title'].' (msg#'.$_SERVER['QUERY_STRING'].')';
  51 $page->nav['Topic List: '.$topic['board_name']] = 'topiclist?'.$topic['boardid'];
  52 $page->nav['Message List: '.$topic['topic_title']] = 'messagelist?'.$topic['topicid'];
  53
  54
  55 $query = 'SELECT `messages`.`userid`, `alias`, `mtime`, `mtext`, `replyto`,
  56                         `score`, `marks`, `messages`.`messageid`, INET_NTOA(`origin_ip`) AS `ip`
  57                 FROM `message-data`
  58                 NATURAL LEFT JOIN `messages`
  59                 NATURAL LEFT JOIN `users`
  60                 WHERE `messageid` = '.intval($_SERVER['QUERY_STRING']);
  61
  62 define('HERE', $_SERVER['REQUEST_URI']);
  63
  64 if ( isset($_POST['action']) ) {
  65
  66         // Update message with new score
  67         try {
  68                 $meta = $DB->query($query)->fetch_assoc();
  69
  70                 $DB->autocommit(false);
  71
  72                 // Score depends on how many points the user has (i.e. the number of digits in it)
  73                 $score = ( 'add' === $_POST['action'] ? floor(log($user->points, 10)) : -(floor(log($user->points, 10))) ); // :-(
  74
  75                 if ( !isset($_SERVER['HTTP_REFERER']) || !preg_match('/messagelist|detail/', $_SERVER['HTTP_REFERER']) ||
  76                                 strpos($_SERVER['HTTP_REFERER'], 'http://'.$_SERVER['HTTP_HOST']) !== 0 ) {
  77                         throw new InvalidInputException('Invalid HTTP referrer sent: make sure you\'re using the right links.');
  78                 }
  79                 if ( $DB->query('SELECT `messageid` FROM `marks`
  80                                                 WHERE `userid` = @userid AND `messageid` = '.intval($_SERVER['QUERY_STRING']))->num_rows ) {
  81                         throw new RateLimitException('You\'ve already marked/suggested this message.');
  82                 }
  83                 if ( $user->userid === $meta['userid'] ) {
  84                         throw new RateLimitException('No self-gratification, kthx.');
  85                 }
  86
  87                 // Update message score
  88                 $DB->query('UPDATE `messages` SET `score` = `score` + '.$score.', `marks` = `marks` + 1
  89                                         WHERE `messageid` = '.$meta['messageid']);
  90
  91                 // Update user score
  92                 $user2 = new User_Registered($meta['userid'], array('`points`'));
  93                 $user2->points += $score;
  94
  95                 // Add to marked messages list
  96                 $DB->query('INSERT INTO `marks` VALUES
  97                                         ('.intval($_SERVER['QUERY_STRING']).', @userid, '.$score.', UNIX_TIMESTAMP())');
  98
  99                 $DB->commit();
 100
 101                 header('Refresh: 5; url='.$_SERVER['HTTP_REFERER']);
 102                 $user->userheader();
 103                 echo '<p class="notice">Message successfully rated! You will be dumped back wherever you came from in 5 seconds.</p>',"\n";
 104
 105         } catch ( Exception $e ) {
 106                 $DB->rollback();
 107                 $user->userheader();
 108                 echo '<p class="error">',$e->getMessage(),"</p>\n";
 109         }
 110 } else {
 111         $user->userheader();
 112 }
 113
 114 switch ( $user->msglist_style ) {
 115         case Messagestyle_Frozenoven::ID:
 116                 $mo = new Messagestyle_Frozenoven; break;
 117         case Messagestyle_IRC::ID:
 118                 $mo = new Messagestyle_IRC; break;
 119         case Messagestyle_Plain::ID:
 120         default:
 121                 $mo = new Messagestyle_Plain;
 122 }
 123
 124 $message = $DB->query($query)->fetch_assoc();
 125
 126 echo '<div class="',get_class($mo),"\">\n";
 127         $mo->display($message);
 128 echo "</div>\n";
 129
 130 if ( !isset($_POST) && $user->userid != $message['userid'] ) {
 131         echo '<p class="info">Click the +/- links on the message to give or take points from it.</p>';
 132 }
 133
 134 $list = $DB->query('SELECT `marks`.`userid`, `alias`
 135                                         FROM `marks` NATURAL LEFT JOIN `users`
 136                                         WHERE `messageid` = '.intval($_SERVER['QUERY_STRING']));
 137
 138 if ( $list->num_rows ) {
 139         echo '<p>Users who rated this message: ',implode(', ', $user->fillnamecache($list)),"</p>\n";
 140 }
 141
 142 $page->pagefooter();
 143 ?>