archive/tyforum
2
0
Fork 0
forked from github/Quit.mwForum
Code Pull Requests Activity
Files
main
tyforum/script/user_watch.pl

286 lines
9.4 KiB
Perl
Executable File
Raw Permalink Blame History

#!/usr/bin/perl
#------------------------------------------------------------------------------
# mwForum - Web-based discussion forum
# Copyright (c) 1999-2015 Markus Wichitill
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#------------------------------------------------------------------------------
use strict;
use warnings;
no warnings qw(uninitialized redefine);
# Imports
use TyfMain;
#------------------------------------------------------------------------------
# Init
my ( $m, $cfg, $lng, $user, $userId ) =
TyfMain->new( $_[0], autocomplete => 1 );
# Check if access should be denied
$userId or $m->error('errNoAccess');
# Get CGI parameters
my $optUserId = $m->paramInt('uid');
my $word = $m->paramStr('word');
my $userName = $m->paramStr('userName');
my $watchedId = $m->paramInt('userId');
my $action = $m->paramStrId('act');
my $submitted = $m->paramBool('subm');
# Select which user to edit
my $optUser = $optUserId && $user->{admin} ? $m->getUser($optUserId) : $user;
$optUser or $m->error('errUsrNotFnd');
$optUserId = $optUser->{id};
# Get username from id or vice versa
if ($watchedId) {
$userName = $m->fetchArray( "
SELECT userName FROM users WHERE id = ?", $watchedId );
$userName or $m->formError('errUsrNotFnd');
}
elsif ($userName) {
$watchedId = $m->fetchArray( "
SELECT id FROM users WHERE userName = ?", $userName );
$watchedId or $m->formError('errUsrNotFnd');
}
# Process form
if ($submitted) {
# Check request source authentication
$m->checkSourceAuth() or $m->formError('errSrcAuth');
# Process add watch word form
if ( $action eq 'addWord' ) {
# Check if feature is enabled
$cfg->{watchWords} or $m->error('errNoAccess');
# Check word validity
$word = lc($word);
length($word) >= 4 && length($word) <= 30
or $m->formError('errWordSize');
# Limit number of watch entries
my $wordNum = $m->fetchArray( "
SELECT COUNT(*) FROM watchWords WHERE userId = ?", $optUserId );
$wordNum <= 10 or $m->formError('errWatchNum');
# If there's no error, finish action
if ( !@{ $m->{formErrors} } ) {
# Add watch word
$m->setRel( 1, 'watchWords', 'userId', 'word', $optUserId,
$m->escHtml($word) );
# Log action and finish
$m->logAction( 1, 'user', 'wwordadd', $userId, 0, 0, 0,
$optUserId );
$m->redirect( 'user_watch', uid => $optUserId, msg => 'WatWrdAdd' );
}
}
# Process remove watch word form
elsif ( $action eq 'removeWord' ) {
# If there's no error, finish action
if ( !@{ $m->{formErrors} } ) {
# Remove watch word
$m->setRel( 0, 'watchWords', 'userId', 'word', $optUserId,
$m->escHtml($word) );
# Log action and finish
$m->logAction( 1, 'user', 'wwordrem', $userId, 0, 0, 0,
$optUserId );
$m->redirect( 'user_watch', uid => $optUserId, msg => 'WatWrdRem' );
}
}
# Process add watch user form
elsif ( $action eq 'addUser' ) {
# Check if feature is enabled
$cfg->{watchUsers} or $m->error('errNoAccess');
# Don't accept 0 as userId
$watchedId > 0 or $m->formError('errUsrNotFnd');
# Limit number of watch entries
my $userNum = $m->fetchArray( "
SELECT COUNT(*) FROM watchUsers WHERE userId = ?", $optUserId );
$userNum <= 10 or $m->formError('errWatchNum');
# If there's no error, finish action
if ( !@{ $m->{formErrors} } ) {
# Add watch user
$m->setRel( 1, 'watchUsers', 'userId', 'watchedId', $optUserId,
$watchedId );
# Log action and finish
$m->logAction( 1, 'user', 'wuseradd', $userId, 0, 0, 0,
$watchedId );
$m->redirect( 'user_watch', uid => $optUserId, msg => 'WatUsrAdd' );
}
}
# Process remove watch user form
elsif ( $action eq 'removeUser' ) {
# If there's no error, finish action
if ( !@{ $m->{formErrors} } ) {
# Remove watch user
$m->setRel( 0, 'watchUsers', 'userId', 'watchedId', $optUserId,
$watchedId );
# Log action and finish
$m->logAction( 1, 'user', 'wuserrem', $userId, 0, 0, 0,
$watchedId );
$m->redirect( 'user_watch', uid => $optUserId, msg => 'WatUsrRem' );
}
}
else { $m->error('errParamMiss') }
}
# Print form
if ( !$submitted || @{ $m->{formErrors} } ) {
# Print header
$m->printHeader();
# Print page bar
my @navLinks = (
{
url => $m->url( 'user_options', uid => $optUserId ),
txt => 'comUp',
ico => 'up'
}
);
$m->printPageBar(
mainTitle => $lng->{watTitle},
subTitle => $optUser->{userName},
navLinks => \@navLinks
);
# Print hints and form errors
$m->printHints( [ 'watWrdAddT', 'watUsrAddT' ] );
$m->printFormErrors();
# Escape submitted values
my $wordEsc = $m->escHtml($word);
my $userNameEsc = $m->escHtml($userName);
if ( $cfg->{watchWords} ) {
# Print add word form
print
"<form action=\"user_watch$m->{ext}\" method=\"POST\">\n",
"<div class=\"frm\">\n",
"<div class=\"hcl\"><span class=\"htt\">$lng->{watWrdAddTtl}</span></div>\n",
"<div class=\"ccl\">\n",
"<label class=\"lbw\">$lng->{watWrdAddWrd}",
"<input type=\"text\" class=\"qwi\" name=\"word\" value=\"$wordEsc\" autofocus required></label>\n",
$m->submitButton( 'watWrdAddB', 'watch' ),
"<input type=\"hidden\" name=\"act\" value=\"addWord\">\n",
"<input type=\"hidden\" name=\"uid\" value=\"$optUserId\">\n",
$m->stdFormFields(),
"</div>\n",
"</div>\n",
"</form>\n\n";
# Get watch words
my $words = $m->fetchAllArray( "
SELECT word FROM watchWords WHERE userId = ? ORDER BY word", $optUserId );
if (@$words) {
# Print remove word form
print
"<form action=\"user_watch$m->{ext}\" method=\"POST\">\n",
"<div class=\"frm\">\n",
"<div class=\"hcl\"><span class=\"htt\">$lng->{watWrdRemTtl}</span></div>\n",
"<div class=\"ccl\">\n",
"<label class=\"lbw\">$lng->{watWrdRemWrd}",
"<select name=\"word\" size=\"5\">\n",
map( "<option value=\"$_->[0]\">$_->[0]</option>\n", @$words ),
"</select></label>\n", $m->submitButton( 'watWrdRemB', 'remove' ),
"<input type=\"hidden\" name=\"act\" value=\"removeWord\">\n",
"<input type=\"hidden\" name=\"uid\" value=\"$optUserId\">\n",
$m->stdFormFields(),
"</div>\n",
"</div>\n",
"</form>\n\n";
}
}
if ( $cfg->{watchUsers} ) {
# Print add user form
print
"<form action=\"user_watch$m->{ext}\" method=\"POST\">\n",
"<div class=\"frm\">\n",
"<div class=\"hcl\"><span class=\"htt\">$lng->{watUsrAddTtl}</span></div>\n",
"<div class=\"ccl\">\n",
"<label class=\"lbw\">$lng->{watUsrAddUsr}",
"<input type=\"text\" class=\"qwi acu acs\" name=\"userName\" value=\"$userNameEsc\"",
" required></label>\n", $m->submitButton( 'watUsrAddB', 'watch' ),
"<input type=\"hidden\" name=\"act\" value=\"addUser\">\n",
"<input type=\"hidden\" name=\"uid\" value=\"$optUserId\">\n",
$m->stdFormFields(),
"</div>\n",
"</div>\n",
"</form>\n\n";
# Get watched users
my $users = $m->fetchAllArray( "
SELECT users.id, users.userName
FROM watchUsers AS watchUsers
INNER JOIN users AS users
ON users.id = watchUsers.watchedId
WHERE watchUsers.userId = :optUserId
ORDER BY users.userName",
{ optUserId => $optUserId } );
if (@$users) {
# Print remove user form
my %state = ( $watchedId => 'selected' );
print
"<form action=\"user_watch$m->{ext}\" method=\"POST\">\n",
"<div class=\"frm\">\n",
"<div class=\"hcl\"><span class=\"htt\">$lng->{watUsrRemTtl}</span></div>\n",
"<div class=\"ccl\">\n",
"<label class=\"lbw\">$lng->{watUsrRemUsr}",
"<select name=\"userId\" size=\"5\">\n",
map(
"<option value=\"$_->[0]\" $state{$_->[0]}>$_->[1]</option>\n",
@$users ),
"</select></label>\n", $m->submitButton( 'watUsrRemB', 'remove' ),
"<input type=\"hidden\" name=\"act\" value=\"removeUser\">\n",
"<input type=\"hidden\" name=\"uid\" value=\"$optUserId\">\n",
$m->stdFormFields(),
"</div>\n",
"</div>\n",
"</form>\n\n";
}
}
# Log action and finish
$m->logAction( 3, 'user', 'watch', $userId, 0, 0, 0, $optUserId );
$m->printFooter();
}
$m->finish();
View Git Blame Copy Permalink