Issues in friend.php (master) - Issues in master - BOINC/boinc - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1963)

html/user/friend.php (5 issues)

Labels

Severity

<?php
// This file is part of BOINC.
// http://boinc.berkeley.edu
// Copyright (C) 2008 University of California
//
// BOINC is free software; you can redistribute it and/or modify it
// under the terms of the GNU Lesser General Public License
// as published by the Free Software Foundation,
// either version 3 of the License, or (at your option) any later version.
//
// BOINC is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
// See the GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with BOINC.  If not, see <http://www.gnu.org/licenses/>.

// stuff related to "buddy lists"

require_once("../inc/forum_db.inc");
require_once("../inc/profile.inc");

check_get_args(array("target_userid", "userid", "action"));

text_counter_script();

// see if there's already a request,
// and whether the notification record is there
//
function check_pending($user, $destuser) {
    $friend = BoincFriend::lookup($user->id, $destuser->id);
    if ($friend) {
        if ($friend->reciprocated) {
            error_page(tra("Already friends"));
        }
        $notify = BoincNotify::lookup($destuser->id, NOTIFY_FRIEND_REQ, $user->id);
        if ($notify) {
            page_head(tra("Request pending"));
            $t = date_str($friend->create_time);
            echo tra("You requested friendship with %1 on %2.", $destuser->name,$t) . "
                <p>" .
                tra("This request is still pending confirmation.");
            page_tail();
            exit();

        }
        BoincFriend::delete($user->id, $destuser->id);
    }
}

function check_ignoring($srcuser, $destuser) {
    BoincForumPrefs::lookup($destuser);
    if (is_ignoring($destuser, $srcuser)) {
        error_page(tra("%1 is not accepting friendship requests from you",$destuser->name));
    }
}

// user has clicked "add to friends".  Ask them if they really mean it.
//
function handle_add($user) {
    $destid = get_int('userid');
    if ($destid == $user->id) {
        error_page(tra("You can't be friends with yourself"));
    }
    $destuser = BoincUser::lookup_id($destid);
    if (!$destuser) error_page("No such user");

    check_pending($user, $destuser);
    check_ignoring($user, $destuser);

    page_head(tra("Add friend"));
    echo "
        <form method=post action=friend.php>
        <input type=hidden name=userid value=$destid>
        <input type=hidden name=action value=add_confirm>" .
        tra("You have asked to add %1 as a friend. We will notify %1 and will ask him/her to confirm that you are friends.",
        "<b>".$destuser->name."</b>") ."
        <p>" .
        tra("Add an optional message here:") ."
        <br>
        ".textarea_with_counter("message", 250, "")."
        <p>
        <input class=\"btn btn-primary\" type=submit value=\"".tra("OK")."\">
        </form>
    ";
    page_tail();
}

// User really means it.  Make DB entry and send notification
//
function handle_add_confirm($user) {
    $destid = post_int('userid');
    $destuser = BoincUser::lookup_id($destid);
    if (!$destuser) error_page("No such user");

    check_pending($user, $destuser);
    check_ignoring($user, $destuser);

    $msg = post_str('message', true);
    if ($msg) $msg = sanitize_tags(BoincDb::escape_string($msg));

    $now = time();
    $ret = BoincFriend::replace(
        "user_src=$user->id, user_dest=$destid, message='$msg', create_time=$now, reciprocated=0"
    );
    if (!$ret) {
        error_page(tra("Database error"));
    }
    $now = time();
    $type = NOTIFY_FRIEND_REQ;
    BoincNotify::replace("userid=$destid, create_time=$now, type=$type, opaque=$user->id");

    BoincForumPrefs::lookup($destuser);
    if ($destuser->prefs->pm_notification == 1) {
        send_friend_request_email($user, $destuser, $msg);
    }
    page_head(tra("Friend request sent"));
    echo tra("We have notified %1 of your request.","<b>".$destuser->name."</b>");
    page_tail();
}

// Show destination user the details of request, ask if they accept
//
function handle_query($user) {
    $target_userid = get_int('target_userid', true);
    if ($target_userid && $target_userid != $user->id) {
        $target_user = BoincUser::lookup_id($target_userid);
        page_head(tra("Please log in as %1", $target_user->name));
        echo tra("You must log in as %1 to view this friend request",
            $target_user->name
        );
        page_tail();
        exit;

    }
    $srcid = get_int('userid');
    $srcuser = BoincUser::lookup_id($srcid);
    if (!$srcuser) error_page("No such user");
    $friend = BoincFriend::lookup($srcid, $user->id);
    if (!$friend) error_page("Request not found");
    page_head(tra("Friend request"));
	echo time_str($friend->create_time)."<p>\n";
    $x = user_links($srcuser, BADGE_HEIGHT_MEDIUM);
    echo tra("%1 has requested friendship with you.", $x);
    if (strlen($friend->message)) {
        echo "<p>".tra("%1 says: %2", $srcuser->name, $friend->message)."</p>";
    }
    echo "<p>";
    show_button(
        "friend.php?action=accept&userid=".$srcid, tra("Accept friendship"),
        tra("Click accept if %1 is in fact a friend",
        $srcuser->name)
    );
    echo " ";
    show_button(
        "friend.php?action=ignore&userid=".$srcid, tra("Decline"),
        tra("Click decline if %1 is not a friend",
        $srcuser->name),
        "btn-sm btn-warning"
    );
    echo "    <p>
    ";
    page_tail();
}

// Here if they accepted
//
function handle_accept($user) {
    $srcid = get_int('userid');
    $srcuser = BoincUser::lookup_id($srcid);
    if (!$srcuser) error_page("No such user");

    $friend = BoincFriend::lookup($srcid, $user->id);
    if (!$friend) {
        error_page("No request");
    }
    $friend->update("reciprocated=1");

    // "accept message" not implemented in interface yet
    $msg = post_str('message', true);
    if ($msg) $msg = sanitize_tags(BoincDb::escape_string($msg));
    $now = time();
    $ret = BoincFriend::replace("user_src=$user->id, user_dest=$srcid, message='$msg', create_time=$now, reciprocated=1");
    if (!$ret) {
        error_page(tra("Database error"));
    }
    $type = NOTIFY_FRIEND_ACCEPT;
    BoincNotify::replace("userid=$srcid, create_time=$now, type=$type, opaque=$user->id");
    BoincForumPrefs::lookup($srcuser);
    if ($srcuser->prefs->pm_notification == 1) {
        send_friend_accept_email($user, $srcuser, $msg);
    }

    $notify = BoincNotify::lookup($user->id, NOTIFY_FRIEND_REQ, $srcid);
    if ($notify) {
        $notify->delete();
    }

    page_head(tra("Friendship confirmed"));
    echo tra("Your friendship with %1 has been confirmed.","<b>" . $srcuser->name ."</b>");
    page_tail();
}

// Here if they declined
//
function handle_ignore($user) {
    $srcid = get_int('userid');
    $srcuser = BoincUser::lookup_id($srcid);
    if (!$srcuser) error_page("No such user");
    $friend = BoincFriend::lookup($srcid, $user->id);
    if (!$friend) {
        error_page("No request");
    }
    $notify = BoincNotify::lookup($user->id, NOTIFY_FRIEND_REQ, $srcid);
    if ($notify) {
        $notify->delete();
    }
    page_head(tra("Friendship declined"));
    echo tra("You have declined friendship with %1","<b>".$srcuser->name."</b>");
    page_tail();
}

// Here if initiator clicked on "confirmed" notification.
// Delete notification
//
function handle_accepted($user) {
    $destid = get_int('userid');
    $destuser = BoincUser::lookup_id($destid);
    if (!$destuser) error_page("No such user");
    $notify = BoincNotify::lookup($user->id, NOTIFY_FRIEND_ACCEPT, $destid);
    if ($notify) {
        $notify->delete();
    } else {
        echo tra("Notification not found");
    }
    page_head(tra("Friend confirmed"));
    echo tra("You are now friends with %1.",$destuser->name);
    page_tail();
}

function handle_cancel_confirm($user) {
    $destid = get_int('userid');
    $destuser = BoincUser::lookup_id($destid);
    if (!$destuser) error_page("No such user");
    page_head(tra("Cancel friendship?"));
    echo
        tra("Are you sure you want to cancel your friendship with %1?",
            $destuser->name
        ) ."<p>\n"
    ;

    show_button("friend.php?action=cancel&userid=$destid", tra("Yes"), tra("Cancel friendship"));
    show_button(HOME_PAGE, tra("No"), tra("Stay friends"));
    echo "</ul>";
    page_tail();
}

function handle_cancel($user) {
    $destid = get_int('userid');
    $destuser = BoincUser::lookup_id($destid);
    if (!$destuser) error_page("No such user");
    BoincFriend::delete($user->id, $destid);
    page_head(tra("Friendship cancelled"));
    echo tra("Your friendship with %1 has been cancelled.",$destuser->name);
    page_tail();
}

// "home page" has Requests area
// (icon) N friend request(s)

$user = get_logged_in_user();

$action = get_str('action', true);
if (!$action) $action = post_str('action');

switch ($action) {
case 'add':
    handle_add($user);
    break;
case 'add_confirm':
    handle_add_confirm($user);
    break;
case 'query':
    handle_query($user);
    break;
case 'accept':
    handle_accept($user);
    break;
case 'accepted':
    handle_accepted($user);
    break;
case 'ignore':
    handle_ignore($user);
    break;
case 'cancel_confirm':
    handle_cancel_confirm($user);
    break;
case 'cancel':
    handle_cancel($user);
    break;
default:

    error_page("Unknown action");
}

?>


1			<?php
2			// This file is part of BOINC.
3			// http://boinc.berkeley.edu
4			// Copyright (C) 2008 University of California
5			//
6			// BOINC is free software; you can redistribute it and/or modify it
7			// under the terms of the GNU Lesser General Public License
8			// as published by the Free Software Foundation,
9			// either version 3 of the License, or (at your option) any later version.
10			//
11			// BOINC is distributed in the hope that it will be useful,
12			// but WITHOUT ANY WARRANTY; without even the implied warranty of
13			// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
14			// See the GNU Lesser General Public License for more details.
15			//
16			// You should have received a copy of the GNU Lesser General Public License
17			// along with BOINC. If not, see <http://www.gnu.org/licenses/>.
18
19			// stuff related to "buddy lists"
20
21			require_once("../inc/forum_db.inc");
22			require_once("../inc/profile.inc");
23
24			check_get_args(array("target_userid", "userid", "action"));
25
26			text_counter_script();
27
28			// see if there's already a request,
29			// and whether the notification record is there
30			//
31			function check_pending($user, $destuser) {
32			$friend = BoincFriend::lookup($user->id, $destuser->id);
33			if ($friend) {
34			if ($friend->reciprocated) {
35			error_page(tra("Already friends"));
36			}
37			$notify = BoincNotify::lookup($destuser->id, NOTIFY_FRIEND_REQ, $user->id);
38			if ($notify) {
39			page_head(tra("Request pending"));
40			$t = date_str($friend->create_time);
41			echo tra("You requested friendship with %1 on %2.", $destuser->name,$t) . "
42			<p>" .
43			tra("This request is still pending confirmation.");
44			page_tail();
45			exit();
			0 ignored issues – show Best Practice introduced 2018-08-30 19:19 UTC by Report Bug Copy Issue Report Show Similar Issues like this Using `exit` here is not recommended. In general, usage of exit should be done with care and only when running in a scripting context like a CLI script. Loading history...
46			}
47			BoincFriend::delete($user->id, $destuser->id);
48			}
49			}
50
51			function check_ignoring($srcuser, $destuser) {
52			BoincForumPrefs::lookup($destuser);
53			if (is_ignoring($destuser, $srcuser)) {
54			error_page(tra("%1 is not accepting friendship requests from you",$destuser->name));
55			}
56			}
57
58			// user has clicked "add to friends". Ask them if they really mean it.
59			//
60			function handle_add($user) {
61			$destid = get_int('userid');
62			if ($destid == $user->id) {
63			error_page(tra("You can't be friends with yourself"));
64			}
65			$destuser = BoincUser::lookup_id($destid);
66			if (!$destuser) error_page("No such user");
67
68			check_pending($user, $destuser);
69			check_ignoring($user, $destuser);
70
71			page_head(tra("Add friend"));
72			echo "
73			<form method=post action=friend.php>
74			<input type=hidden name=userid value=$destid>
75			<input type=hidden name=action value=add_confirm>" .
76			tra("You have asked to add %1 as a friend. We will notify %1 and will ask him/her to confirm that you are friends.",
77			"<b>".$destuser->name."</b>") ."
78			<p>" .
79			tra("Add an optional message here:") ."
80			<br>
81			".textarea_with_counter("message", 250, "")."
82			<p>
83			<input class=\"btn btn-primary\" type=submit value=\"".tra("OK")."\">
84			</form>
85			";
86			page_tail();
87			}
88
89			// User really means it. Make DB entry and send notification
90			//
91			function handle_add_confirm($user) {
92			$destid = post_int('userid');
93			$destuser = BoincUser::lookup_id($destid);
94			if (!$destuser) error_page("No such user");
95
96			check_pending($user, $destuser);
97			check_ignoring($user, $destuser);
98
99			$msg = post_str('message', true);
100			if ($msg) $msg = sanitize_tags(BoincDb::escape_string($msg));
101
102			$now = time();
103			$ret = BoincFriend::replace(
104			"user_src=$user->id, user_dest=$destid, message='$msg', create_time=$now, reciprocated=0"
105			);
106			if (!$ret) {
107			error_page(tra("Database error"));
108			}
109			$now = time();
110			$type = NOTIFY_FRIEND_REQ;
111			BoincNotify::replace("userid=$destid, create_time=$now, type=$type, opaque=$user->id");
112
113			BoincForumPrefs::lookup($destuser);
114			if ($destuser->prefs->pm_notification == 1) {
115			send_friend_request_email($user, $destuser, $msg);
116			}
117			page_head(tra("Friend request sent"));
118			echo tra("We have notified %1 of your request.","<b>".$destuser->name."</b>");
119			page_tail();
120			}
121
122			// Show destination user the details of request, ask if they accept
123			//
124			function handle_query($user) {
125			$target_userid = get_int('target_userid', true);
126			if ($target_userid && $target_userid != $user->id) {
127			$target_user = BoincUser::lookup_id($target_userid);
128			page_head(tra("Please log in as %1", $target_user->name));
129			echo tra("You must log in as %1 to view this friend request",
130			$target_user->name
131			);
132			page_tail();
133			exit;
			0 ignored issues – show Best Practice introduced 2018-08-30 19:19 UTC by Report Bug Copy Issue Report Show Similar Issues like this Using `exit` here is not recommended. In general, usage of exit should be done with care and only when running in a scripting context like a CLI script. Loading history...
134			}
135			$srcid = get_int('userid');
136			$srcuser = BoincUser::lookup_id($srcid);
137			if (!$srcuser) error_page("No such user");
138			$friend = BoincFriend::lookup($srcid, $user->id);
139			if (!$friend) error_page("Request not found");
140			page_head(tra("Friend request"));
141			echo time_str($friend->create_time)."<p>\n";
142			$x = user_links($srcuser, BADGE_HEIGHT_MEDIUM);
143			echo tra("%1 has requested friendship with you.", $x);
144			if (strlen($friend->message)) {
145			echo "<p>".tra("%1 says: %2", $srcuser->name, $friend->message)."</p>";
146			}
147			echo "<p>";
148			show_button(
149			"friend.php?action=accept&userid=".$srcid, tra("Accept friendship"),
150			tra("Click accept if %1 is in fact a friend",
151			$srcuser->name)
152			);
153			echo " ";
154			show_button(
155			"friend.php?action=ignore&userid=".$srcid, tra("Decline"),
156			tra("Click decline if %1 is not a friend",
157			$srcuser->name),
158			"btn-sm btn-warning"
159			);
160			echo " <p>
161			";
162			page_tail();
163			}
164
165			// Here if they accepted
166			//
167			function handle_accept($user) {
168			$srcid = get_int('userid');
169			$srcuser = BoincUser::lookup_id($srcid);
170			if (!$srcuser) error_page("No such user");
171
172			$friend = BoincFriend::lookup($srcid, $user->id);
173			if (!$friend) {
174			error_page("No request");
175			}
176			$friend->update("reciprocated=1");
177
178			// "accept message" not implemented in interface yet
179			$msg = post_str('message', true);
180			if ($msg) $msg = sanitize_tags(BoincDb::escape_string($msg));
181			$now = time();
182			$ret = BoincFriend::replace("user_src=$user->id, user_dest=$srcid, message='$msg', create_time=$now, reciprocated=1");
183			if (!$ret) {
184			error_page(tra("Database error"));
185			}
186			$type = NOTIFY_FRIEND_ACCEPT;
187			BoincNotify::replace("userid=$srcid, create_time=$now, type=$type, opaque=$user->id");
188			BoincForumPrefs::lookup($srcuser);
189			if ($srcuser->prefs->pm_notification == 1) {
190			send_friend_accept_email($user, $srcuser, $msg);
191			}
192
193			$notify = BoincNotify::lookup($user->id, NOTIFY_FRIEND_REQ, $srcid);
194			if ($notify) {
195			$notify->delete();
196			}
197
198			page_head(tra("Friendship confirmed"));
199			echo tra("Your friendship with %1 has been confirmed.","<b>" . $srcuser->name ."</b>");
200			page_tail();
201			}
202
203			// Here if they declined
204			//
205			function handle_ignore($user) {
206			$srcid = get_int('userid');
207			$srcuser = BoincUser::lookup_id($srcid);
208			if (!$srcuser) error_page("No such user");
209			$friend = BoincFriend::lookup($srcid, $user->id);
210			if (!$friend) {
211			error_page("No request");
212			}
213			$notify = BoincNotify::lookup($user->id, NOTIFY_FRIEND_REQ, $srcid);
214			if ($notify) {
215			$notify->delete();
216			}
217			page_head(tra("Friendship declined"));
218			echo tra("You have declined friendship with %1","<b>".$srcuser->name."</b>");
219			page_tail();
220			}
221
222			// Here if initiator clicked on "confirmed" notification.
223			// Delete notification
224			//
225			function handle_accepted($user) {
226			$destid = get_int('userid');
227			$destuser = BoincUser::lookup_id($destid);
228			if (!$destuser) error_page("No such user");
229			$notify = BoincNotify::lookup($user->id, NOTIFY_FRIEND_ACCEPT, $destid);
230			if ($notify) {
231			$notify->delete();
232			} else {
233			echo tra("Notification not found");
234			}
235			page_head(tra("Friend confirmed"));
236			echo tra("You are now friends with %1.",$destuser->name);
237			page_tail();
238			}
239
240			function handle_cancel_confirm($user) {
241			$destid = get_int('userid');
242			$destuser = BoincUser::lookup_id($destid);
243			if (!$destuser) error_page("No such user");
244			page_head(tra("Cancel friendship?"));
245			echo
246			tra("Are you sure you want to cancel your friendship with %1?",
247			$destuser->name
248			) ."<p>\n"
249			;
			0 ignored issues – show Coding Style introduced 2018-10-18 23:16 UTC by Report Bug Copy Issue Report Show Similar Issues like this Space found before semicolon; expected ""<p>\n";" but found ""<p>\n" ;" Loading history...
250			show_button("friend.php?action=cancel&userid=$destid", tra("Yes"), tra("Cancel friendship"));
251			show_button(HOME_PAGE, tra("No"), tra("Stay friends"));
252			echo "</ul>";
253			page_tail();
254			}
255
256			function handle_cancel($user) {
257			$destid = get_int('userid');
258			$destuser = BoincUser::lookup_id($destid);
259			if (!$destuser) error_page("No such user");
260			BoincFriend::delete($user->id, $destid);
261			page_head(tra("Friendship cancelled"));
262			echo tra("Your friendship with %1 has been cancelled.",$destuser->name);
263			page_tail();
264			}
265
266			// "home page" has Requests area
267			// (icon) N friend request(s)
268
269			$user = get_logged_in_user();
270
271			$action = get_str('action', true);
272			if (!$action) $action = post_str('action');
273
274			switch ($action) {
275			case 'add':
276			handle_add($user);
277			break;
278			case 'add_confirm':
279			handle_add_confirm($user);
280			break;
281			case 'query':
282			handle_query($user);
283			break;
284			case 'accept':
285			handle_accept($user);
286			break;
287			case 'accepted':
288			handle_accepted($user);
289			break;
290			case 'ignore':
291			handle_ignore($user);
292			break;
293			case 'cancel_confirm':
294			handle_cancel_confirm($user);
295			break;
296			case 'cancel':
297			handle_cancel($user);
298			break;
299			default:
			0 ignored issues – show Coding Style introduced 2018-10-18 23:16 UTC by Report Bug Copy Issue Report Show Similar Issues like this DEFAULT keyword must be indented 4 spaces from SWITCH keyword Loading history... Coding Style introduced 2018-10-18 23:16 UTC by Report Bug Copy Issue Report Show Similar Issues like this DEFAULT case must have a breaking statement Loading history...
300			error_page("Unknown action");
301			}
302
303			?>
304

BOINC / boinc

Issues (1963)

html/user/friend.php (5 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like