|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* |
|
4
|
|
|
* Ideas extension for the phpBB Forum Software package. |
|
5
|
|
|
* |
|
6
|
|
|
* @copyright (c) phpBB Limited <https://www.phpbb.com> |
|
7
|
|
|
* @license GNU General Public License, version 2 (GPL-2.0) |
|
8
|
|
|
* |
|
9
|
|
|
*/ |
|
10
|
|
|
|
|
11
|
|
|
namespace phpbb\ideas\controller; |
|
12
|
|
|
|
|
13
|
|
|
use phpbb\exception\http_exception; |
|
14
|
|
|
use phpbb\ideas\ext; |
|
15
|
|
|
use Symfony\Component\HttpFoundation\JsonResponse; |
|
16
|
|
|
use Symfony\Component\HttpFoundation\RedirectResponse; |
|
17
|
|
|
|
|
18
|
|
|
class idea_controller extends base |
|
19
|
|
|
{ |
|
20
|
|
|
/** @var array of idea data */ |
|
21
|
|
|
protected $data; |
|
22
|
|
|
|
|
23
|
|
|
/** |
|
24
|
|
|
* Controller for /idea/{idea_id} |
|
25
|
|
|
* |
|
26
|
|
|
* @param $idea_id int The ID of the requested idea, maybe? |
|
27
|
|
|
* @throws http_exception |
|
28
|
|
|
* @return JsonResponse|RedirectResponse |
|
29
|
|
|
*/ |
|
30
|
|
|
public function idea($idea_id) |
|
31
|
|
|
{ |
|
32
|
|
|
if (!$this->is_available()) |
|
33
|
|
|
{ |
|
34
|
|
|
throw new http_exception(404, 'IDEAS_NOT_AVAILABLE'); |
|
35
|
|
|
} |
|
36
|
|
|
|
|
37
|
|
|
$this->data = $this->ideas->get_idea($idea_id); |
|
|
|
|
|
|
38
|
|
|
if (!$this->data) |
|
39
|
|
|
{ |
|
40
|
|
|
throw new http_exception(404, 'IDEA_NOT_FOUND'); |
|
41
|
|
|
} |
|
42
|
|
|
|
|
43
|
|
|
$mode = $this->request->variable('mode', ''); |
|
44
|
|
|
if (!empty($mode) && $this->request->is_ajax()) |
|
45
|
|
|
{ |
|
46
|
|
|
$result = $this->$mode(); |
|
47
|
|
|
|
|
48
|
|
|
return new JsonResponse($result); |
|
49
|
|
|
} |
|
50
|
|
|
|
|
51
|
|
|
$params = array( |
|
52
|
|
|
'f' => $this->config['ideas_forum_id'], |
|
53
|
|
|
't' => $this->data['topic_id'] |
|
54
|
|
|
); |
|
55
|
|
|
|
|
56
|
|
|
if ($unread = ($this->request->variable('view', '') === 'unread')) |
|
57
|
|
|
{ |
|
58
|
|
|
$params = array_merge($params, array('view' => 'unread')); |
|
59
|
|
|
} |
|
60
|
|
|
|
|
61
|
|
|
$url = append_sid(generate_board_url() . "/viewtopic.{$this->php_ext}", $params, false) . ($unread ? '#unread' : ''); |
|
62
|
|
|
|
|
63
|
|
|
return new RedirectResponse($url); |
|
64
|
|
|
} |
|
65
|
|
|
|
|
66
|
|
|
/** |
|
67
|
|
|
* Delete action (deletes an idea via confirm dialog) |
|
68
|
|
|
* |
|
69
|
|
|
* @throws http_exception |
|
70
|
|
|
* @return void |
|
71
|
|
|
* @access public |
|
72
|
|
|
*/ |
|
73
|
|
|
public function delete() |
|
74
|
|
|
{ |
|
75
|
|
|
if (!$this->is_mod()) |
|
76
|
|
|
{ |
|
77
|
|
|
throw new http_exception(403, 'NO_AUTH_OPERATION'); |
|
78
|
|
|
} |
|
79
|
|
|
|
|
80
|
|
|
if (confirm_box(true)) |
|
81
|
|
|
{ |
|
82
|
|
|
include $this->root_path . 'includes/functions_admin.' . $this->php_ext; |
|
83
|
|
|
$this->ideas->delete($this->data['idea_id'], $this->data['topic_id']); |
|
|
|
|
|
|
84
|
|
|
|
|
85
|
|
|
$redirect = $this->helper->route('phpbb_ideas_index_controller'); |
|
86
|
|
|
$message = $this->language->lang('IDEA_DELETED') . '<br /><br />' . $this->language->lang('RETURN_IDEAS', '<a href="' . $redirect . '">', '</a>'); |
|
87
|
|
|
meta_refresh(3, $redirect); |
|
88
|
|
|
trigger_error($message); // trigger error needed for data-ajax |
|
89
|
|
|
} |
|
90
|
|
|
else |
|
91
|
|
|
{ |
|
92
|
|
|
confirm_box( |
|
93
|
|
|
false, |
|
94
|
|
|
$this->language->lang('CONFIRM_DELETE'), |
|
95
|
|
|
build_hidden_fields(array( |
|
96
|
|
|
'idea_id' => $this->data['idea_id'], |
|
97
|
|
|
'mode' => 'delete', |
|
98
|
|
|
)), |
|
99
|
|
|
'confirm_body.html', |
|
100
|
|
|
$this->helper->route( |
|
101
|
|
|
'phpbb_ideas_idea_controller', |
|
102
|
|
|
array( |
|
103
|
|
|
'idea_id' => $this->data['idea_id'], |
|
104
|
|
|
'mode' => 'delete', |
|
105
|
|
|
) |
|
106
|
|
|
) |
|
107
|
|
|
); |
|
108
|
|
|
} |
|
109
|
|
|
} |
|
110
|
|
|
|
|
111
|
|
|
/** |
|
112
|
|
|
* Duplicate action (sets an idea's duplicate link) |
|
113
|
|
|
* |
|
114
|
|
|
* @return bool True if set, false if not |
|
115
|
|
|
* @access public |
|
116
|
|
|
*/ |
|
117
|
|
|
public function duplicate() |
|
118
|
|
|
{ |
|
119
|
|
|
if ($this->is_mod() && check_link_hash($this->get_hash(), "duplicate_{$this->data['idea_id']}")) |
|
120
|
|
|
{ |
|
121
|
|
|
$duplicate = $this->request->variable('duplicate', 0); |
|
122
|
|
|
return $this->ideas->set_duplicate($this->data['idea_id'], $duplicate); |
|
|
|
|
|
|
123
|
|
|
} |
|
124
|
|
|
|
|
125
|
|
|
return false; |
|
126
|
|
|
} |
|
127
|
|
|
|
|
128
|
|
|
/** |
|
129
|
|
|
* Remove vote action (remove a user's vote from an idea) |
|
130
|
|
|
* |
|
131
|
|
|
* @return mixed Array of vote data, an error message, or false if failed |
|
132
|
|
|
* @access public |
|
133
|
|
|
*/ |
|
134
|
|
|
public function removevote() |
|
135
|
|
|
{ |
|
136
|
|
|
if ($this->data['idea_status'] === ext::$statuses['IMPLEMENTED'] || $this->data['idea_status'] === ext::$statuses['DUPLICATE'] || !check_link_hash($this->get_hash(), "removevote_{$this->data['idea_id']}")) |
|
137
|
|
|
{ |
|
138
|
|
|
return false; |
|
139
|
|
|
} |
|
140
|
|
|
|
|
141
|
|
|
if ($this->auth->acl_get('f_vote', (int) $this->config['ideas_forum_id'])) |
|
142
|
|
|
{ |
|
143
|
|
|
$result = $this->ideas->remove_vote($this->data, $this->user->data['user_id']); |
|
|
|
|
|
|
144
|
|
|
} |
|
145
|
|
|
else |
|
146
|
|
|
{ |
|
147
|
|
|
$result = $this->language->lang('NO_AUTH_OPERATION'); |
|
148
|
|
|
} |
|
149
|
|
|
|
|
150
|
|
|
return $result; |
|
151
|
|
|
} |
|
152
|
|
|
|
|
153
|
|
|
/** |
|
154
|
|
|
* RFC action (sets an idea's rfc link) |
|
155
|
|
|
* |
|
156
|
|
|
* @return bool True if set, false if not |
|
157
|
|
|
* @access public |
|
158
|
|
|
*/ |
|
159
|
|
|
public function rfc() |
|
160
|
|
|
{ |
|
161
|
|
|
if (($this->is_own() || $this->is_mod()) && check_link_hash($this->get_hash(), "rfc_{$this->data['idea_id']}")) |
|
162
|
|
|
{ |
|
163
|
|
|
$rfc = $this->request->variable('rfc', ''); |
|
164
|
|
|
return $this->ideas->set_rfc($this->data['idea_id'], $rfc); |
|
|
|
|
|
|
165
|
|
|
} |
|
166
|
|
|
|
|
167
|
|
|
return false; |
|
168
|
|
|
} |
|
169
|
|
|
|
|
170
|
|
|
/** |
|
171
|
|
|
* Status action (sets an idea's status) |
|
172
|
|
|
* |
|
173
|
|
|
* @return bool True if set, false if not |
|
174
|
|
|
* @access public |
|
175
|
|
|
*/ |
|
176
|
|
|
public function status() |
|
177
|
|
|
{ |
|
178
|
|
|
$status = $this->request->variable('status', 0); |
|
179
|
|
|
|
|
180
|
|
|
if ($status && $this->is_mod() && check_link_hash($this->get_hash(), "status_{$this->data['idea_id']}")) |
|
181
|
|
|
{ |
|
182
|
|
|
$this->ideas->set_status($this->data['idea_id'], $status); |
|
|
|
|
|
|
183
|
|
|
return true; |
|
184
|
|
|
} |
|
185
|
|
|
|
|
186
|
|
|
return false; |
|
187
|
|
|
} |
|
188
|
|
|
|
|
189
|
|
|
/** |
|
190
|
|
|
* Ticket action (sets an idea's ticket link) |
|
191
|
|
|
* |
|
192
|
|
|
* @return bool True if set, false if not |
|
193
|
|
|
* @access public |
|
194
|
|
|
*/ |
|
195
|
|
|
public function ticket() |
|
196
|
|
|
{ |
|
197
|
|
|
if (($this->is_own() || $this->is_mod()) && check_link_hash($this->get_hash(), "ticket_{$this->data['idea_id']}")) |
|
198
|
|
|
{ |
|
199
|
|
|
$ticket = $this->request->variable('ticket', 0); |
|
200
|
|
|
return $this->ideas->set_ticket($this->data['idea_id'], $ticket); |
|
|
|
|
|
|
201
|
|
|
} |
|
202
|
|
|
|
|
203
|
|
|
return false; |
|
204
|
|
|
} |
|
205
|
|
|
|
|
206
|
|
|
/** |
|
207
|
|
|
* Implemented action (sets an idea's implemented phpBB version) |
|
208
|
|
|
* |
|
209
|
|
|
* @return bool True if set, false if not |
|
210
|
|
|
* @access public |
|
211
|
|
|
*/ |
|
212
|
|
|
public function implemented() |
|
213
|
|
|
{ |
|
214
|
|
|
if ($this->is_mod() && check_link_hash($this->get_hash(), "implemented_{$this->data['idea_id']}")) |
|
215
|
|
|
{ |
|
216
|
|
|
$version = $this->request->variable('implemented', ''); |
|
217
|
|
|
return $this->ideas->set_implemented($this->data['idea_id'], $version); |
|
|
|
|
|
|
218
|
|
|
} |
|
219
|
|
|
|
|
220
|
|
|
return false; |
|
221
|
|
|
} |
|
222
|
|
|
|
|
223
|
|
|
/** |
|
224
|
|
|
* Vote action (sets an idea's vote) |
|
225
|
|
|
* |
|
226
|
|
|
* @return mixed Array of vote data, an error message, or false if failed |
|
227
|
|
|
* @access public |
|
228
|
|
|
*/ |
|
229
|
|
|
public function vote() |
|
230
|
|
|
{ |
|
231
|
|
|
$vote = $this->request->variable('v', 1); |
|
232
|
|
|
|
|
233
|
|
|
if ($this->data['idea_status'] === ext::$statuses['IMPLEMENTED'] || $this->data['idea_status'] === ext::$statuses['DUPLICATE'] || !check_link_hash($this->get_hash(), "vote_{$this->data['idea_id']}")) |
|
234
|
|
|
{ |
|
235
|
|
|
return false; |
|
236
|
|
|
} |
|
237
|
|
|
|
|
238
|
|
|
if ($this->auth->acl_get('f_vote', (int) $this->config['ideas_forum_id'])) |
|
239
|
|
|
{ |
|
240
|
|
|
$result = $this->ideas->vote($this->data, $this->user->data['user_id'], $vote); |
|
|
|
|
|
|
241
|
|
|
} |
|
242
|
|
|
else |
|
243
|
|
|
{ |
|
244
|
|
|
$result = $this->language->lang('NO_AUTH_OPERATION'); |
|
245
|
|
|
} |
|
246
|
|
|
|
|
247
|
|
|
return $result; |
|
248
|
|
|
} |
|
249
|
|
|
|
|
250
|
|
|
/** |
|
251
|
|
|
* Get a hash query parameter |
|
252
|
|
|
* |
|
253
|
|
|
* @return string The hash |
|
254
|
|
|
* @access protected |
|
255
|
|
|
*/ |
|
256
|
|
|
protected function get_hash() |
|
257
|
|
|
{ |
|
258
|
|
|
return $this->request->variable('hash', ''); |
|
259
|
|
|
} |
|
260
|
|
|
|
|
261
|
|
|
/** |
|
262
|
|
|
* Does the user have moderator privileges? |
|
263
|
|
|
* |
|
264
|
|
|
* @return bool |
|
265
|
|
|
* @access protected |
|
266
|
|
|
*/ |
|
267
|
|
|
protected function is_mod() |
|
268
|
|
|
{ |
|
269
|
|
|
return $this->auth->acl_get('m_', (int) $this->config['ideas_forum_id']); |
|
270
|
|
|
} |
|
271
|
|
|
|
|
272
|
|
|
/** |
|
273
|
|
|
* Is the user the author of the idea? |
|
274
|
|
|
* |
|
275
|
|
|
* @return bool |
|
276
|
|
|
* @access protected |
|
277
|
|
|
*/ |
|
278
|
|
|
protected function is_own() |
|
279
|
|
|
{ |
|
280
|
|
|
return $this->data['idea_author'] === $this->user->data['user_id']; |
|
281
|
|
|
} |
|
282
|
|
|
} |
|
283
|
|
|
|
phpbb /
ideas
Loading history...
Our type inference engine has found a suspicous assignment of a value to a property. This check raises an issue when a value that can be of a mixed type is assigned to a property that is type hinted more strictly.
For example, imagine you have a variable
$accountIdthat can either hold an Id object or false (if there is no account id yet). Your code now assigns that value to theidproperty of an instance of theAccountclass. This class holds a proper account, so the id value must no longer be false.Either this assignment is in error or a type check should be added for that assignment.