Skip to content

Q
question2answer
Commit ba7a0523 by Scott
Options

Merge branch 'dev' (1.7.4) into 1.8

parents b7cb859d 4fce0eb2
Showing with 430 additions and 411 deletions
CONTRIBUTING.md
......@@ -7,14 +7,16 @@ As of version 1.6.3, all development of [Question2Answer][Home] will take place
If you find a bug (error) with Question2Answer, please [submit an issue here][Issues]. Be as descriptive as possible: include exactly what you did to make the bug appear, what you expect to happen, and what happened instead. Also include your PHP version and MySQL version. Remember to check for similar issues already reported.
If you think you've found a security issue, you can responsibly disclose it to us using the [contact form here](http://www.question2answer.org/feedback.php).
Note that general troubleshooting issues such as installation or how to use a feature should continue to be asked on the [Question2Answer Q&A][QA].
## Pull requests
If you have found the cause of the bug in the Q2A code, you can submit the patch back to the Q2A repository. Create a fork of the repo, make the changes in your fork, then submit a pull request. **All pull requests must be made to the `dev` branch of Q2A.** The `master` branch is the current, stable release version.
If you have found the cause of the bug in the Q2A code, you can submit the patch back to the Q2A repository. Create a fork of the repo, make the changes in your fork, then submit a pull request. Bug fix pull requessts must be made to the `dev` branch. PRs for new features must be made to the next version branch, for example `1.8`.
If you wish to implement a feature, you should start a discussion on the [Question2Answer Q&A][QA] first. We welcome all ideas but they may not be appropriate for the Q2A core.
If you wish to implement a feature, you should start a discussion on the [Question2Answer Q&A][QA] first. We welcome all ideas but they may not be appropriate for the Q2A core. Consider whether your idea could be developed as a plugin.
## Coding style
......@@ -33,12 +35,11 @@ However, **please keep style-only changes to a separate commit!** For example if
- Operators (`=`, `+` etc) should have a space either side.
- Control structure keywords (`if`, `else`, `foreach` etc) should have a space between them and the opening parenthesis.
- Opening braces for classes and functions should be on the next line.
- Opening braces for control structures should be on the same line.
- Optional braces may be omitted only when the statement spans only one line.
- Opening braces for control structures should be on the same line. All control structures should use braces.
### Examples
Here is an example of the old style. Even though the braces are technically optional (the foreach contains only one statement), the statement spans several lines so brances should be used here for clarity.
Here is an example of the old style. Even though the braces are technically optional (the foreach contains only one statement), they should be used here for clarity.
foreach ($thingarray as $thing)
if (isset($thing['id']))
......@@ -53,16 +54,17 @@ It should be rewritten as:
foreach ($thingarray as $thing) {
if (isset($thing['id'])) {
if (strpos($thing['id'], 'Hello') === 0)
if (strpos($thing['id'], 'Hello') === 0) {
$newthing = 'Goodbye';
elseif ($thing['id'] == 'World')
} elseif ($thing['id'] == 'World') {
$newerthing = 'Galaxy';
}
else
}
} else {
return null;
}
}
Here is a class example showing the placement of braces, operators, and an advanced DocBlock comment.
Here is a class example showing the placement of braces, operators, and a DocBlock comment.
class qa_example
{
......
VERSION.txt
1.7.3
\ No newline at end of file
1.7.4
\ No newline at end of file
qa-external-example/qa-external-users.php
......@@ -29,29 +29,28 @@
It is used if QA_EXTERNAL_USERS is set to true in qa-config.php.
*/
if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser
header('Location: ../');
exit;
}
function qa_get_mysql_user_column_type()
{
/*
==========================================================================
YOU MUST MODIFY THIS FUNCTION *BEFORE* Q2A CREATES ITS DATABASE
==========================================================================
You should return the appropriate MySQL column type to use for the userid,
for smooth integration with your existing users. Allowed options are:
SMALLINT, SMALLINT UNSIGNED, MEDIUMINT, MEDIUMINT UNSIGNED, INT, INT UNSIGNED,
BIGINT, BIGINT UNSIGNED or VARCHAR(x) where x is the maximum length.
*/
if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser
header('Location: ../');
exit;
}
/**
* ==========================================================================
* YOU MUST MODIFY THIS FUNCTION *BEFORE* Q2A CREATES ITS DATABASE
* ==========================================================================
*
* You should return the appropriate MySQL column type to use for the userid,
* for smooth integration with your existing users. Allowed options are:
*
* SMALLINT, SMALLINT UNSIGNED, MEDIUMINT, MEDIUMINT UNSIGNED, INT, INT UNSIGNED,
* BIGINT, BIGINT UNSIGNED or VARCHAR(x) where x is the maximum length.
*/
function qa_get_mysql_user_column_type()
{
// Set this before anything else
return null;
return null;
/*
Example 1 - suitable if:
......@@ -68,48 +67,47 @@
return 'INT UNSIGNED';
*/
}
function qa_get_login_links($relative_url_prefix, $redirect_back_to_url)
/*
===========================================================================
YOU MUST MODIFY THIS FUNCTION, BUT CAN DO SO AFTER Q2A CREATES ITS DATABASE
===========================================================================
You should return an array containing URLs for the login, register and logout pages on
your site. These URLs will be used as appropriate within the Q2A site.
You may return absolute or relative URLs for each page. If you do not want one of the links
to show, omit it from the array, or use null or an empty string.
If you use absolute URLs, then return an array with the URLs in full (see example 1 below).
If you use relative URLs, the URLs should start with $relative_url_prefix, followed by the
relative path from the root of the Q2A site to your login page. Like in example 2 below, if
the Q2A site is in a subdirectory, $relative_url_prefix.'../' refers to your site root.
Now, about $redirect_back_to_url. Let's say a user is viewing a page on the Q2A site, and
clicks a link to the login URL that you returned from this function. After they log in using
the form on your main site, they want to automatically go back to the page on the Q2A site
where they came from. This can be done with an HTTP redirect, but how does your login page
know where to redirect the user to? The solution is $redirect_back_to_url, which is the URL
of the page on the Q2A site where you should send the user once they've successfully logged
in. To implement this, you can add $redirect_back_to_url as a parameter to the login URL
that you return from this function. Your login page can then read it in from this parameter,
and redirect the user back to the page after they've logged in. The same applies for your
register and logout pages. Note that the URL you are given in $redirect_back_to_url is
relative to the root of the Q2A site, so you may need to add something.
*/
{
}
/**
* ===========================================================================
* YOU MUST MODIFY THIS FUNCTION, BUT CAN DO SO AFTER Q2A CREATES ITS DATABASE
* ===========================================================================
*
* You should return an array containing URLs for the login, register and logout pages on
* your site. These URLs will be used as appropriate within the Q2A site.
*
* You may return absolute or relative URLs for each page. If you do not want one of the links
* to show, omit it from the array, or use null or an empty string.
*
* If you use absolute URLs, then return an array with the URLs in full (see example 1 below).
*
* If you use relative URLs, the URLs should start with $relative_url_prefix, followed by the
* relative path from the root of the Q2A site to your login page. Like in example 2 below, if
* the Q2A site is in a subdirectory, $relative_url_prefix.'../' refers to your site root.
*
* Now, about $redirect_back_to_url. Let's say a user is viewing a page on the Q2A site, and
* clicks a link to the login URL that you returned from this function. After they log in using
* the form on your main site, they want to automatically go back to the page on the Q2A site
* where they came from. This can be done with an HTTP redirect, but how does your login page
* know where to redirect the user to? The solution is $redirect_back_to_url, which is the URL
* of the page on the Q2A site where you should send the user once they've successfully logged
* in. To implement this, you can add $redirect_back_to_url as a parameter to the login URL
* that you return from this function. Your login page can then read it in from this parameter,
* and redirect the user back to the page after they've logged in. The same applies for your
* register and logout pages. Note that the URL you are given in $redirect_back_to_url is
* relative to the root of the Q2A site, so you may need to add something.
*/
function qa_get_login_links($relative_url_prefix, $redirect_back_to_url)
{
// Until you edit this function, don't show login, register or logout links
return array(
'login' => null,
'register' => null,
'logout' => null
);
return array(
'login' => null,
'register' => null,
'logout' => null
);
/*
Example 1 - using absolute URLs, suitable if:
......@@ -124,7 +122,6 @@
'register' => 'http://www.mysite.com/register',
'logout' => 'http://www.mysite.com/logout',
);
*/
/*
......@@ -155,46 +152,44 @@
'logout' => $relative_url_prefix.'../logout.php?redirect='.urlencode('qa/'.$redirect_back_to_url),
);
*/
}
function qa_get_logged_in_user()
/*
===========================================================================
YOU MUST MODIFY THIS FUNCTION, BUT CAN DO SO AFTER Q2A CREATES ITS DATABASE
===========================================================================
qa_get_logged_in_user()
You should check (using $_COOKIE, $_SESSION or whatever is appropriate) whether a user is
currently logged in. If not, return null. If so, return an array with the following elements:
* userid: a user id appropriate for your response to qa_get_mysql_user_column_type()
* publicusername: a user description you are willing to show publicly, e.g. the username
* email: the logged in user's email address
* passsalt: (optional) password salt specific to this user, used for form security codes
* level: one of the QA_USER_LEVEL_* values below to denote the user's privileges:
QA_USER_LEVEL_BASIC, QA_USER_LEVEL_EDITOR, QA_USER_LEVEL_ADMIN, QA_USER_LEVEL_SUPER
To indicate that the user is blocked you can also add an element 'blocked' with the value true.
Blocked users are not allowed to perform any write actions such as voting or posting.
The result of this function will be passed to your other function qa_get_logged_in_user_html()
so you may add any other elements to the returned array if they will be useful to you.
Call qa_db_connection() to get the connection to the Q2A database. If your database is shared with
Q2A, you can use this with PHP's MySQL functions such as mysql_query() to run queries.
In order to access the admin interface of your Q2A site, ensure that the array element 'level'
contains QA_USER_LEVEL_ADMIN or QA_USER_LEVEL_SUPER when you are logged in.
*/
{
}
/**
* ===========================================================================
* YOU MUST MODIFY THIS FUNCTION, BUT CAN DO SO AFTER Q2A CREATES ITS DATABASE
* ===========================================================================
*
* qa_get_logged_in_user()
*
* You should check (using $_COOKIE, $_SESSION or whatever is appropriate) whether a user is
* currently logged in. If not, return null. If so, return an array with the following elements:
*
* - userid: a user id appropriate for your response to qa_get_mysql_user_column_type()
* - publicusername: a user description you are willing to show publicly, e.g. the username
* - email: the logged in user's email address
* - passsalt: (optional) password salt specific to this user, used for form security codes
* - level: one of the QA_USER_LEVEL_* values below to denote the user's privileges:
*
* QA_USER_LEVEL_BASIC, QA_USER_LEVEL_EDITOR, QA_USER_LEVEL_ADMIN, QA_USER_LEVEL_SUPER
*
* To indicate that the user is blocked you can also add an element 'blocked' with the value true.
* Blocked users are not allowed to perform any write actions such as voting or posting.
*
* The result of this function will be passed to your other function qa_get_logged_in_user_html()
* so you may add any other elements to the returned array if they will be useful to you.
*
* Call qa_db_connection() to get the connection to the Q2A database. If your database is shared with
* Q2A, you can also use the various qa_db_* functions to run queries.
*
* In order to access the admin interface of your Q2A site, ensure that the array element 'level'
* contains QA_USER_LEVEL_ADMIN or QA_USER_LEVEL_SUPER when you are logged in.
*/
function qa_get_logged_in_user()
{
// Until you edit this function, nobody is ever logged in
return null;
return null;
/*
Example 1 - suitable if:
......@@ -207,25 +202,22 @@
session_start();
if ($_SESSION['is_logged_in']) {
$userid=$_SESSION['logged_in_userid'];
$qa_db_connection=qa_db_connection();
if (isset($_SESSION['is_logged_in'])) {
$userid = $_SESSION['logged_in_userid'];
$result=mysql_fetch_assoc(
mysql_query(
"SELECT email FROM users WHERE userid='".mysql_real_escape_string($userid, $qa_db_connection)."'",
$qa_db_connection
)
);
$result = qa_db_read_one_assoc(qa_db_query_sub(
'SELECT email FROM users WHERE id=$',
$userid
));
if (is_array($result))
if (is_array($result)) {
return array(
'userid' => $userid,
'publicusername' => $userid,
'email' => $result['email'],
'level' => ($userid=='admin') ? QA_USER_LEVEL_ADMIN : QA_USER_LEVEL_BASIC
'level' => ($userid == 'admin') ? QA_USER_LEVEL_ADMIN : QA_USER_LEVEL_BASIC
);
}
}
return null;
......@@ -240,50 +232,44 @@
* Your database has a sessions table that maps session IDs to users
* Your database has a users table that contains usernames, emails and a flag for admin privileges
if ($_COOKIE['sessionid']) {
$qa_db_connection=qa_db_connection();
if (isset($_COOKIE['sessionid'])) {
$result = qa_db_read_one_assoc(qa_db_query_sub(
'SELECT userid, username, email, admin_flag FROM users WHERE userid=(SELECT userid FROM sessions WHERE sessionid=#)',
$_COOKIE['sessionid']
));
$result=mysql_fetch_assoc(
mysql_query(
"SELECT userid, username, email, admin_flag FROM users WHERE userid=".
"(SELECT userid FROM sessions WHERE sessionid='".mysql_real_escape_string($_COOKIE['session_id'], $qa_db_connection)."')",
$qa_db_connection
)
);
if (is_array($result))
if (is_array($result)) {
return array(
'userid' => $result['userid'],
'publicusername' => $result['username'],
'email' => $result['email'],
'level' => $result['admin_flag'] ? QA_USER_LEVEL_ADMIN : QA_USER_LEVEL_BASIC
);
}
}
return null;
*/
}
function qa_get_user_email($userid)
/*
===========================================================================
YOU MUST MODIFY THIS FUNCTION, BUT CAN DO SO AFTER Q2A CREATES ITS DATABASE
===========================================================================
qa_get_user_email($userid)
Return the email address for user $userid, or null if you don't know it.
Call qa_db_connection() to get the connection to the Q2A database. If your database is shared with
Q2A, you can use this with PHP's MySQL functions such as mysql_query() to run queries.
*/
{
}
/**
* ===========================================================================
* YOU MUST MODIFY THIS FUNCTION, BUT CAN DO SO AFTER Q2A CREATES ITS DATABASE
* ===========================================================================
*
* qa_get_user_email($userid)
*
* Return the email address for user $userid, or null if you don't know it.
*
* Call qa_db_connection() to get the connection to the Q2A database. If your database is shared with
* Q2A, you can also use the various qa_db_* functions to run queries.
*/
function qa_get_user_email($userid)
{
// Until you edit this function, always return null
return null;
return null;
/*
Example 1 - suitable if:
......@@ -291,56 +277,50 @@
* Your database is shared with the Q2A site
* Your database has a users table that contains emails
$qa_db_connection=qa_db_connection();
$result=mysql_fetch_assoc(
mysql_query(
"SELECT email FROM users WHERE userid='".mysql_real_escape_string($userid, $qa_db_connection)."'",
$qa_db_connection
)
);
$result = qa_db_read_one_assoc(qa_db_query_sub(
'SELECT email FROM users WHERE userid=#',
$userid
));
if (is_array($result))
return $result['email'];
return null;
*/
}
function qa_get_userids_from_public($publicusernames)
/*
===========================================================================
YOU MUST MODIFY THIS FUNCTION, BUT CAN DO SO AFTER Q2A CREATES ITS DATABASE
===========================================================================
qa_get_userids_from_public($publicusernames)
You should take the array of public usernames in $publicusernames, and return an array which
maps valid usernames to internal user ids. For each element of this array, the username should be
in the key, with the corresponding user id in the value. If your usernames are case- or accent-
insensitive, keys should contain the usernames as stored, not necessarily as in $publicusernames.
Call qa_db_connection() to get the connection to the Q2A database. If your database is shared with
Q2A, you can use this with PHP's MySQL functions such as mysql_query() to run queries. If you
access this database or any other, try to use a single query instead of one per user.
*/
{
}
/**
* ===========================================================================
* YOU MUST MODIFY THIS FUNCTION, BUT CAN DO SO AFTER Q2A CREATES ITS DATABASE
* ===========================================================================
*
* qa_get_userids_from_public($publicusernames)
*
* You should take the array of public usernames in $publicusernames, and return an array which
* maps valid usernames to internal user ids. For each element of this array, the username should be
* in the key, with the corresponding user id in the value. If your usernames are case- or accent-
* insensitive, keys should contain the usernames as stored, not necessarily as in $publicusernames.
*
* Call qa_db_connection() to get the connection to the Q2A database. If your database is shared with
* Q2A, you can also use the various qa_db_* functions to run queries. If you access this database or
* any other, try to use a single query instead of one per user.
*/
function qa_get_userids_from_public($publicusernames)
{
// Until you edit this function, always return null
return null;
return null;
/*
Example 1 - suitable if:
* You use textual user identifiers that are also shown publicly
$publictouserid=array();
$publictouserid = array();
foreach ($publicusernames as $publicusername)
$publictouserid[$publicusername]=$publicusername;
$publictouserid[$publicusername] = $publicusername;
return $publictouserid;
*/
......@@ -352,63 +332,58 @@
* Your database is shared with the Q2A site
* Your database has a users table that contains usernames
$publictouserid=array();
$publictouserid = array();
if (count($publicusernames)) {
$qa_db_connection=qa_db_connection();
$escapedusernames=array();
$escapedusernames = array();
foreach ($publicusernames as $publicusername)
$escapedusernames[]="'".mysql_real_escape_string($publicusername, $qa_db_connection)."'";
$escapedusernames[] = "'" . qa_db_escape_string($publicusername) . "'";
$results=mysql_query(
'SELECT username, userid FROM users WHERE username IN ('.implode(',', $escapedusernames).')',
$qa_db_connection
);
$results = qa_db_read_all_assoc(qa_db_query_raw(
'SELECT username, userid FROM users WHERE username IN (' . implode(',', $escapedusernames) . ')'
));
while ($result=mysql_fetch_assoc($results))
$publictouserid[$result['username']]=$result['userid'];
foreach ($results as $result)
$publictouserid[$result['username']] = $result['userid'];
}
return $publictouserid;
*/
}
function qa_get_public_from_userids($userids)
/*
===========================================================================
YOU MUST MODIFY THIS FUNCTION, BUT CAN DO SO AFTER Q2A CREATES ITS DATABASE
===========================================================================
qa_get_public_from_userids($userids)
This is exactly like qa_get_userids_from_public(), but works in the other direction.
You should take the array of user identifiers in $userids, and return an array which maps valid
userids to public usernames. For each element of this array, the userid you were given should
be in the key, with the corresponding username in the value.
Call qa_db_connection() to get the connection to the Q2A database. If your database is shared with
Q2A, you can use this with PHP's MySQL functions such as mysql_query() to run queries. If you
access this database or any other, try to use a single query instead of one per user.
*/
{
}
/**
* ===========================================================================
* YOU MUST MODIFY THIS FUNCTION, BUT CAN DO SO AFTER Q2A CREATES ITS DATABASE
* ===========================================================================
*
* qa_get_public_from_userids($userids)
*
* This is exactly like qa_get_userids_from_public(), but works in the other direction.
*
* You should take the array of user identifiers in $userids, and return an array which maps valid
* userids to public usernames. For each element of this array, the userid you were given should
* be in the key, with the corresponding username in the value.
*
* Call qa_db_connection() to get the connection to the Q2A database. If your database is shared with
* Q2A, you can also use the various qa_db_* functions to run queries. If you access this database or
* any other, try to use a single query instead of one per user.
*/
function qa_get_public_from_userids($userids)
{
// Until you edit this function, always return null
return null;
return null;
/*
Example 1 - suitable if:
* You use textual user identifiers that are also shown publicly
$useridtopublic=array();
$useridtopublic = array();
foreach ($userids as $userid)
$useridtopublic[$userid]=$userid;
$useridtopublic[$userid] = $userid;
return $useridtopublic;
*/
......@@ -420,59 +395,56 @@
* Your database is shared with the Q2A site
* Your database has a users table that contains usernames
$useridtopublic=array();
$useridtopublic = array();
if (count($userids)) {
$qa_db_connection=qa_db_connection();
$escapeduserids=array();
$escapeduserids = array();
foreach ($userids as $userid)
$escapeduserids[]="'".mysql_real_escape_string($userid, $qa_db_connection)."'";
$escapeduserids[] = "'" . qa_db_escape_string($userid) . "'";
$results=mysql_query(
'SELECT username, userid FROM users WHERE userid IN ('.implode(',', $escapeduserids).')',
$qa_db_connection
);
$results = qa_db_read_all_assoc(qa_db_query_raw(
'SELECT username, userid FROM users WHERE userid IN (' . implode(',', $escapeduserids) . ')'
));
while ($result=mysql_fetch_assoc($results))
$useridtopublic[$result['userid']]=$result['username'];
foreach ($results as $result)
$useridtopublic[$result['userid']] = $result['username'];
}
return $useridtopublic;
*/
}
function qa_get_logged_in_user_html($logged_in_user, $relative_url_prefix)
/*
==========================================================================
YOU MAY MODIFY THIS FUNCTION, BUT THE DEFAULT BELOW WILL WORK OK
==========================================================================
qa_get_logged_in_user_html($logged_in_user, $relative_url_prefix)
You should return HTML code which identifies the logged in user, to be displayed next to the
logout link on the Q2A pages. This HTML will only be shown to the logged in user themselves.
$logged_in_user is the array that you returned from qa_get_logged_in_user(). Hopefully this
contains enough information to generate the HTML without another database query, but if not,
call qa_db_connection() to get the connection to the Q2A database.
$relative_url_prefix is a relative URL to the root of the Q2A site, which may be useful if
you want to include a link that uses relative URLs. If the Q2A site is in a subdirectory of
your site, $relative_url_prefix.'../' refers to your site root (see example 1).
If you don't know what to display for a user, you can leave the default below. This will
show the public username, linked to the Q2A profile page for the user.
*/
{
}
/**
* ==========================================================================
* YOU MAY MODIFY THIS FUNCTION, BUT THE DEFAULT BELOW WILL WORK OK
* ==========================================================================
*
* qa_get_logged_in_user_html($logged_in_user, $relative_url_prefix)
*
* You should return HTML code which identifies the logged in user, to be displayed next to the
* logout link on the Q2A pages. This HTML will only be shown to the logged in user themselves.
* Note: the username MUST be escaped with htmlspecialchars() for general output, or urlencode()
* for link URLs.
*
* $logged_in_user is the array that you returned from qa_get_logged_in_user(). Hopefully this
* contains enough information to generate the HTML without another database query, but if not,
* call qa_db_connection() to get the connection to the Q2A database.
*
* $relative_url_prefix is a relative URL to the root of the Q2A site, which may be useful if
* you want to include a link that uses relative URLs. If the Q2A site is in a subdirectory of
* your site, $relative_url_prefix.'../' refers to your site root (see example 1).
*
* If you don't know what to display for a user, you can leave the default below. This will
* show the public username, linked to the Q2A profile page for the user.
*/
function qa_get_logged_in_user_html($logged_in_user, $relative_url_prefix)
{
// By default, show the public username linked to the Q2A profile page for the user
$publicusername=$logged_in_user['publicusername'];
$publicusername = $logged_in_user['publicusername'];
return '<a href="'.qa_path_html('user/'.$publicusername).'" class="qa-user-link">'.htmlspecialchars($publicusername).'</a>';
return '<a href="' . qa_path_html('user/' . $publicusername) . '" class="qa-user-link">' . htmlspecialchars($publicusername) . '</a>';
/*
Example 1 - suitable if:
......@@ -480,10 +452,10 @@
* Your Q2A site: http://www.mysite.com/qa/
* Your user pages: http://www.mysite.com/user/[username]
$publicusername=$logged_in_user['publicusername'];
$publicusername = $logged_in_user['publicusername'];
return '<a href="'.htmlspecialchars($relative_url_prefix.'../user/'.urlencode($publicusername)).
'" class="qa-user-link">'.htmlspecialchars($publicusername).'</a>';
return '<a href="' . htmlspecialchars($relative_url_prefix . '../user/' . urlencode($publicusername)) .
'" class="qa-user-link">' . htmlspecialchars($publicusername) . '</a>';
*/
/*
......@@ -491,61 +463,61 @@
* Your Q2A site: http://qa.mysite.com/
* Your user pages: http://www.mysite.com/[username]/
* 16x16 user photos: http://www.mysite.com/[username]/photo-small.jpeg
* 16x16 user photos: http://www.mysite.com/[username]/photo-small.jpg
$publicusername=$logged_in_user['publicusername'];
$publicusername = $logged_in_user['publicusername'];
return '<a href="http://www.mysite.com/'.htmlspecialchars(urlencode($publicusername)).'/" class="qa-user-link">'.
'<img src="http://www.mysite.com/'.htmlspecialchars(urlencode($publicusername)).'/photo-small.jpeg" '.
'style="width:16px; height:16px; border:none; margin-right:4px;">'.htmlspecialchars($publicusername).'</a>';
return '<a href="http://www.mysite.com/' . htmlspecialchars(urlencode($publicusername)) . '/" class="qa-user-link">' .
'<img src="http://www.mysite.com/' . htmlspecialchars(urlencode($publicusername)) . '/photo-small.jpg" ' .
'style="width:16px; height:16px; border:none; margin-right:4px;">' . htmlspecialchars($publicusername) . '</a>';
*/
}
function qa_get_users_html($userids, $should_include_link, $relative_url_prefix)
/*
==========================================================================
YOU MAY MODIFY THIS FUNCTION, BUT THE DEFAULT BELOW WILL WORK OK
==========================================================================
qa_get_users_html($userids, $should_include_link, $relative_url_prefix)
You should return an array of HTML to display for each user in $userids. For each element of
this array, the userid should be in the key, with the corresponding HTML in the value.
Call qa_db_connection() to get the connection to the Q2A database. If your database is shared with
Q2A, you can use this with PHP's MySQL functions such as mysql_query() to run queries. If you
access this database or any other, try to use a single query instead of one per user.
If $should_include_link is true, the HTML may include links to user profile pages.
If $should_include_link is false, links should not be included in the HTML.
$relative_url_prefix is a relative URL to the root of the Q2A site, which may be useful if
you want to include links that uses relative URLs. If the Q2A site is in a subdirectory of
your site, $relative_url_prefix.'../' refers to your site root (see example 1).
If you don't know what to display for a user, you can leave the default below. This will
show the public username, linked to the Q2A profile page for each user.
*/
{
}
/**
* ==========================================================================
* YOU MAY MODIFY THIS FUNCTION, BUT THE DEFAULT BELOW WILL WORK OK
* ==========================================================================
*
* qa_get_users_html($userids, $should_include_link, $relative_url_prefix)
*
* You should return an array of HTML to display for each user in $userids. For each element of
* this array, the userid should be in the key, with the corresponding HTML in the value.
* Note: the username MUST be escaped with htmlspecialchars() for general output, or urlencode()
* for link URLs.
*
* Call qa_db_connection() to get the connection to the Q2A database. If your database is shared with
* Q2A, you can also use the various qa_db_* functions to run queries. If you access this database or
* any other, try to use a single query instead of one per user.
*
* If $should_include_link is true, the HTML may include links to user profile pages.
* If $should_include_link is false, links should not be included in the HTML.
*
* $relative_url_prefix is a relative URL to the root of the Q2A site, which may be useful if
* you want to include links that uses relative URLs. If the Q2A site is in a subdirectory of
* your site, $relative_url_prefix.'../' refers to your site root (see example 1).
*
* If you don't know what to display for a user, you can leave the default below. This will
* show the public username, linked to the Q2A profile page for each user.
*/
function qa_get_users_html($userids, $should_include_link, $relative_url_prefix)
{
// By default, show the public username linked to the Q2A profile page for each user
$useridtopublic=qa_get_public_from_userids($userids);
$useridtopublic = qa_get_public_from_userids($userids);
$usershtml=array();
$usershtml = array();
foreach ($userids as $userid) {
$publicusername=$useridtopublic[$userid];
foreach ($userids as $userid) {
$publicusername = $useridtopublic[$userid];
$usershtml[$userid]=htmlspecialchars($publicusername);
$usershtml[$userid] = htmlspecialchars($publicusername);
if ($should_include_link)
$usershtml[$userid]='<a href="'.qa_path_html('user/'.$publicusername).'" class="qa-user-link">'.$usershtml[$userid].'</a>';
}
if ($should_include_link)
$usershtml[$userid] = '<a href="' . qa_path_html('user/' . $publicusername) . '" class="qa-user-link">' . $usershtml[$userid] . '</a>';
}
return $usershtml;
return $usershtml;
/*
Example 1 - suitable if:
......@@ -553,16 +525,17 @@
* Your Q2A site: http://www.mysite.com/qa/
* Your user pages: http://www.mysite.com/user/[username]
$useridtopublic=qa_get_public_from_userids($userids);
$useridtopublic = qa_get_public_from_userids($userids);
foreach ($userids as $userid) {
$publicusername=$useridtopublic[$userid];
$publicusername = $useridtopublic[$userid];
$usershtml[$userid]=htmlspecialchars($publicusername);
$usershtml[$userid] = htmlspecialchars($publicusername);
if ($should_include_link)
$usershtml[$userid]='<a href="'.htmlspecialchars($relative_url_prefix.'../user/'.urlencode($publicusername)).
'" class="qa-user-link">'.$usershtml[$userid].'</a>';
if ($should_include_link) {
$usershtml[$userid] = '<a href="' . htmlspecialchars($relative_url_prefix . '../user/' . urlencode($publicusername)) .
'" class="qa-user-link">' . $usershtml[$userid] . '</a>';
}
}
return $usershtml;
......@@ -573,53 +546,55 @@
* Your Q2A site: http://qa.mysite.com/
* Your user pages: http://www.mysite.com/[username]/
* User photos (16x16): http://www.mysite.com/[username]/photo-small.jpeg
* User photos (16x16): http://www.mysite.com/[username]/photo-small.jpg
$useridtopublic=qa_get_public_from_userids($userids);
$useridtopublic = qa_get_public_from_userids($userids);
foreach ($userids as $userid) {
$publicusername=$useridtopublic[$userid];
$publicusername = $useridtopublic[$userid];
$usershtml[$userid]='<img src="http://www.mysite.com/'.htmlspecialchars(urlencode($publicusername)).'/photo-small.jpeg" '.
'style="width:16px; height:16px; border:0; margin-right:4px;">'.htmlspecialchars($publicusername);
$usershtml[$userid] = '<img src="http://www.mysite.com/' . htmlspecialchars(urlencode($publicusername)) . '/photo-small.jpg" ' .
'style="width:16px; height:16px; border:0; margin-right:4px;">' . htmlspecialchars($publicusername);
if ($should_include_link)
$usershtml[$userid]='<a href="http://www.mysite.com/'.htmlspecialchars(urlencode($publicusername)).
'/" class="qa-user-link">'.$usershtml[$userid].'</a>';
if ($should_include_link) {
$usershtml[$userid] = '<a href="http://www.mysite.com/' . htmlspecialchars(urlencode($publicusername)) .
'/" class="qa-user-link">' . $usershtml[$userid] . '</a>';
}
}
return $usershtml;
*/
}
function qa_avatar_html_from_userid($userid, $size, $padding)
/*
==========================================================================
YOU MAY MODIFY THIS FUNCTION, BUT THE DEFAULT BELOW WILL WORK OK
==========================================================================
qa_avatar_html_from_userid($userid, $size, $padding)
You should return some HTML for displaying the avatar of $userid on the page.
If you do not wish to show an avatar for this user, return null.
$size contains the maximum width and height of the avatar to be displayed, in pixels.
If $padding is true, the HTML you return should render to a square of $size x $size pixels,
even if the avatar is not square. This can be achieved using CSS padding - see function
qa_get_avatar_blob_html(...) in qa-app-format.php for an example. If $padding is false,
the HTML can render to anything which would fit inside a square of $size x $size pixels.
Note that this function may be called many times to render an individual page, so it is not
a good idea to perform a database query each time it is called. Instead, you can use the fact
that before qa_avatar_html_from_userid(...) is called, qa_get_users_html(...) will have been
called with all the relevant users in the array $userids. So you can pull out the information
you need in qa_get_users_html(...) and cache it in a global variable, for use in this function.
*/
{
return null; // show no avatars by default
}
/**
* ==========================================================================
* YOU MAY MODIFY THIS FUNCTION, BUT THE DEFAULT BELOW WILL WORK OK
* ==========================================================================
*
* qa_avatar_html_from_userid($userid, $size, $padding)
*
* You should return some HTML for displaying the avatar of $userid on the page.
* If you do not wish to show an avatar for this user, return null.
*
* $size contains the maximum width and height of the avatar to be displayed, in pixels.
*
* If $padding is true, the HTML you return should render to a square of $size x $size pixels,
* even if the avatar is not square. This can be achieved using CSS padding - see function
* qa_get_avatar_blob_html(...) in qa-app-format.php for an example. If $padding is false,
* the HTML can render to anything which would fit inside a square of $size x $size pixels.
*
* Note that this function may be called many times to render an individual page, so it is not
* a good idea to perform a database query each time it is called. Instead, you can use the fact
* that before qa_avatar_html_from_userid(...) is called, qa_get_users_html(...) will have been
* called with all the relevant users in the array $userids. So you can pull out the information
* you need in qa_get_users_html(...) and cache it in a global variable, for use in this function.
*/
function qa_avatar_html_from_userid($userid, $size, $padding)
{
// Show no avatars by default
return null;
/*
Example 1 - suitable if:
......@@ -628,40 +603,34 @@
* Your Q2A site: http://www.mysite.com/qa/
* Your avatar images: http://www.mysite.com/avatar/[userid]-[size]x[size].jpg
$htmlsize=(int)$size;
$htmlsize = (int)$size;
return '<img src="http://www.mysite.com/avatar/'.htmlspecialchars($userid).'-'.$htmlsize.'x'.$htmlsize.'.jpg" '.
'width="'.$htmlsize.'" height="'.$htmlsize.'" class="qa-avatar-image" alt=""/>';
return '<img src="http://www.mysite.com/avatar/' . htmlspecialchars($userid) . '-' . $htmlsize . 'x' . $htmlsize . '.jpg" ' .
'width="' . $htmlsize . '" height="' . $htmlsize . '" class="qa-avatar-image" alt=""/>';
*/
}
function qa_user_report_action($userid, $action)
/*
==========================================================================
YOU MAY MODIFY THIS FUNCTION, BUT THE DEFAULT BELOW WILL WORK OK
==========================================================================
qa_user_report_action($userid, $action)
Informs you about an action by user $userid that modified the database, such as posting,
voting, etc... If you wish, you may use this to log user activity or monitor for abuse.
Call qa_db_connection() to get the connection to the Q2A database. If your database is shared with
Q2A, you can use this with PHP's MySQL functions such as mysql_query() to run queries.
$action will be a string (such as 'q_edit') describing the action. These strings will match the
first $event parameter passed to the process_event(...) function in event modules. In fact, you might
be better off just using a plugin with an event module instead, since you'll get more information.
FYI, you can get the IP address of the user from qa_remote_ip_address().
*/
{
// do nothing by default
}
/*
Omit PHP closing tag to help avoid accidental output
*/
\ No newline at end of file
}
/**
* ==========================================================================
* YOU MAY MODIFY THIS FUNCTION, BUT THE DEFAULT BELOW WILL WORK OK
* ==========================================================================
*
* qa_user_report_action($userid, $action)
*
* Informs you about an action by user $userid that modified the database, such as posting,
* voting, etc... If you wish, you may use this to log user activity or monitor for abuse.
*
* Call qa_db_connection() to get the connection to the Q2A database. If your database is shared with
* Q2A, you can also use the various qa_db_* functions to run queries.
*
* $action will be a string (such as 'q_edit') describing the action. These strings will match the
* first $event parameter passed to the process_event(...) function in event modules. In fact, you might
* be better off just using a plugin with an event module instead, since you'll get more information.
*
* FYI, you can get the IP address of the user from qa_remote_ip_address().
*/
function qa_user_report_action($userid, $action)
{
// Do nothing by default
}
qa-include/ajax/version.php
......@@ -21,6 +21,12 @@
*/
require_once QA_INCLUDE_DIR.'app/admin.php';
require_once QA_INCLUDE_DIR.'app/users.php';
if (qa_get_logged_in_level() < QA_USER_LEVEL_ADMIN) {
echo "QA_AJAX_RESPONSE\n0\n" . qa_lang_html('admin/no_privileges');
return;
}
$uri = qa_post_text('uri');
$version = qa_post_text('version');
......
qa-include/app/emails.php
......@@ -142,8 +142,18 @@
$mailer->Host=qa_opt('smtp_address');
$mailer->Port=qa_opt('smtp_port');
if (qa_opt('smtp_secure'))
if (qa_opt('smtp_secure')){
$mailer->SMTPSecure=qa_opt('smtp_secure');
}
else {
$mailer->SMTPOptions=array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
'allow_self_signed' => true
)
);
}
if (qa_opt('smtp_authenticate')) {
$mailer->SMTPAuth=true;
......@@ -152,7 +162,11 @@
}
}
return $mailer->Send();
$send_status = $mailer->Send();
if(!$send_status){
@error_log('PHP Question2Answer email send error: '.$mailer->ErrorInfo);
}
return $send_status;
}
......
qa-include/qa-base.php
......@@ -21,8 +21,8 @@
*/
define('QA_VERSION', '1.7.3'); // also used as suffix for .js and .css requests
define('QA_BUILD_DATE', '2016-01-29');
define('QA_VERSION', '1.7.4'); // also used as suffix for .js and .css requests
define('QA_BUILD_DATE', '2016-03-14');
/**
......@@ -1589,6 +1589,11 @@
{
if (qa_to_override(__FUNCTION__)) { $args=func_get_args(); return qa_call_override(__FUNCTION__, $args); }
// ensure we're fetching a remote URL
if (!preg_match('#^https?://#', $url)) {
return '';
}
$contents=@file_get_contents($url);
if ((!strlen($contents)) && function_exists('curl_exec')) { // try curl as a backup (if allow_url_fopen not set)
......
qa-include/qa-db.php
......@@ -59,10 +59,26 @@
if ($qa_db_connection instanceof mysqli)
return;
$host = QA_FINAL_MYSQL_HOSTNAME;
$port = null;
if (defined('QA_FINAL_WORDPRESS_INTEGRATE_PATH')) {
// Wordpress allows setting port inside DB_HOST constant, like 127.0.0.1:3306
$host_and_port = explode(':', $host);
if (count($host_and_port) >= 2) {
$host = $host_and_port[0];
$port = $host_and_port[1];
}
} elseif (defined('QA_FINAL_MYSQL_PORT')) {
$port = QA_FINAL_MYSQL_PORT;
}
if (QA_PERSISTENT_CONN_DB)
$host = 'p:'.$host;
// in mysqli we connect and select database in constructor
$host = QA_PERSISTENT_CONN_DB ? 'p:'.QA_FINAL_MYSQL_HOSTNAME : QA_FINAL_MYSQL_HOSTNAME;
if (defined('QA_FINAL_MYSQL_PORT'))
$db = new mysqli($host, QA_FINAL_MYSQL_USERNAME, QA_FINAL_MYSQL_PASSWORD, QA_FINAL_MYSQL_DATABASE, QA_FINAL_MYSQL_PORT);
if ($port !== null)
$db = new mysqli($host, QA_FINAL_MYSQL_USERNAME, QA_FINAL_MYSQL_PASSWORD, QA_FINAL_MYSQL_DATABASE, $port);
else
$db = new mysqli($host, QA_FINAL_MYSQL_USERNAME, QA_FINAL_MYSQL_PASSWORD, QA_FINAL_MYSQL_DATABASE);
......
qa-theme/SnowFlat/qa-styles-rtl.css
......@@ -370,7 +370,7 @@ h1 {
}
.qa-a-item-main {
float: right;
float: left;
margin: 0 20px 0 0;
}
}
......
qa-theme/SnowFlat/qa-styles.css
......@@ -44,7 +44,7 @@
font-family: "fontello";
src: url("fonts/fontello.eot?70015067") format("embedded-opentype"),
url("fonts/fontello.eot?70015067#iefix") format("embedded-opentype"),
url("fonts/fontello2.woff?70015067") format("woff"),
url("fonts/fontello.woff?70015067") format("woff"),
url("fonts/fontello.ttf?70015067") format("truetype"),
url("fonts/fontello.svg?70015067#fontello") format("svg");
font-weight: normal;
......@@ -1015,14 +1015,18 @@ blockquote p {
display: none;
}
}
.qa-template-user-activity .qa-q-item-stats {
width: 65px;
}
.qa-template-user-answers .qa-q-item-stats {
width: 68px;
}
@media (min-width: 241px) and (max-width: 799px) {
.qa-q-item-stats {
.qa-template-user-activity .qa-q-item-stats {
width: 60px;
}
}
@media (min-width: 800px) {
.qa-q-item-stats {
width: 133px;
.qa-template-user-answers .qa-q-item-stats {
width: 60px;
}
}
......@@ -2543,6 +2547,10 @@ input[type="submit"], button {
line-height: 1.71429em;
}
.qa-a-item-avatar-meta {
margin-top: 70px;
}
.qa-a-selection {
left: 100px;
top: 20px;
......@@ -2550,7 +2558,7 @@ input[type="submit"], button {
}
@media (min-width: 980px) {
.qa-a-item-main {
float: left;
float: right;
margin: 0 0 0 20px;
width: 86%;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment