1.6.3

VERSION.txt

@@ -1 +1 @@
-1.6.3-dev-1203
+1.6.3

qa-include/qa-app-format.php

@@ -992,7 +992,7 @@ function qa_html_convert_urls($html, $newwindow=false)
 	{
 		if (qa_to_override(__FUNCTION__)) { $args=func_get_args(); return qa_call_override(__FUNCTION__, $args); }
 
-		return substr(preg_replace('/([^A-Za-z0-9])((http|https|ftp):\/\/([^\s&<>"\'\.])+\.([^\s&<>"\']|&amp;)+)/i', '\1<a href="\2" rel="nofollow"'.($newwindow ? ' target="_blank"' : '').'>\2</a>', ' '.$html.' '), 1, -1);
+		return substr(preg_replace('/([^A-Za-z0-9])((http|https|ftp):\/\/([^\s&<>\(\)\[\]"\'\.])+\.([^\s&<>\(\)\[\]"\']|&amp;)+)/i', '\1<a href="\2" rel="nofollow"'.($newwindow ? ' target="_blank"' : '').'>\2</a>', ' '.$html.' '), 1, -1);
 	}
 
 
@@ -1229,7 +1229,7 @@ function qa_users_sub_navigation()
 	}
 
 
-	function qa_user_sub_navigation($handle, $selected)
+	function qa_user_sub_navigation($handle, $selected, $ismyuser=false)
 /*
 	Return the sub navigation structure for navigating between the different pages relating to a user
 */
@@ -1240,6 +1240,16 @@ function qa_user_sub_navigation($handle, $selected)
 				'url' => qa_path_html('user/'.$handle),
 			),
 
+			'account' => array(
+				'label' => qa_lang_html('misc/nav_my_details'),
+				'url' => qa_path_html('account'),
+			),
+
+			'favorites' => array(
+				'label' => qa_lang_html('misc/nav_my_favorites'),
+				'url' => qa_path_html('favorites'),
+			),
+
 			'wall' => array(
 				'label' => qa_lang_html('misc/nav_user_wall'),
 				'url' => qa_path_html('user/'.$handle.'/wall'),
@@ -1266,14 +1276,21 @@ function qa_user_sub_navigation($handle, $selected)
 
 		if (QA_FINAL_EXTERNAL_USERS || !qa_opt('allow_user_walls'))
 			unset($navigation['wall']);
+
+		if (QA_FINAL_EXTERNAL_USERS || !$ismyuser)
+			unset($navigation['account']);
+
+		if (!$ismyuser)
+			unset($navigation['favorites']);
 
 		return $navigation;
 	}
 
 
 	function qa_account_sub_navigation()
 /*
-	Return the sub navigation structure for user account pages
+	Return the sub navigation structure for user account pages.
+	RETIRED FROM USE IN Q2A 1.6.3 BUT RETAINED FOR BACKWARDS COMPATIBILITY
 */
 	{
 		return array(

qa-include/qa-app-recalc.php

@@ -84,7 +84,7 @@ function qa_recalc_perform_step(&$state)
 	{
 		$continue=false;
 
-		@list($operation, $length, $next, $done)=explode(',', $state);
+		@list($operation, $length, $next, $done)=explode("\t", $state);
 
 		switch ($operation) {
 			case 'doreindexcontent':
@@ -234,19 +234,25 @@ function qa_recalc_perform_step(&$state)
 				break;
 
 			case 'dorecalcpoints_recalc':
-				$userids=qa_db_users_get_for_recalc_points($next, 10);
+				$recalccount=10;
+				$userids=qa_db_users_get_for_recalc_points($next, $recalccount+1); // get one extra so we know where to start from next
+				$gotcount=count($userids);
+				$recalccount=min($recalccount, $gotcount); // can't recalc more than we got
 
-				if (count($userids)) {
-					$lastuserid=max($userids);
+				if ($recalccount>0) {
+					$lastuserid=$userids[$recalccount-1];
+					qa_db_users_recalc_points($next, $lastuserid);					
+					$done+=$recalccount;
 
-					qa_db_users_recalc_points($next, $lastuserid);
-
-					$next=1+$lastuserid;
-					$done+=count($userids);
+				} else
+					$lastuserid=$next; // for truncation
+
+				if ($gotcount>$recalccount) { // more left to do
+					$next=$userids[$recalccount]; // start next round at first one not recalculated
 					$continue=true;
-				
+
 				} else {
-					qa_db_truncate_userpoints($next);
+					qa_db_truncate_userpoints($lastuserid);
 					qa_db_userpointscount_update(); // quick so just do it here
 					qa_recalc_transition($state, 'dorecalcpoints_complete');
 				}
@@ -523,7 +529,7 @@ function qa_recalc_perform_step(&$state)
 		}
 
 		if ($continue)
-			$state=$operation.','.$length.','.$next.','.$done;
+			$state=$operation."\t".$length."\t".$next."\t".$done;
 
 		return $continue && ($done<$length);
 	}
@@ -534,7 +540,11 @@ function qa_recalc_transition(&$state, $operation)
 	Change the $state to represent the beginning of a new $operation
 */
 	{
-		$state=$operation.','.qa_recalc_stage_length($operation).',0,0';
+		$length=qa_recalc_stage_length($operation);
+		$next=(QA_FINAL_EXTERNAL_USERS && ($operation=='dorecalcpoints_recalc')) ? '' : 0;
+		$done=0;
+
+		$state=$operation."\t".$length."\t".$next."\t".$done;
 	}
 
 
@@ -609,7 +619,7 @@ function qa_recalc_get_message($state)
 	Return a string which gives a user-viewable version of $state
 */
 	{
-		@list($operation, $length, $next, $done)=explode(',', $state);
+		@list($operation, $length, $next, $done)=explode("\t", $state);
 
 		$done=(int)$done;
 		$length=(int)$length;

qa-include/qa-app-users-edit.php

@@ -191,7 +191,7 @@ function qa_create_new_user($email, $password, $handle, $level=QA_USER_LEVEL_BAS
 			qa_db_user_set_flag($userid, QA_USER_FLAGS_MUST_APPROVE, true);
 
 		qa_send_notification($userid, $email, $handle, qa_lang('emails/welcome_subject'), qa_lang('emails/welcome_body'), array(
-			'^password' => isset($password) ? $password : qa_lang('users/password_to_set'),
+			'^password' => isset($password) ? qa_lang('main/hidden') : qa_lang('users/password_to_set'), // v 1.6.3: no longer email out passwords
 			'^url' => qa_opt('site_url'),
 			'^custom' => strlen($custom) ? ($custom."\n\n") : '',
 			'^confirm' => $confirm,

qa-include/qa-base.php

@@ -25,8 +25,8 @@
 */
 
 
-	define('QA_VERSION', '1.6.3-dev-1203'); // also used as suffix for .js and .css requests
-	define('QA_BUILD_DATE', '2013-12-03');
+	define('QA_VERSION', '1.6.3'); // also used as suffix for .js and .css requests
+	define('QA_BUILD_DATE', '2014-01-15');
 
 //	Execution section of this file - remainder contains function definitions
 
@@ -733,7 +733,7 @@ function qa_sanitize_html($html, $linksnewwindow=false, $storage=false)
 
 		$safe=htmLawed($html, array(
 			'safe' => 1,
-			'elements' => '*+embed+object',
+			'elements' => '*+embed+object-form',
 			'schemes' => 'href: aim, feed, file, ftp, gopher, http, https, irc, mailto, news, nntp, sftp, ssh, telnet; *:file, http, https; style: !; classid:clsid',
 			'keep_bad' => 0,
 			'anti_link_spam' => array('/.*/', ''),

qa-include/qa-db-post-create.php

@@ -331,7 +331,7 @@ function qa_db_unaqcount_update()
 */
 	{
 		if (qa_should_update_counts())
-			qa_db_query_sub("REPLACE ^options (title, content) SELECT 'cache_unaqcount', COUNT(*) FROM ^posts WHERE type='Q' AND acount=0");
+			qa_db_query_sub("REPLACE ^options (title, content) SELECT 'cache_unaqcount', COUNT(*) FROM ^posts WHERE type='Q' AND acount=0 AND closedbyid IS NULL");
 	}
 
 
@@ -341,7 +341,7 @@ function qa_db_unselqcount_update()
 */
 	{
 		if (qa_should_update_counts())
-			qa_db_query_sub("REPLACE ^options (title, content) SELECT 'cache_unselqcount', COUNT(*) FROM ^posts WHERE type='Q' AND selchildid IS NULL");
+			qa_db_query_sub("REPLACE ^options (title, content) SELECT 'cache_unselqcount', COUNT(*) FROM ^posts WHERE type='Q' AND selchildid IS NULL AND closedbyid IS NULL");
 	}
 
 
@@ -351,7 +351,7 @@ function qa_db_unupaqcount_update()
 */
 	{
 		if (qa_should_update_counts())
-			qa_db_query_sub("REPLACE ^options (title, content) SELECT 'cache_unupaqcount', COUNT(*) FROM ^posts WHERE type='Q' AND amaxvote=0");
+			qa_db_query_sub("REPLACE ^options (title, content) SELECT 'cache_unupaqcount', COUNT(*) FROM ^posts WHERE type='Q' AND amaxvote=0 AND closedbyid IS NULL");
 	}
 
 

qa-include/qa-db-recalc.php

@@ -234,8 +234,8 @@ function qa_db_users_get_for_recalc_points($startuserid, $count)
 	{
 		if (QA_FINAL_EXTERNAL_USERS)
 			return qa_db_read_all_values(qa_db_query_sub(
-				'(SELECT DISTINCT userid FROM ^posts WHERE userid>=# ORDER BY userid LIMIT #) UNION (SELECT DISTINCT userid FROM ^uservotes WHERE userid>=# ORDER BY userid LIMIT #)',
-				$startuserid, $count, $startuserid, $count
+				'SELECT userid FROM ((SELECT DISTINCT userid FROM ^posts WHERE userid>=# ORDER BY userid LIMIT #) UNION (SELECT DISTINCT userid FROM ^uservotes WHERE userid>=# ORDER BY userid LIMIT #)) x ORDER BY userid LIMIT #',
+				$startuserid, $count, $startuserid, $count, $count
 			));
 		else
 			return qa_db_read_all_values(qa_db_query_sub(
@@ -298,14 +298,14 @@ function qa_db_users_recalc_points($firstuserid, $lastuserid)
 	}
 
 
-	function qa_db_truncate_userpoints($firstuserid)
+	function qa_db_truncate_userpoints($lastuserid)
 /*
-	Remove any rows in the userpoints table from $firstuserid upwards
+	Remove any rows in the userpoints table where userid is greater than $lastuserid
 */
 	{
 		qa_db_query_sub(
-			'DELETE FROM ^userpoints WHERE userid>=#',
-			$firstuserid
+			'DELETE FROM ^userpoints WHERE userid>#',
+			$lastuserid
 		);
 	}
 

qa-include/qa-db-selects.php

@@ -360,7 +360,7 @@ function qa_db_unanswered_qs_selectspec($voteuserid, $by, $start, $categoryslugs
 
 		$selectspec=qa_db_posts_basic_selectspec($voteuserid, $full);
 
-		$selectspec['source'].=" JOIN (SELECT postid FROM ^posts WHERE ".qa_db_categoryslugs_sql_args($categoryslugs, $selectspec['arguments'])."type=$ AND ".$bysql." ORDER BY ^posts.created DESC LIMIT #,#) y ON ^posts.postid=y.postid";
+		$selectspec['source'].=" JOIN (SELECT postid FROM ^posts WHERE ".qa_db_categoryslugs_sql_args($categoryslugs, $selectspec['arguments'])."type=$ AND ".$bysql." AND closedbyid IS NULL ORDER BY ^posts.created DESC LIMIT #,#) y ON ^posts.postid=y.postid";
 
 		array_push($selectspec['arguments'], $type, $start, $count);
 
@@ -801,7 +801,7 @@ function qa_db_search_posts_selectspec($voteuserid, $titlewords, $contentwords,
 		}
 
 		if ($selectparts==0)
-			$selectspec['source'].='(SELECT NULL as questionid, 0 AS score, NULL AS matchposttype, NULL AS matchpostid FROM ^posts WHERE postid=NULL)';
+			$selectspec['source'].='(SELECT NULL as questionid, 0 AS score, NULL AS matchposttype, NULL AS matchpostid FROM ^posts WHERE postid IS NULL)';
 
 		$selectspec['source'].=") x LEFT JOIN ^posts ON ^posts.postid=questionid GROUP BY questionid ORDER BY score DESC LIMIT #,#) y ON ^posts.postid=y.questionid";
 

qa-include/qa-event-limits.php

@@ -34,19 +34,28 @@ class qa_event_limits {
 
 		function process_event($event, $userid, $handle, $cookieid, $params)
 		{
+			// Don't increment limits or report user actions for events that were delayed. For example, a 'q_post'
+			// event sent when a post is approved by the admin, for which a 'q_queue' event was already sent.
+
+			if (isset($params['delayed']))
+				return;
+
 			require_once QA_INCLUDE_DIR.'qa-app-limits.php';
 
 			switch ($event) {
+				case 'q_queue':
 				case 'q_post':
 				case 'q_claim':
 					qa_limits_increment($userid, QA_LIMIT_QUESTIONS);
 					break;
 
+				case 'a_queue':
 				case 'a_post':
 				case 'a_claim':
 					qa_limits_increment($userid, QA_LIMIT_ANSWERS);
 					break;
-
+
+				case 'c_queue':	
 				case 'c_post':
 				case 'c_claim':
 				case 'a_to_c':
@@ -85,10 +94,10 @@ function process_event($event, $userid, $handle, $cookieid, $params)
 				'u_block', 'u_edit', 'u_level', 'u_message', 'u_password', 'u_save', 'u_unblock',
 			);
 
-			if ((!isset($params['delayed'])) && (
+			if (
 				is_numeric(array_search(strstr($event, '_'), $writeactions)) ||
 				is_numeric(array_search($event, $writeactions))
-			)) {
+			) {
 				if (isset($userid)) {
 					require_once QA_INCLUDE_DIR.'qa-app-users.php';
 

qa-include/qa-event-notify.php

@@ -161,7 +161,7 @@ function process_event($event, $userid, $handle, $cookieid, $params)
 							array(
 								'^p_handle' => isset($handle) ? $handle : (strlen($params['name']) ? $params['name'] :
 									(strlen(@$oldquestion['name']) ? $oldquestion['name'] : qa_lang('main/anonymous'))),
-								'^p_context' => trim(@$params['title']."\n\n".$params['text']),
+								'^p_context' => trim(@$params['title']."\n\n".$params['text']), // don't censor for admin
 								'^url' => qa_q_path($params['postid'], $params['title'], true),
 								'^a_url' => qa_path_absolute('admin/moderate'),
 							)
@@ -178,7 +178,7 @@ function process_event($event, $userid, $handle, $cookieid, $params)
 							array(
 								'^p_handle' => isset($handle) ? $handle : (strlen($params['name']) ? $params['name'] :
 									(strlen(@$oldanswer['name']) ? $oldanswer['name'] : qa_lang('main/anonymous'))),
-								'^p_context' => $params['text'],
+								'^p_context' => $params['text'], // don't censor for admin
 								'^url' => qa_q_path($params['parentid'], $params['parent']['title'], true, 'A', $params['postid']),
 								'^a_url' => qa_path_absolute('admin/moderate'),
 							)
@@ -196,7 +196,7 @@ function process_event($event, $userid, $handle, $cookieid, $params)
 								'^p_handle' => isset($handle) ? $handle : (strlen($params['name']) ? $params['name'] :
 									(strlen(@$oldcomment['name']) ? $oldcomment['name'] : // could also be after answer converted to comment
 									(strlen(@$oldanswer['name']) ? $oldanswer['name'] : qa_lang('main/anonymous')))),
-								'^p_context' => $params['text'],
+								'^p_context' => $params['text'], // don't censor for admin
 								'^url' => qa_q_path($params['questionid'], $params['question']['title'], true, 'C', $params['postid']),
 								'^a_url' => qa_path_absolute('admin/moderate'),
 							)
@@ -216,7 +216,7 @@ function process_event($event, $userid, $handle, $cookieid, $params)
 							'^p_handle' => isset($oldpost['handle']) ? $oldpost['handle'] :
 								(strlen($oldpost['name']) ? $oldpost['name'] : qa_lang('main/anonymous')),
 							'^flags' => ($flagcount==1) ? qa_lang_html_sub('main/1_flag', '1', '1') : qa_lang_html_sub('main/x_flags', $flagcount),
-							'^p_context' => trim(@$oldpost['title']."\n\n".qa_viewer_text($oldpost['content'], $oldpost['format'])),
+							'^p_context' => trim(@$oldpost['title']."\n\n".qa_viewer_text($oldpost['content'], $oldpost['format'])), // don't censor for admin
 							'^url' => qa_q_path($params['questionid'], $params['question']['title'], true, $oldpost['basetype'], $oldpost['postid']),
 							'^a_url' => qa_path_absolute('admin/flagged'),
 						));
@@ -257,12 +257,15 @@ function process_event($event, $userid, $handle, $cookieid, $params)
 					break;
 
 				case 'u_wall_post':
-					if ($userid!=$params['userid'])
+					if ($userid!=$params['userid']) {
+						$blockwordspreg=qa_get_block_words_preg();
+
 						qa_send_notification($params['userid'], null, $params['handle'], qa_lang('emails/wall_post_subject'), qa_lang('emails/wall_post_body'), array(
 							'^f_handle' => isset($handle) ? $handle : qa_lang('main/anonymous'),
-							'^post' => $params['text'],
+							'^post' => qa_block_words_replace($params['text'], $blockwordspreg),
 							'^url' => qa_path_absolute('user/'.$params['handle'], null, 'wall'),
 						));
+					}
 					break;
 			}
 		}

qa-include/qa-lang-emails.php

@@ -84,7 +84,7 @@
 		'wall_post_subject' => 'Post on your ^site_title wall',
 		'wall_post_body' => "^f_handle has posted on your user wall at ^site_title:\n\n^open^post^close\n\nYou may respond to the post here:\n\n^url\n\nThank you,\n\n^site_title",
 
-		'welcome_body' => "Thank you for registering for ^site_title.\n\n^custom^confirmYour login details are as follows:\n\nEmail: ^email\nPassword: ^password\n\nPlease keep this information safe for future reference.\n\nThank you,\n\n^site_title\n^url",
+		'welcome_body' => "Thank you for registering for ^site_title.\n\n^custom^confirmYour login details are as follows:\n\nUsername: ^handle\nEmail: ^email\n\nPlease keep this information safe for future reference.\n\nThank you,\n\n^site_title\n^url",
 		'welcome_confirm' => "Please click below to confirm your email address.\n\n^url\n\n",
 		'welcome_subject' => 'Welcome to ^site_title!',
 	);

qa-include/qa-lang-misc.php

@@ -69,7 +69,7 @@
 		'my_favorites_title' => 'My favorites',
 		'nav_all_my_updates' => 'All my updates',
 		'nav_my_content' => 'My content',
-		'nav_my_details' => 'My details',
+		'nav_my_details' => 'My account',
 		'nav_my_favorites' => 'My favorites',
 		'nav_user_activity' => 'Recent activity',
 		'nav_user_as' => 'All answers',

qa-include/qa-lang-profile.php

@@ -37,7 +37,7 @@
 		'delete_wall_post_popup' => 'Delete this wall post',
 		'extra_privileges' => 'Extra privileges:',
 		'gave_out' => 'Gave out:',
-		'my_account_title' => 'My account details',
+		'my_account_title' => 'My account',
 		'no_answers_by_x' => 'No answers by ^',
 		'no_posts_by_x' => 'No posts by ^',
 		'no_questions_by_x' => 'No questions by ^',

qa-include/qa-lang-users.php

@@ -50,6 +50,7 @@
 		'confirm_wrong_log_in' => 'Code not correct - please ^1log in^2 to send a new link',
 		'confirm_wrong_resend' => 'Code not correct - please click below to send a new link',
 		'delete_user_button' => 'Delete User',
+		'edit_profile' => 'Edit my Profile',
 		'edit_user_button' => 'Edit User',
 		'email_confirmed' => 'Confirmed',
 		'email_exists' => 'Email already belongs to an account',

qa-include/qa-page-account.php

@@ -431,7 +431,7 @@
 		$qa_content['form_profile']['ok']=qa_lang_html('users/password_changed');
 
 
-	$qa_content['navigation']['sub']=qa_account_sub_navigation();
+	$qa_content['navigation']['sub']=qa_user_sub_navigation($useraccount['handle'], 'account', true);
 
 
 	return $qa_content;

qa-include/qa-page-admin-default.php

@@ -587,7 +587,7 @@
 
 			array_push($showoptions, 'max_rate_ip_flags', 'max_rate_user_flags', 'max_rate_ip_uploads', 'max_rate_user_uploads');
 
-			if (qa_opt('allow_private_messages'))
+			if (qa_opt('allow_private_messages') || qa_opt('allow_user_walls'))
 				array_push($showoptions, 'max_rate_ip_messages', 'max_rate_user_messages');
 
 			$formstyle='wide';