- Code: Select all
/**
* Submit Post
* @todo Split up and create lightweight, simple API for this.
*/
Let's face it. submit_post is not only a monster function. It's a pain to use. Same holds true for submit_pm. It would be great to have a posting API that is sane.
Just to prove my point, take a look at this:
- Code: Select all
// Many thanks to paul999 for helping me with this!
include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
include_once($phpbb_root_path . 'includes/message_parser.' . $phpEx);
$sql = 'SELECT forum_name
FROM ' . FORUMS_TABLE . '
WHERE forum_id = ' . (int) $config['contact_bot_forum'];
$result = $db->sql_query($sql);
$forum_name = $db->sql_fetchfield('forum_name');
$db->sql_freeresult($result);
$post_data = array(
'topic_title' => $data['subject'],
'topic_first_post_id' => 0,
'topic_last_post_id' => 0,
'topic_time_limit' => 0,
'topic_attachment' => 0,
'post_id' => 0,
'topic_id' => 0,
'forum_id' => (int) $config['contact_bot_forum'],
'icon_id' => 0,
'poster_id' => 0,
'enable_sig' => true,
'enable_bbcode' => (bool) $allow_bbcode,
'enable_smilies' => (bool) $allow_smilies,
'enable_urls' => (bool) $allow_urls,
'enable_indexing' => false,
'message_md5' => (string) md5($text),
'post_time' => time(),
'post_checksum' => '',
'post_edit_reason' => '',
'post_edit_user' => 0,
'forum_name' => $forum_name,
'notify' => false,
'notify_set' => false,
'poster_ip' => $user->ip,
'post_edit_locked' => 0,
'bbcode_bitfield' => $bitfield,
'bbcode_uid' => $uid,
'message' => $text,
'attachment_data' => 0,
'filename_data' => 0,
'topic_approved' => 1,
'post_approved' => 1,
);
$poll = array();
// Submit the post!
submit_post('post', $data['subject'], $user->data['username'], POST_NORMAL, $poll, $post_data);
Required information
So let's see what's actually going in there.
- post/topic subject
- post text
- forum_id
- topic_id (if it's a reply)
- bbcode allow options
- index post?
- time of post
- ip of poster
- post locked?
- attachments
- poll
All the other stuff could be computed from within the function. And many of these can also have default values, submit_post relies on all of those to be present. And it gets even worse. submit_post relies heavily on $user (which represents the current user). For example:
- Code: Select all
$poster_id = ($mode == 'edit') ? $data['poster_id'] : (int) $user->data['user_id'];
- Code: Select all
'poster_id' => (int) $user->data['user_id'],
- Code: Select all
poster_ip' => $user->ip
- Code: Select all
'post_username' => (!$user->data['is_registered']) ? $username : '',
And the list goes on. What does this mean? It means that if I want to submit a post as an other user (a bot maybe), I have to replace $user! And up to 3.0.6 you even had to replace $auth and give that user posting permissions, otherwise it created a non-approved post. (I wrote a helper for that).
There were some efforts by DavidMJ to clean this up. You can take a look at that here.
Design
Here's what a new posting API should be like imo:
- Not depend on globals (dependency injection, pass things like $db into the constructor), this makes testing easier
- provide defaults for required info
- separate topic and reply into separate methods
- not depend on $user, except maybe for defaults
- simple to use API for setting required options
- (use exceptions?)
Backward compatibility
submit_post should be converted to a legacy wrapper around the new API.
