Line 39 | Line 39 |
---|
$delete = (isset($_POST['delete'])) ? true : false; $cancel = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false;
|
$delete = (isset($_POST['delete'])) ? true : false; $cancel = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false;
|
$refresh = (isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['cancel_unglobalise']) || $save || $load) ? true : false;
| $refresh = (isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['full_editor']) || isset($_POST['cancel_unglobalise']) || $save || $load) ? true : false;
|
$mode = ($delete && !$preview && !$refresh && $submit) ? 'delete' : request_var('mode', '');
$error = $post_data = array(); $current_time = time();
|
$mode = ($delete && !$preview && !$refresh && $submit) ? 'delete' : request_var('mode', '');
$error = $post_data = array(); $current_time = time();
|
| |
// Was cancel pressed? If so then redirect to the appropriate page if ($cancel || ($current_time - $lastclick < 2 && $submit)) {
|
// Was cancel pressed? If so then redirect to the appropriate page if ($cancel || ($current_time - $lastclick < 2 && $submit)) {
|
$redirect = ($post_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . $topic_id) : (($forum_id) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}index.$phpEx")));
| $f = ($forum_id) ? 'f=' . $forum_id . '&' : ''; $redirect = ($post_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 't=' . $topic_id) : (($forum_id) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}index.$phpEx")));
|
redirect($redirect); }
| redirect($redirect); }
|
Line 73 | Line 73 |
---|
{ trigger_error('NO_TOPIC'); }
|
{ trigger_error('NO_TOPIC'); }
|
| // Force forum id $sql = 'SELECT forum_id FROM ' . TOPICS_TABLE . ' WHERE topic_id = ' . $topic_id; $result = $db->sql_query($sql); $f_id = (int) $db->sql_fetchfield('forum_id'); $db->sql_freeresult($result);
$forum_id = (!$f_id) ? $forum_id : $f_id;
|
$sql = 'SELECT f.*, t.* FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f WHERE t.topic_id = $topic_id AND (f.forum_id = t.forum_id
|
$sql = 'SELECT f.*, t.* FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f WHERE t.topic_id = $topic_id AND (f.forum_id = t.forum_id
|
OR f.forum_id = $forum_id)";
| OR f.forum_id = $forum_id)" . (($auth->acl_get('m_approve', $forum_id)) ? '' : 'AND t.topic_approved = 1');
|
break;
case 'quote':
| break;
case 'quote':
|
Line 89 | Line 100 |
---|
$user->setup('posting'); trigger_error('NO_POST'); }
|
$user->setup('posting'); trigger_error('NO_POST'); }
|
| // Force forum id $sql = 'SELECT forum_id FROM ' . POSTS_TABLE . ' WHERE post_id = ' . $post_id; $result = $db->sql_query($sql); $f_id = (int) $db->sql_fetchfield('forum_id'); $db->sql_freeresult($result);
$forum_id = (!$f_id) ? $forum_id : $f_id;
|
$sql = 'SELECT f.*, t.*, p.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u
| $sql = 'SELECT f.*, t.*, p.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u
|
Line 96 | Line 117 |
---|
AND t.topic_id = p.topic_id AND u.user_id = p.poster_id AND (f.forum_id = t.forum_id
|
AND t.topic_id = p.topic_id AND u.user_id = p.poster_id AND (f.forum_id = t.forum_id
|
OR f.forum_id = $forum_id)";
| OR f.forum_id = $forum_id)" . (($auth->acl_get('m_approve', $forum_id)) ? '' : 'AND p.post_approved = 1');
|
break;
case 'smilies':
| break;
case 'smilies':
|
Line 140 | Line 162 |
---|
$user->setup('posting'); } trigger_error(($mode == 'post' || $mode == 'bump' || $mode == 'reply') ? 'NO_TOPIC' : 'NO_POST');
|
$user->setup('posting'); } trigger_error(($mode == 'post' || $mode == 'bump' || $mode == 'reply') ? 'NO_TOPIC' : 'NO_POST');
|
| }
// Not able to reply to unapproved posts/topics // TODO: add more descriptive language key if ($auth->acl_get('m_approve', $forum_id) && ((($mode == 'reply' || $mode == 'bump') && !$post_data['topic_approved']) || ($mode == 'quote' && !$post_data['post_approved']))) { trigger_error(($mode == 'reply' || $mode == 'bump') ? 'TOPIC_UNAPPROVED' : 'POST_UNAPPROVED');
|
}
if ($mode == 'popup')
| }
if ($mode == 'popup')
|
Line 149 | Line 178 |
---|
}
$user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']);
|
}
$user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']);
|
| if ($config['enable_post_confirm'] && !$user->data['is_registered']) { include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx); $captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']); $captcha->init(CONFIRM_POST); }
|
// Use post_row values in favor of submitted ones... $forum_id = (!empty($post_data['forum_id'])) ? (int) $post_data['forum_id'] : (int) $forum_id;
| // Use post_row values in favor of submitted ones... $forum_id = (!empty($post_data['forum_id'])) ? (int) $post_data['forum_id'] : (int) $forum_id;
|
Line 160 | Line 196 |
---|
{ login_forum_box(array( 'forum_id' => $forum_id,
|
{ login_forum_box(array( 'forum_id' => $forum_id,
|
| 'forum_name' => $post_data['forum_name'],
|
'forum_password' => $post_data['forum_password']) ); }
| 'forum_password' => $post_data['forum_password']) ); }
|
Line 285 | Line 322 |
---|
if ($bump_time = bump_topic_allowed($forum_id, $post_data['topic_bumped'], $post_data['topic_last_post_time'], $post_data['topic_poster'], $post_data['topic_last_poster_id']) && check_link_hash(request_var('hash', ''), "topic_{$post_data['topic_id']}")) {
|
if ($bump_time = bump_topic_allowed($forum_id, $post_data['topic_bumped'], $post_data['topic_last_post_time'], $post_data['topic_poster'], $post_data['topic_last_poster_id']) && check_link_hash(request_var('hash', ''), "topic_{$post_data['topic_id']}")) {
|
$db->sql_transaction('begin');
$sql = 'UPDATE ' . POSTS_TABLE . " SET post_time = $current_time WHERE post_id = {$post_data['topic_last_post_id']} AND topic_id = $topic_id"; $db->sql_query($sql);
$sql = 'UPDATE ' . TOPICS_TABLE . " SET topic_last_post_time = $current_time, topic_bumped = 1, topic_bumper = " . $user->data['user_id'] . " WHERE topic_id = $topic_id"; $db->sql_query($sql);
update_post_information('forum', $forum_id);
$sql = 'UPDATE ' . USERS_TABLE . " SET user_lastpost_time = $current_time WHERE user_id = " . $user->data['user_id']; $db->sql_query($sql);
$db->sql_transaction('commit');
markread('post', $forum_id, $topic_id, $current_time);
add_log('mod', $forum_id, $topic_id, 'LOG_BUMP_TOPIC', $post_data['topic_title']);
$meta_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id&p={$post_data['topic_last_post_id']}") . "#p{$post_data['topic_last_post_id']}";
| $meta_url = phpbb_bump_topic($forum_id, $topic_id, $post_data, $current_time);
|
meta_refresh(3, $meta_url);
$message = $user->lang['TOPIC_BUMPED'] . '<br /><br />' . sprintf($user->lang['VIEW_MESSAGE'], '<a href="' . $meta_url . '">', '</a>');
| meta_refresh(3, $meta_url);
$message = $user->lang['TOPIC_BUMPED'] . '<br /><br />' . sprintf($user->lang['VIEW_MESSAGE'], '<a href="' . $meta_url . '">', '</a>');
|
Line 342 | Line 351 |
---|
}
$post_data['post_edit_locked'] = (isset($post_data['post_edit_locked'])) ? (int) $post_data['post_edit_locked'] : 0;
|
}
$post_data['post_edit_locked'] = (isset($post_data['post_edit_locked'])) ? (int) $post_data['post_edit_locked'] : 0;
|
| $post_data['post_subject_md5'] = (isset($post_data['post_subject']) && $mode == 'edit') ? md5($post_data['post_subject']) : '';
|
$post_data['post_subject'] = (in_array($mode, array('quote', 'edit'))) ? $post_data['post_subject'] : ((isset($post_data['topic_title'])) ? $post_data['topic_title'] : ''); $post_data['topic_time_limit'] = (isset($post_data['topic_time_limit'])) ? (($post_data['topic_time_limit']) ? (int) $post_data['topic_time_limit'] / 86400 : (int) $post_data['topic_time_limit']) : 0; $post_data['poll_length'] = (!empty($post_data['poll_length'])) ? (int) $post_data['poll_length'] / 86400 : 0;
| $post_data['post_subject'] = (in_array($mode, array('quote', 'edit'))) ? $post_data['post_subject'] : ((isset($post_data['topic_title'])) ? $post_data['topic_title'] : ''); $post_data['topic_time_limit'] = (isset($post_data['topic_time_limit'])) ? (($post_data['topic_time_limit']) ? (int) $post_data['topic_time_limit'] / 86400 : (int) $post_data['topic_time_limit']) : 0; $post_data['poll_length'] = (!empty($post_data['poll_length'])) ? (int) $post_data['poll_length'] / 86400 : 0;
|
Line 363 | Line 373 |
---|
$post_data['poll_options'][] = trim($row['poll_option_text']); } $db->sql_freeresult($result);
|
$post_data['poll_options'][] = trim($row['poll_option_text']); } $db->sql_freeresult($result);
|
| }
if ($mode == 'edit') { $original_poll_data = array( 'poll_title' => $post_data['poll_title'], 'poll_length' => $post_data['poll_length'], 'poll_max_options' => $post_data['poll_max_options'], 'poll_option_text' => implode("\n", $post_data['poll_options']), 'poll_start' => $post_data['poll_start'], 'poll_last_vote' => $post_data['poll_last_vote'], 'poll_vote_change' => $post_data['poll_vote_change'], );
|
}
$orig_poll_options_size = sizeof($post_data['poll_options']);
| }
$orig_poll_options_size = sizeof($post_data['poll_options']);
|
Line 466 | Line 489 |
---|
// HTML, BBCode, Smilies, Images and Flash status $bbcode_status = ($config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id)) ? true : false;
|
// HTML, BBCode, Smilies, Images and Flash status $bbcode_status = ($config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id)) ? true : false;
|
$smilies_status = ($bbcode_status && $config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id)) ? true : false;
| $smilies_status = ($config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id)) ? true : false;
|
$img_status = ($bbcode_status && $auth->acl_get('f_img', $forum_id)) ? true : false; $url_status = ($config['allow_post_links']) ? true : false; $flash_status = ($bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash']) ? true : false;
|
$img_status = ($bbcode_status && $auth->acl_get('f_img', $forum_id)) ? true : false; $url_status = ($config['allow_post_links']) ? true : false; $flash_status = ($bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash']) ? true : false;
|
$quote_status = ($auth->acl_get('f_reply', $forum_id)) ? true : false;
| $quote_status = true;
|
// Save Draft if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote'))
| // Save Draft if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote'))
|
Line 515 | Line 538 |
---|
'attachment_data' => $message_parser->attachment_data, ) );
|
'attachment_data' => $message_parser->attachment_data, ) );
|
| $hidden_fields = array( 'icon_id' => 0,
'disable_bbcode' => false, 'disable_smilies' => false, 'disable_magic_url' => false, 'attach_sig' => true, 'lock_topic' => false,
'topic_type' => POST_NORMAL, 'topic_time_limit' => 0,
'poll_title' => '', 'poll_option_text' => '', 'poll_max_options' => 1, 'poll_length' => 0, 'poll_vote_change' => false, );
foreach ($hidden_fields as $name => $default) { if (!isset($_POST[$name])) { // Don't include it, if its not available unset($hidden_fields[$name]); continue; }
if (is_bool($default)) { // Use the string representation $hidden_fields[$name] = request_var($name, ''); } else { $hidden_fields[$name] = request_var($name, $default); } }
$s_hidden_fields .= build_hidden_fields($hidden_fields);
|
confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields); }
| confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields); }
|
Line 564 | Line 628 |
---|
load_drafts($topic_id, $forum_id); }
|
load_drafts($topic_id, $forum_id); }
|
$solved_captcha = false;
| |
if ($submit || $preview || $refresh) {
| if ($submit || $preview || $refresh) {
|
Line 578 | Line 641 |
---|
$post_data['orig_topic_type'] = $post_data['topic_type']; $post_data['topic_type'] = request_var('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL)); $post_data['topic_time_limit'] = request_var('topic_time_limit', (($mode != 'post') ? (int) $post_data['topic_time_limit'] : 0));
|
$post_data['orig_topic_type'] = $post_data['topic_type']; $post_data['topic_type'] = request_var('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL)); $post_data['topic_time_limit'] = request_var('topic_time_limit', (($mode != 'post') ? (int) $post_data['topic_time_limit'] : 0));
|
$post_data['icon_id'] = request_var('icon', 0);
| if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id)) { $post_data['icon_id'] = request_var('icon', (int) $post_data['icon_id']); }
|
$post_data['enable_bbcode'] = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true; $post_data['enable_smilies'] = (!$smilies_status || isset($_POST['disable_smilies'])) ? false : true;
| $post_data['enable_bbcode'] = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true; $post_data['enable_smilies'] = (!$smilies_status || isset($_POST['disable_smilies'])) ? false : true;
|
Line 646 | Line 713 |
---|
$post_data['poll_length'] = request_var('poll_length', 0); $post_data['poll_option_text'] = utf8_normalize_nfc(request_var('poll_option_text', '', true)); $post_data['poll_max_options'] = request_var('poll_max_options', 1);
|
$post_data['poll_length'] = request_var('poll_length', 0); $post_data['poll_option_text'] = utf8_normalize_nfc(request_var('poll_option_text', '', true)); $post_data['poll_max_options'] = request_var('poll_max_options', 1);
|
$post_data['poll_vote_change'] = ($auth->acl_get('f_votechg', $forum_id) && isset($_POST['poll_vote_change'])) ? 1 : 0;
| $post_data['poll_vote_change'] = ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id) && isset($_POST['poll_vote_change'])) ? 1 : 0;
|
}
// If replying/quoting and last post id has changed
| }
// If replying/quoting and last post id has changed
|
Line 672 | Line 739 |
---|
// Grab md5 'checksum' of new message $message_md5 = md5($message_parser->message);
|
// Grab md5 'checksum' of new message $message_md5 = md5($message_parser->message);
|
| // If editing and checksum has changed we know the post was edited while we're editing // Notify and show user the changed post if ($mode == 'edit' && $post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW) { $edit_post_message_checksum = request_var('edit_post_message_checksum', ''); $edit_post_subject_checksum = request_var('edit_post_subject_checksum', '');
// $post_data['post_checksum'] is the checksum of the post submitted in the meantime // $message_md5 is the checksum of the post we're about to submit // $edit_post_message_checksum is the checksum of the post we're editing // ...
// We make sure nobody else made exactly the same change // we're about to submit by also checking $message_md5 != $post_data['post_checksum'] if (($edit_post_message_checksum !== '' && $edit_post_message_checksum != $post_data['post_checksum'] && $message_md5 != $post_data['post_checksum']) || ($edit_post_subject_checksum !== '' && $edit_post_subject_checksum != $post_data['post_subject_md5'] && md5($post_data['post_subject']) != $post_data['post_subject_md5'])) { if (topic_review($topic_id, $forum_id, 'post_review_edit', $post_id)) { $template->assign_vars(array( 'S_POST_REVIEW' => true,
'L_POST_REVIEW' => $user->lang['POST_REVIEW_EDIT'], 'L_POST_REVIEW_EXPLAIN' => $user->lang['POST_REVIEW_EDIT_EXPLAIN'], )); }
$submit = false; $refresh = true; } }
|
// Check checksum ... don't re-parse message if the same $update_message = ($mode != 'edit' || $message_md5 != $post_data['post_checksum'] || $status_switch || strlen($post_data['bbcode_uid']) < BBCODE_UID_LEN) ? true : false;
|
// Check checksum ... don't re-parse message if the same $update_message = ($mode != 'edit' || $message_md5 != $post_data['post_checksum'] || $status_switch || strlen($post_data['bbcode_uid']) < BBCODE_UID_LEN) ? true : false;
|
| // Also check if subject got updated... $update_subject = $mode != 'edit' || ($post_data['post_subject_md5'] && $post_data['post_subject_md5'] != md5($post_data['post_subject']));
|
// Parse message if ($update_message)
| // Parse message if ($update_message)
|
Line 731 | Line 833 |
---|
if (($post_data['username'] && !$user->data['is_registered']) || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS && $post_data['username'] && $post_data['post_username'] && $post_data['post_username'] != $post_data['username'])) { include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
|
if (($post_data['username'] && !$user->data['is_registered']) || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS && $post_data['username'] && $post_data['post_username'] && $post_data['post_username'] != $post_data['username'])) { include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
|
| $user->add_lang('ucp');
|
if (($result = validate_username($post_data['username'], (!empty($post_data['post_username'])) ? $post_data['post_username'] : '')) !== false) {
|
if (($result = validate_username($post_data['username'], (!empty($post_data['post_username'])) ? $post_data['post_username'] : '')) !== false) {
|
$user->add_lang('ucp');
| |
$error[] = $user->lang[$result . '_USERNAME'];
|
$error[] = $user->lang[$result . '_USERNAME'];
|
| }
if (($result = validate_string($post_data['username'], false, $config['min_name_chars'], $config['max_name_chars'])) !== false) { $min_max_amount = ($result == 'TOO_SHORT') ? $config['min_name_chars'] : $config['max_name_chars']; $error[] = sprintf($user->lang['FIELD_' . $result], $user->lang['USERNAME'], $min_max_amount);
|
} }
if ($config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply'))) {
|
} }
if ($config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply'))) {
|
$confirm_id = request_var('confirm_id', ''); $confirm_code = request_var('confirm_code', '');
$sql = 'SELECT code FROM ' . CONFIRM_TABLE . " WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "' AND session_id = '" . $db->sql_escape($user->session_id) . "' AND confirm_type = " . CONFIRM_POST; $result = $db->sql_query($sql); $confirm_row = $db->sql_fetchrow($result); $db->sql_freeresult($result);
if (empty($confirm_row['code']) || strcasecmp($confirm_row['code'], $confirm_code) !== 0) { $error[] = $user->lang['CONFIRM_CODE_WRONG']; } else
| $captcha_data = array( 'message' => utf8_normalize_nfc(request_var('message', '', true)), 'subject' => utf8_normalize_nfc(request_var('subject', '', true)), 'username' => utf8_normalize_nfc(request_var('username', '', true)), ); $vc_response = $captcha->validate($captcha_data); if ($vc_response)
|
{
|
{
|
$solved_captcha = true;
| $error[] = $vc_response;
|
} }
| } }
|
Line 797 | Line 896 |
---|
$message_parser->parse_poll($poll);
|
$message_parser->parse_poll($poll);
|
$post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : '';
| $post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : array();
|
$post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : '';
/* We reset votes, therefore also allow removing options
| $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : '';
/* We reset votes, therefore also allow removing options
|
Line 805 | Line 904 |
---|
{ $message_parser->warn_msg[] = $user->lang['NO_DELETE_POLL_OPTIONS']; }*/
|
{ $message_parser->warn_msg[] = $user->lang['NO_DELETE_POLL_OPTIONS']; }*/
|
| } else if ($mode == 'edit' && $post_id == $post_data['topic_first_post_id'] && $auth->acl_get('f_poll', $forum_id)) { // The user removed all poll options, this is equal to deleting the poll. $poll = array( 'poll_title' => '', 'poll_length' => 0, 'poll_max_options' => 0, 'poll_option_text' => '', 'poll_start' => 0, 'poll_last_vote' => 0, 'poll_vote_change' => 0, 'poll_options' => array(), );
$post_data['poll_options'] = array(); $post_data['poll_title'] = ''; $post_data['poll_start'] = $post_data['poll_length'] = $post_data['poll_max_options'] = $post_data['poll_last_vote'] = $post_data['poll_vote_change'] = 0; } else if (!$auth->acl_get('f_poll', $forum_id) && ($mode == 'edit') && ($post_id == $post_data['topic_first_post_id']) && ($original_poll_data['poll_title'] != '')) { // We have a poll but the editing user is not permitted to create/edit it. // So we just keep the original poll-data. $poll = array_merge($original_poll_data, array( 'enable_bbcode' => $post_data['enable_bbcode'], 'enable_urls' => $post_data['enable_urls'], 'enable_smilies' => $post_data['enable_smilies'], 'img_status' => $img_status, ));
$message_parser->parse_poll($poll);
$post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : array(); $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : '';
|
} else {
| } else {
|
Line 886 | Line 1019 |
---|
$forum_type = (int) $db->sql_fetchfield('forum_type'); $db->sql_freeresult($result);
|
$forum_type = (int) $db->sql_fetchfield('forum_type'); $db->sql_freeresult($result);
|
if ($forum_type != FORUM_POST || !$auth->acl_get('f_post', $to_forum_id))
| if ($forum_type != FORUM_POST || !$auth->acl_get('f_post', $to_forum_id) || !$auth->acl_get('f_noapprove', $to_forum_id))
|
{ $to_forum_id = 0; }
| { $to_forum_id = 0; }
|
Line 998 | Line 1131 |
---|
$data['topic_replies'] = $post_data['topic_replies']; }
|
$data['topic_replies'] = $post_data['topic_replies']; }
|
$redirect_url = submit_post($mode, $post_data['post_subject'], $post_data['username'], $post_data['topic_type'], $poll, $data, $update_message);
| // Only return the username when it is either a guest posting or we are editing a post and // the username was supplied; otherwise post_data might hold the data of the post that is // being quoted (which could result in the username being returned being that of the quoted // post's poster, not the poster of the current post). See: PHPBB3-11769 for more information. $post_author_name = ((!$user->data['is_registered'] || $mode == 'edit') && $post_data['username'] !== '') ? $post_data['username'] : '';
|
|
|
// Check the permissions for post approval, as well as the queue trigger where users are put on approval with a post count lower than specified. Moderators are not affected. if ((($config['enable_queue_trigger'] && $user->data['user_posts'] < $config['queue_trigger_posts']) || !$auth->acl_get('f_noapprove', $data['forum_id'])) && !$auth->acl_get('m_approve', $data['forum_id']))
| // The last parameter tells submit_post if search indexer has to be run $redirect_url = submit_post($mode, $post_data['post_subject'], $post_author_name, $post_data['topic_type'], $poll, $data, $update_message, ($update_message || $update_subject) ? true : false);
if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === true) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote')) { $captcha->reset(); }
// Check the permissions for post approval. // Moderators must go through post approval like ordinary users. if ((!$auth->acl_get('f_noapprove', $data['forum_id']) && empty($data['force_approved_state'])) || (isset($data['force_approved_state']) && !$data['force_approved_state']))
|
{ meta_refresh(10, $redirect_url); $message = ($mode == 'edit') ? $user->lang['POST_EDITED_MOD'] : $user->lang['POST_STORED_MOD'];
| { meta_refresh(10, $redirect_url); $message = ($mode == 'edit') ? $user->lang['POST_EDITED_MOD'] : $user->lang['POST_STORED_MOD'];
|
Line 1040 | Line 1186 |
---|
$parse_sig->bbcode_bitfield = $preview_signature_bitfield;
// Not sure about parameters for bbcode/smilies/urls... in signatures
|
$parse_sig->bbcode_bitfield = $preview_signature_bitfield;
// Not sure about parameters for bbcode/smilies/urls... in signatures
|
$parse_sig->format_display($config['allow_sig_bbcode'], true, $config['allow_sig_smilies']);
| $parse_sig->format_display($config['allow_sig_bbcode'], $config['allow_sig_links'], $config['allow_sig_smilies']);
|
$preview_signature = $parse_sig->message; unset($parse_sig); }
| $preview_signature = $parse_sig->message; unset($parse_sig); }
|
Line 1076 | Line 1222 |
---|
'L_MAX_VOTES' => ($post_data['poll_max_options'] == 1) ? $user->lang['MAX_OPTION_SELECT'] : sprintf($user->lang['MAX_OPTIONS_SELECT'], $post_data['poll_max_options'])) );
|
'L_MAX_VOTES' => ($post_data['poll_max_options'] == 1) ? $user->lang['MAX_OPTION_SELECT'] : sprintf($user->lang['MAX_OPTIONS_SELECT'], $post_data['poll_max_options'])) );
|
$parse_poll->message = implode("\n", $post_data['poll_options']);
| $preview_poll_options = array(); foreach ($post_data['poll_options'] as $poll_option) { $parse_poll->message = $poll_option;
|
$parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']);
|
$parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']);
|
$preview_poll_options = explode('<br />', $parse_poll->message);
| $preview_poll_options[] = $parse_poll->message; }
|
unset($parse_poll);
foreach ($preview_poll_options as $key => $option)
| unset($parse_poll);
foreach ($preview_poll_options as $key => $option)
|
Line 1127 | Line 1277 |
---|
$message_parser->decode_message($post_data['bbcode_uid']);
if ($mode == 'quote' && !$submit && !$preview && !$refresh)
|
$message_parser->decode_message($post_data['bbcode_uid']);
if ($mode == 'quote' && !$submit && !$preview && !$refresh)
|
| { if ($config['allow_bbcode'])
|
{ $message_parser->message = '[quote="' . $post_data['quote_username'] . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n";
|
{ $message_parser->message = '[quote="' . $post_data['quote_username'] . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n";
|
| } else { $offset = 0; $quote_string = "> "; $message = censor_text(trim($message_parser->message)); // see if we are nesting. It's easily tricked but should work for one level of nesting if (strpos($message, ">") !== false) { $offset = 10; } $message = utf8_wordwrap($message, 75 + $offset, "\n");
$message = $quote_string . $message; $message = str_replace("\n", "\n" . $quote_string, $message); $message_parser->message = $post_data['quote_username'] . " " . $user->lang['WROTE'] . ":\n" . $message . "\n"; }
|
}
if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh)
| }
if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh)
|
Line 1140 | Line 1309 |
---|
$filename_data = $message_parser->filename_data; $post_data['post_text'] = $message_parser->message;
|
$filename_data = $message_parser->filename_data; $post_data['post_text'] = $message_parser->message;
|
if (sizeof($post_data['poll_options']) && $post_data['poll_title'])
| if (sizeof($post_data['poll_options']) || !empty($post_data['poll_title']))
|
{ $message_parser->message = $post_data['poll_title']; $message_parser->bbcode_uid = $post_data['bbcode_uid'];
| { $message_parser->message = $post_data['poll_title']; $message_parser->bbcode_uid = $post_data['bbcode_uid'];
|
Line 1157 | Line 1326 |
---|
// Forum moderators? $moderators = array();
|
// Forum moderators? $moderators = array();
|
| if ($config['load_moderators']) {
|
get_moderators($moderators, $forum_id);
|
get_moderators($moderators, $forum_id);
|
| }
|
// Generate smiley listing generate_smilies('inline', $forum_id);
| // Generate smiley listing generate_smilies('inline', $forum_id);
|
Line 1190 | Line 1362 |
---|
$notify_set = ($mode != 'edit' && $config['allow_topic_notify'] && $user->data['is_registered'] && !$post_data['notify_set']) ? $user->data['user_notify'] : $post_data['notify_set']; $notify_checked = (isset($notify)) ? $notify : (($mode == 'post') ? $user->data['user_notify'] : $notify_set);
|
$notify_set = ($mode != 'edit' && $config['allow_topic_notify'] && $user->data['is_registered'] && !$post_data['notify_set']) ? $user->data['user_notify'] : $post_data['notify_set']; $notify_checked = (isset($notify)) ? $notify : (($mode == 'post') ? $user->data['user_notify'] : $notify_set);
|
// Page title & action URL, include session_id for security purpose $s_action = append_sid("{$phpbb_root_path}posting.$phpEx", "mode=$mode&f=$forum_id", true, $user->session_id);
| // Page title & action URL $s_action = append_sid("{$phpbb_root_path}posting.$phpEx", "mode=$mode&f=$forum_id");
|
$s_action .= ($topic_id) ? "&t=$topic_id" : ''; $s_action .= ($post_id) ? "&p=$post_id" : '';
| $s_action .= ($topic_id) ? "&t=$topic_id" : ''; $s_action .= ($post_id) ? "&p=$post_id" : '';
|
Line 1218 | Line 1390 |
---|
// Build Forum Rules generate_forum_rules($post_data);
|
// Build Forum Rules generate_forum_rules($post_data);
|
if ($config['enable_post_confirm'] && !$user->data['is_registered'] && $solved_captcha === false && ($mode == 'post' || $mode == 'reply' || $mode == 'quote'))
| // Posting uses is_solved for legacy reasons. Plugins have to use is_solved to force themselves to be displayed. if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === false) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote'))
|
{
|
{
|
// Show confirm image $sql = 'DELETE FROM ' . CONFIRM_TABLE . " WHERE session_id = '" . $db->sql_escape($user->session_id) . "' AND confirm_type = " . CONFIRM_POST; $db->sql_query($sql);
// Generate code $code = gen_rand_string(mt_rand(5, 8)); $confirm_id = md5(unique_id($user->ip)); $seed = hexdec(substr(unique_id(), 4, 10));
// compute $seed % 0x7fffffff $seed -= 0x7fffffff * floor($seed / 0x7fffffff);
$sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array( 'confirm_id' => (string) $confirm_id, 'session_id' => (string) $user->session_id, 'confirm_type' => (int) CONFIRM_POST, 'code' => (string) $code, 'seed' => (int) $seed) ); $db->sql_query($sql);
| |
$template->assign_vars(array( 'S_CONFIRM_CODE' => true,
|
$template->assign_vars(array( 'S_CONFIRM_CODE' => true,
|
'CONFIRM_ID' => $confirm_id, 'CONFIRM_IMAGE' => '<img src="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=confirm&id=' . $confirm_id . '&type=' . CONFIRM_POST) . '" alt="" title="" />', 'L_POST_CONFIRM_EXPLAIN' => sprintf($user->lang['POST_CONFIRM_EXPLAIN'], '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>'),
| 'CAPTCHA_TEMPLATE' => $captcha->get_template(),
|
)); }
| )); }
|
Line 1255 | Line 1404 |
---|
$s_hidden_fields .= '<input type="hidden" name="lastclick" value="' . $current_time . '" />'; $s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . request_var('draft_loaded', $draft_id) . '" />' : '';
|
$s_hidden_fields .= '<input type="hidden" name="lastclick" value="' . $current_time . '" />'; $s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . request_var('draft_loaded', $draft_id) . '" />' : '';
|
// Add the confirm id/code pair to the hidden fields, else an error is displayed on next submit/preview if ($solved_captcha !== false)
| if ($mode == 'edit')
|
{ $s_hidden_fields .= build_hidden_fields(array(
|
{ $s_hidden_fields .= build_hidden_fields(array(
|
'confirm_id' => request_var('confirm_id', ''), 'confirm_code' => request_var('confirm_code', '')) );
| 'edit_post_message_checksum' => $post_data['post_checksum'], 'edit_post_subject_checksum' => $post_data['post_subject_md5'], )); }
// Add the confirm id/code pair to the hidden fields, else an error is displayed on next submit/preview if (isset($captcha) && $captcha->is_solved() !== false) { $s_hidden_fields .= build_hidden_fields($captcha->get_hidden_fields());
|
}
$form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !$config['allow_attachments'] || !$auth->acl_get('u_attach') || !$auth->acl_get('f_attach', $forum_id)) ? '' : ' enctype="multipart/form-data"';
| }
$form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !$config['allow_attachments'] || !$auth->acl_get('u_attach') || !$auth->acl_get('f_attach', $forum_id)) ? '' : ' enctype="multipart/form-data"';
|
Line 1286 | Line 1440 |
---|
'FLASH_STATUS' => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'], 'SMILIES_STATUS' => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], 'URL_STATUS' => ($bbcode_status && $url_status) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
|
'FLASH_STATUS' => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'], 'SMILIES_STATUS' => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], 'URL_STATUS' => ($bbcode_status && $url_status) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
|
| 'MAX_FONT_SIZE' => (int) $config['max_post_font_size'],
|
'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['POST']), 'POST_DATE' => ($post_data['post_time']) ? $user->format_date($post_data['post_time']) : '', 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
| 'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['POST']), 'POST_DATE' => ($post_data['post_time']) ? $user->format_date($post_data['post_time']) : '', 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
|
Line 1302 | Line 1457 |
---|
'S_EDIT_REASON' => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false, 'S_DISPLAY_USERNAME' => (!$user->data['is_registered'] || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS)) ? true : false, 'S_SHOW_TOPIC_ICONS' => $s_topic_icons,
|
'S_EDIT_REASON' => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false, 'S_DISPLAY_USERNAME' => (!$user->data['is_registered'] || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS)) ? true : false, 'S_SHOW_TOPIC_ICONS' => $s_topic_icons,
|
'S_DELETE_ALLOWED' => ($mode == 'edit' && (($post_id == $post_data['topic_last_post_id'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id) && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - ($config['edit_time'] * 60) || !$config['edit_time'])) || $auth->acl_get('m_delete', $forum_id))) ? true : false, 'S_BBCODE_ALLOWED' => $bbcode_status,
| 'S_DELETE_ALLOWED' => ($mode == 'edit' && (($post_id == $post_data['topic_last_post_id'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id) && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time'])) || $auth->acl_get('m_delete', $forum_id))) ? true : false, 'S_BBCODE_ALLOWED' => ($bbcode_status) ? 1 : 0,
|
'S_BBCODE_CHECKED' => ($bbcode_checked) ? ' checked="checked"' : '', 'S_SMILIES_ALLOWED' => $smilies_status, 'S_SMILIES_CHECKED' => ($smilies_checked) ? ' checked="checked"' : '',
| 'S_BBCODE_CHECKED' => ($bbcode_checked) ? ' checked="checked"' : '', 'S_SMILIES_ALLOWED' => $smilies_status, 'S_SMILIES_CHECKED' => ($smilies_checked) ? ' checked="checked"' : '',
|
Line 1340 | Line 1495 |
---|
{ $template->assign_vars(array( 'S_SHOW_POLL_BOX' => true,
|
{ $template->assign_vars(array( 'S_SHOW_POLL_BOX' => true,
|
'S_POLL_VOTE_CHANGE' => ($auth->acl_get('f_votechg', $forum_id)),
| 'S_POLL_VOTE_CHANGE' => ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id)),
|
'S_POLL_DELETE' => ($mode == 'edit' && sizeof($post_data['poll_options']) && ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))), 'S_POLL_DELETE_CHECKED' => (!empty($poll_delete)) ? true : false,
| 'S_POLL_DELETE' => ($mode == 'edit' && sizeof($post_data['poll_options']) && ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))), 'S_POLL_DELETE_CHECKED' => (!empty($poll_delete)) ? true : false,
|
Line 1361 | Line 1516 |
---|
posting_gen_attachment_entry($attachment_data, $filename_data, $allowed);
// Output page ...
|
posting_gen_attachment_entry($attachment_data, $filename_data, $allowed);
// Output page ...
|
page_header($page_title);
| page_header($page_title, false);
|
$template->set_filenames(array( 'body' => 'posting_body.html')
| $template->set_filenames(array( 'body' => 'posting_body.html')
|
Line 1389 | Line 1544 |
---|
($forum_style) ? $user->setup('posting', $forum_style) : $user->setup('posting');
|
($forum_style) ? $user->setup('posting', $forum_style) : $user->setup('posting');
|
page_header($user->lang['PROGRESS_BAR']);
| page_header($user->lang['PROGRESS_BAR'], false);
|
$template->set_filenames(array( 'popup' => 'posting_progress_bar.html')
| $template->set_filenames(array( 'popup' => 'posting_progress_bar.html')
|
Line 1414 | Line 1569 |
---|
global $phpbb_root_path, $phpEx;
// If moderator removing post or user itself removing post, present a confirmation screen
|
global $phpbb_root_path, $phpEx;
// If moderator removing post or user itself removing post, present a confirmation screen
|
if ($auth->acl_get('m_delete', $forum_id) || ($post_data['poster_id'] == $user->data['user_id'] && $user->data['is_registered'] && $auth->acl_get('f_delete', $forum_id) && $post_id == $post_data['topic_last_post_id'] && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - ($config['edit_time'] * 60) || !$config['edit_time'])))
| if ($auth->acl_get('m_delete', $forum_id) || ($post_data['poster_id'] == $user->data['user_id'] && $user->data['is_registered'] && $auth->acl_get('f_delete', $forum_id) && $post_id == $post_data['topic_last_post_id'] && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time'])))
|
{ $s_hidden_fields = build_hidden_fields(array( 'p' => $post_id,
| { $s_hidden_fields = build_hidden_fields(array( 'p' => $post_id,
|
Line 1438 | Line 1593 |
---|
);
$next_post_id = delete_post($forum_id, $topic_id, $post_id, $data);
|
);
$next_post_id = delete_post($forum_id, $topic_id, $post_id, $data);
|
| $post_username = ($post_data['poster_id'] == ANONYMOUS && !empty($post_data['post_username'])) ? $post_data['post_username'] : $post_data['username'];
|
if ($next_post_id === false) {
|
if ($next_post_id === false) {
|
add_log('mod', $forum_id, $topic_id, 'LOG_DELETE_TOPIC', $post_data['topic_title']);
| add_log('mod', $forum_id, $topic_id, 'LOG_DELETE_TOPIC', $post_data['topic_title'], $post_username);
|
$meta_info = append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id"); $message = $user->lang['POST_DELETED']; } else {
|
$meta_info = append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id"); $message = $user->lang['POST_DELETED']; } else {
|
add_log('mod', $forum_id, $topic_id, 'LOG_DELETE_POST', $post_data['post_subject']);
| add_log('mod', $forum_id, $topic_id, 'LOG_DELETE_POST', $post_data['post_subject'], $post_username);
|
$meta_info = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id&p=$next_post_id") . "#p$next_post_id"; $message = $user->lang['POST_DELETED'] . '<br /><br />' . sprintf($user->lang['RETURN_TOPIC'], '<a href="' . $meta_info . '">', '</a>');
| $meta_info = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id&p=$next_post_id") . "#p$next_post_id"; $message = $user->lang['POST_DELETED'] . '<br /><br />' . sprintf($user->lang['RETURN_TOPIC'], '<a href="' . $meta_info . '">', '</a>');
|