phpBB

Code Changes

File: posting.php

  Unmodified   Added   Modified   Removed
Line 33Line 33
$topic_id	= $request->variable('t', 0);
$forum_id = $request->variable('f', 0);
$draft_id = $request->variable('d', 0);

$topic_id	= $request->variable('t', 0);
$forum_id = $request->variable('f', 0);
$draft_id = $request->variable('d', 0);

$lastclick	= $request->variable('lastclick', 0);

 

$preview = (isset($_POST['preview'])) ? true : false;
$save = (isset($_POST['save'])) ? true : false;


$preview = (isset($_POST['preview'])) ? true : false;
$save = (isset($_POST['save'])) ? true : false;

Line 68Line 67
* @var	int		topic_id	ID of the topic
* @var int forum_id ID of the forum
* @var int draft_id ID of the draft

* @var	int		topic_id	ID of the topic
* @var int forum_id ID of the forum
* @var int draft_id ID of the draft

* @var	int		lastclick	Timestamp of when the form was last loaded

 
* @var	bool	submit		Whether or not the form has been submitted
* @var bool preview Whether or not the post is being previewed
* @var bool save Whether or not a draft is being saved

* @var	bool	submit		Whether or not the form has been submitted
* @var bool preview Whether or not the post is being previewed
* @var bool save Whether or not a draft is being saved

Line 85Line 83
*							language keys.
* @since 3.1.0-a1
* @changed 3.1.2-RC1 Removed 'delete' var as it does not exist

*							language keys.
* @since 3.1.0-a1
* @changed 3.1.2-RC1 Removed 'delete' var as it does not exist

 
* @changed 3.2.4-RC1		Remove unused 'lastclick' var

*/
$vars = array(
'post_id',
'topic_id',
'forum_id',
'draft_id',

*/
$vars = array(
'post_id',
'topic_id',
'forum_id',
'draft_id',

	'lastclick',

 
	'submit',
'preview',
'save',

	'submit',
'preview',
'save',

Line 223Line 221
	}
trigger_error(($mode == 'post' || $mode == 'bump' || $mode == 'reply') ? 'NO_TOPIC' : 'NO_POST');
}

	}
trigger_error(($mode == 'post' || $mode == 'bump' || $mode == 'reply') ? 'NO_TOPIC' : 'NO_POST');
}

 

/**
* This event allows you to bypass reply/quote test of an unapproved post.
*
* @event core.posting_modify_row_data
* @var array post_data All post data from database
* @var string mode What action to take if the form has been submitted
* post|reply|quote|edit|delete|bump|smilies|popup
* @var int topic_id ID of the topic
* @var int forum_id ID of the forum
* @since 3.2.8-RC1
*/
$vars = array(
'post_data',
'mode',
'topic_id',
'forum_id',
);
extract($phpbb_dispatcher->trigger_event('core.posting_modify_row_data', compact($vars)));


// Not able to reply to unapproved posts/topics
// TODO: add more descriptive language key


// Not able to reply to unapproved posts/topics
// TODO: add more descriptive language key

Line 238Line 255
}

$user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']);

}

$user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']);


if ($config['enable_post_confirm'] && !$user->data['is_registered'])
{
$captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']);
$captcha->init(CONFIRM_POST);
}

 

// Use post_row values in favor of submitted ones...
$forum_id = (!empty($post_data['forum_id'])) ? (int) $post_data['forum_id'] : (int) $forum_id;


// Use post_row values in favor of submitted ones...
$forum_id = (!empty($post_data['forum_id'])) ? (int) $post_data['forum_id'] : (int) $forum_id;

Line 354Line 365
* @var	int		topic_id	ID of the topic
* @var int forum_id ID of the forum
* @var int draft_id ID of the draft

* @var	int		topic_id	ID of the topic
* @var int forum_id ID of the forum
* @var int draft_id ID of the draft

* @var	int		lastclick	Timestamp of when the form was last loaded

 
* @var	bool	submit		Whether or not the form has been submitted
* @var bool preview Whether or not the post is being previewed
* @var bool save Whether or not a draft is being saved

* @var	bool	submit		Whether or not the form has been submitted
* @var bool preview Whether or not the post is being previewed
* @var bool save Whether or not a draft is being saved

Line 370Line 380
* @var	array	post_data	All post data from database
* @since 3.1.3-RC1
* @changed 3.1.10-RC1 Added post_data

* @var	array	post_data	All post data from database
* @since 3.1.3-RC1
* @changed 3.1.10-RC1 Added post_data

 
* @changed 3.2.4-RC1 		Remove unused 'lastclick' var

*/
$vars = array(
'post_id',
'topic_id',
'forum_id',
'draft_id',

*/
$vars = array(
'post_id',
'topic_id',
'forum_id',
'draft_id',

	'lastclick',

 
	'submit',
'preview',
'save',

	'submit',
'preview',
'save',

Line 409Line 419
	}

login_box('', $message);

	}

login_box('', $message);

 
}

if ($config['enable_post_confirm'] && !$user->data['is_registered'])
{
$captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']);
$captcha->init(CONFIRM_POST);

}

// Is the user able to post within this forum?

}

// Is the user able to post within this forum?

Line 599Line 615

// Set some default variables
$uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0);


// Set some default variables
$uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0);

 

/**
* This event allows you to modify the default variables for post_data, and unset them in post_data if needed
*
* @event core.posting_modify_default_variables
* @var array post_data Array with post data
* @var array uninit Array with default vars to put into post_data, if they aren't there
* @since 3.2.5-RC1
*/
$vars = array(
'post_data',
'uninit',
);
extract($phpbb_dispatcher->trigger_event('core.posting_modify_default_variables', compact($vars)));


foreach ($uninit as $var_name => $default_value)
{


foreach ($uninit as $var_name => $default_value)
{

Line 705Line 735
	$subject = $request->variable('subject', '', true);
$subject = (!$subject && $mode != 'post') ? $post_data['topic_title'] : $subject;
$message = $request->variable('message', '', true);

	$subject = $request->variable('subject', '', true);
$subject = (!$subject && $mode != 'post') ? $post_data['topic_title'] : $subject;
$message = $request->variable('message', '', true);

 

/**
* Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL to UCR/NCR.
* Using their Numeric Character Reference's Hexadecimal notation.
*/
$subject = utf8_encode_ucr($subject);


if ($subject && $message)
{


if ($subject && $message)
{

Line 722Line 758
				'draft_message'	=> (string) $message_parser->message)
);
$db->sql_query($sql);

				'draft_message'	=> (string) $message_parser->message)
);
$db->sql_query($sql);

 

/** @var \phpbb\attachment\manager $attachment_manager */
$attachment_manager = $phpbb_container->get('attachment.manager');
$attachment_manager->delete('attach', array_column($message_parser->attachment_data, 'attach_id'));


$meta_info = ($mode == 'post') ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id");



$meta_info = ($mode == 'post') ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id");


Line 835Line 875
	load_drafts($topic_id, $forum_id);
}


	load_drafts($topic_id, $forum_id);
}


 
/** @var \phpbb\textformatter\utils_interface $bbcode_utils */

$bbcode_utils = $phpbb_container->get('text_formatter.utils');

if ($submit || $preview || $refresh)

$bbcode_utils = $phpbb_container->get('text_formatter.utils');

if ($submit || $preview || $refresh)

Line 943Line 984
	}

// Parse Attachments - before checksum is calculated

	}

// Parse Attachments - before checksum is calculated

 
	if ($message_parser->check_attachment_form_token($language, $request, 'posting'))
{

	$message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh);

	$message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh);

 
	}


/**
* This event allows you to modify message text before parsing


/**
* This event allows you to modify message text before parsing

Line 1128Line 1172
		$error[] = $user->lang['FORM_INVALID'];
}


		$error[] = $user->lang['FORM_INVALID'];
}


	if ($submit && $mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED && !isset($_POST['soft_delete']) && $auth->acl_get('m_approve', $forum_id))

	if ($submit && $mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED && !$request->is_set_post('delete') && $auth->acl_get('m_approve', $forum_id))

	{

	{

		$is_first_post = ($post_id == $post_data['topic_first_post_id'] || !$post_data['topic_posts_approved']);
$is_last_post = ($post_id == $post_data['topic_last_post_id'] || !$post_data['topic_posts_approved']);

		$is_first_post = ($post_id <= $post_data['topic_first_post_id'] || !$post_data['topic_posts_approved']);
$is_last_post = ($post_id >= $post_data['topic_last_post_id'] || !$post_data['topic_posts_approved']);

		$updated_post_data = $phpbb_content_visibility->set_post_visibility(ITEM_APPROVED, $post_id, $post_data['topic_id'], $post_data['forum_id'], $user->data['user_id'], time(), '', $is_first_post, $is_last_post);

if (!empty($updated_post_data))

		$updated_post_data = $phpbb_content_visibility->set_post_visibility(ITEM_APPROVED, $post_id, $post_data['topic_id'], $post_data['forum_id'], $user->data['user_id'], time(), '', $is_first_post, $is_last_post);

if (!empty($updated_post_data))

Line 1147Line 1191
		$error[] = $user->lang['EMPTY_SUBJECT'];
}


		$error[] = $user->lang['EMPTY_SUBJECT'];
}


	// Check for out-of-bounds characters that are currently
// not supported by utf8_bin in MySQL














	/**
* Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL to UCR/NCR.
* Using their Numeric Character Reference's Hexadecimal notation.
* Check the permissions for posting Emojis first.
*/
if ($auth->acl_get('u_emoji'))
{
$post_data['post_subject'] = utf8_encode_ucr($post_data['post_subject']);
}
else
{
/**
* Check for out-of-bounds characters that are currently
* not supported by utf8_bin in MySQL
*/

	if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $post_data['post_subject'], $matches))
{

	if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $post_data['post_subject'], $matches))
{

		$character_list = implode('<br />', $matches[0]);


			$character_list = implode('<br>', $matches[0]);


		$error[] = $user->lang('UNSUPPORTED_CHARACTERS_SUBJECT', $character_list);

		$error[] = $user->lang('UNSUPPORTED_CHARACTERS_SUBJECT', $character_list);

 
		}

	}

$post_data['poll_last_vote'] = (isset($post_data['poll_last_vote'])) ? $post_data['poll_last_vote'] : 0;

	}

$post_data['poll_last_vote'] = (isset($post_data['poll_last_vote'])) ? $post_data['poll_last_vote'] : 0;

Line 1486Line 1545
			}

// Handle delete mode...

			}

// Handle delete mode...

			if ($request->is_set_post('delete') || $request->is_set_post('delete_permanent'))

			if ($request->is_set_post('delete_permanent') || ($request->is_set_post('delete') && $post_data['post_visibility'] != ITEM_DELETED))

			{
$delete_reason = $request->variable('delete_reason', '', true);
phpbb_handle_post_delete($forum_id, $topic_id, $post_id, $post_data, !$request->is_set_post('delete_permanent'), $delete_reason);

			{
$delete_reason = $request->variable('delete_reason', '', true);
phpbb_handle_post_delete($forum_id, $topic_id, $post_id, $post_data, !$request->is_set_post('delete_permanent'), $delete_reason);

Line 1630Line 1689
	// Remove attachment bbcode tags from the quoted message to avoid mixing with the new post attachments if any
$message_parser->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#uis', '\\2', $message_parser->message);


	// Remove attachment bbcode tags from the quoted message to avoid mixing with the new post attachments if any
$message_parser->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#uis', '\\2', $message_parser->message);


	if ($config['allow_bbcode'])
{
$message_parser->message = $bbcode_utils->generate_quote(
censor_text($message_parser->message),
array(

	$quote_attributes = array(





				'author'  => $post_data['quote_username'],
'post_id' => $post_data['post_id'],
'time' => $post_data['post_time'],
'user_id' => $post_data['poster_id'],

				'author'  => $post_data['quote_username'],
'post_id' => $post_data['post_id'],
'time' => $post_data['post_time'],
'user_id' => $post_data['poster_id'],

			)

 
		);

		);

		$message_parser->message .= "\n\n";
}
else
{
$offset = 0;
$quote_string = "&gt; ";
$message = censor_text(trim($message_parser->message));
// see if we are nesting. It's easily tricked but should work for one level of nesting
if (strpos($message, "&gt;") !== false)
{
$offset = 10;
}
$message = utf8_wordwrap($message, 75 + $offset, "\n");

 




		$message = $quote_string . $message;
$message = str_replace("\n", "\n" . $quote_string, $message);
$message_parser->message = $post_data['quote_username'] . " " . $user->lang['WROTE'] . ":\n" . $message . "\n";
}














	/**
* This event allows you to modify the quote attributes of the post being quoted
*
* @event core.posting_modify_quote_attributes
* @var array quote_attributes Array with quote attributes
* @var array post_data Array with post data
* @since 3.2.6-RC1
*/
$vars = array(
'quote_attributes',
'post_data',
);
extract($phpbb_dispatcher->trigger_event('core.posting_modify_quote_attributes', compact($vars)));

/** @var \phpbb\language\language $language */
$language = $phpbb_container->get('language');
phpbb_format_quote($language, $message_parser, $bbcode_utils, $bbcode_status, $quote_attributes);

}

if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh)
{
$post_data['post_subject'] = ((strpos($post_data['post_subject'], 'Re: ') !== 0) ? 'Re: ' : '') . censor_text($post_data['post_subject']);

}

if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh)
{
$post_data['post_subject'] = ((strpos($post_data['post_subject'], 'Re: ') !== 0) ? 'Re: ' : '') . censor_text($post_data['post_subject']);

 

$post_subject = $post_data['post_subject'];

/**
* This event allows you to modify the post subject of the post being quoted
*
* @event core.posting_modify_post_subject
* @var string post_subject String with the post subject already censored.
* @since 3.2.8-RC1
*/
$vars = array('post_subject');
extract($phpbb_dispatcher->trigger_event('core.posting_modify_post_subject', compact($vars)));

$post_data['post_subject'] = $post_subject;

}

$attachment_data = $message_parser->attachment_data;

}

$attachment_data = $message_parser->attachment_data;

Line 1762Line 1830
}

$s_hidden_fields = ($mode == 'reply' || $mode == 'quote') ? '<input type="hidden" name="topic_cur_post_id" value="' . $post_data['topic_last_post_id'] . '" />' : '';

}

$s_hidden_fields = ($mode == 'reply' || $mode == 'quote') ? '<input type="hidden" name="topic_cur_post_id" value="' . $post_data['topic_last_post_id'] . '" />' : '';

$s_hidden_fields .= '<input type="hidden" name="lastclick" value="' . $current_time . '" />';

 
$s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . $request->variable('draft_loaded', $draft_id) . '" />' : '';

if ($mode == 'edit')

$s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . $request->variable('draft_loaded', $draft_id) . '" />' : '';

if ($mode == 'edit')

Line 1836Line 1903
	'S_LOCK_POST_ALLOWED'		=> ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false,
'S_LOCK_POST_CHECKED' => ($lock_post_checked) ? ' checked="checked"' : '',
'S_SOFTDELETE_CHECKED' => ($mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED) ? ' checked="checked"' : '',

	'S_LOCK_POST_ALLOWED'		=> ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false,
'S_LOCK_POST_CHECKED' => ($lock_post_checked) ? ' checked="checked"' : '',
'S_SOFTDELETE_CHECKED' => ($mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED) ? ' checked="checked"' : '',

	'S_SOFTDELETE_ALLOWED'		=> ($mode == 'edit' && $phpbb_content_visibility->can_soft_delete($forum_id, $post_data['poster_id'], $lock_post_checked)) ? true : false,

	'S_SOFTDELETE_ALLOWED'		=> ($mode == 'edit' && $phpbb_content_visibility->can_soft_delete($forum_id, $post_data['poster_id'], $lock_post_checked) && $post_id == $post_data['topic_last_post_id'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time'])) ? true : false,

	'S_RESTORE_ALLOWED'			=> $auth->acl_get('m_approve', $forum_id),
'S_IS_DELETED' => ($mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED) ? true : false,
'S_LINKS_ALLOWED' => $url_status,

	'S_RESTORE_ALLOWED'			=> $auth->acl_get('m_approve', $forum_id),
'S_IS_DELETED' => ($mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED) ? true : false,
'S_LINKS_ALLOWED' => $url_status,