Line 29 | Line 29 |
---|
// Grab only parameters needed here
|
// Grab only parameters needed here
|
$post_id = $request->variable('p', 0); $topic_id = $request->variable('t', 0); $forum_id = $request->variable('f', 0);
| |
$draft_id = $request->variable('d', 0);
$preview = (isset($_POST['preview'])) ? true : false;
| $draft_id = $request->variable('d', 0);
$preview = (isset($_POST['preview'])) ? true : false;
|
Line 43 | Line 40 |
---|
$refresh = (isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load || $preview); $submit = $request->is_set_post('post') && !$refresh && !$preview; $mode = $request->variable('mode', '');
|
$refresh = (isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load || $preview); $submit = $request->is_set_post('post') && !$refresh && !$preview; $mode = $request->variable('mode', '');
|
| // Only assign required URL parameters $forum_id = 0; $topic_id = 0; $post_id = 0;
switch ($mode) { case 'popup': case 'smilies': $forum_id = $request->variable('f', 0); break;
case 'post': $forum_id = $request->variable('f', 0); if (!$forum_id) { trigger_error('NO_FORUM'); } break;
case 'bump': case 'reply': $topic_id = $request->variable('t', 0); if ($topic_id) { $sql = 'SELECT forum_id FROM ' . TOPICS_TABLE . " WHERE topic_id = $topic_id"; $result = $db->sql_query($sql); $forum_id = (int) $db->sql_fetchfield('forum_id'); $db->sql_freeresult($result); }
if (!$topic_id || !$forum_id) { trigger_error('NO_TOPIC'); } break;
case 'edit': case 'delete': case 'quote': case 'soft_delete': $post_id = $request->variable('p', 0); if ($post_id) { $topic_forum = [];
$sql = 'SELECT t.topic_id, t.forum_id FROM ' . TOPICS_TABLE . ' t, ' . POSTS_TABLE . ' p WHERE p.post_id = ' . $post_id . ' AND t.topic_id = p.topic_id'; $result = $db->sql_query($sql); $topic_forum = $db->sql_fetchrow($result); $db->sql_freeresult($result); }
if (!$post_id || !$topic_forum) { $user->setup('posting'); trigger_error('NO_POST'); }
// Need to update session forum_id to valid value for proper viewonline information if (!$forum_id) { $user->page['forum'] = (int) $topic_forum['forum_id']; $user->update_session_page = true; $user->update_session_infos(); }
$topic_id = (int) $topic_forum['topic_id']; $forum_id = (int) $topic_forum['forum_id'];
break; }
|
// If the user is not allowed to delete the post, we try to soft delete it, so we overwrite the mode here. if ($mode == 'delete' && (($confirm && !$request->is_set_post('delete_permanent')) || !$auth->acl_gets('f_delete', 'm_delete', $forum_id)))
| // If the user is not allowed to delete the post, we try to soft delete it, so we overwrite the mode here. if ($mode == 'delete' && (($confirm && !$request->is_set_post('delete_permanent')) || !$auth->acl_gets('f_delete', 'm_delete', $forum_id)))
|
Line 104 | Line 178 |
---|
// Was cancel pressed? If so then redirect to the appropriate page if ($cancel) {
|
// Was cancel pressed? If so then redirect to the appropriate page if ($cancel) {
|
$f = ($forum_id) ? 'f=' . $forum_id . '&' : ''; $redirect = ($post_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 't=' . $topic_id) : (($forum_id) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}index.$phpEx")));
| $redirect = ($post_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . $topic_id) : (($forum_id) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}index.$phpEx")));
|
redirect($redirect);
|
redirect($redirect);
|
}
if (in_array($mode, array('post', 'reply', 'quote', 'edit', 'delete')) && !$forum_id) { trigger_error('NO_FORUM');
| |
}
/* @var $phpbb_content_visibility \phpbb\content_visibility */
| }
/* @var $phpbb_content_visibility \phpbb\content_visibility */
|
Line 128 | Line 196 |
---|
case 'bump': case 'reply':
|
case 'bump': case 'reply':
|
if (!$topic_id) { trigger_error('NO_TOPIC'); }
// Force forum id $sql = 'SELECT forum_id FROM ' . TOPICS_TABLE . ' WHERE topic_id = ' . $topic_id; $result = $db->sql_query($sql); $f_id = (int) $db->sql_fetchfield('forum_id'); $db->sql_freeresult($result);
$forum_id = (!$f_id) ? $forum_id : $f_id;
| |
$sql = 'SELECT f.*, t.* FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f WHERE t.topic_id = $topic_id
| $sql = 'SELECT f.*, t.* FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f WHERE t.topic_id = $topic_id
|
Line 154 | Line 207 |
---|
case 'edit': case 'delete': case 'soft_delete':
|
case 'edit': case 'delete': case 'soft_delete':
|
if (!$post_id) { $user->setup('posting'); trigger_error('NO_POST'); }
// Force forum id $sql = 'SELECT forum_id FROM ' . POSTS_TABLE . ' WHERE post_id = ' . $post_id; $result = $db->sql_query($sql); $f_id = (int) $db->sql_fetchfield('forum_id'); $db->sql_freeresult($result);
$forum_id = (!$f_id) ? $forum_id : $f_id;
| |
$sql = 'SELECT f.*, t.*, p.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u WHERE p.post_id = $post_id
| $sql = 'SELECT f.*, t.*, p.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u WHERE p.post_id = $post_id
|
Line 255 | Line 292 |
---|
}
$user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']);
|
}
$user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']);
|
// Use post_row values in favor of submitted ones... $forum_id = (!empty($post_data['forum_id'])) ? (int) $post_data['forum_id'] : (int) $forum_id; $topic_id = (!empty($post_data['topic_id'])) ? (int) $post_data['topic_id'] : (int) $topic_id; $post_id = (!empty($post_data['post_id'])) ? (int) $post_data['post_id'] : (int) $post_id;
| |
// Need to login to passworded forum first? if ($post_data['forum_password'])
| // Need to login to passworded forum first? if ($post_data['forum_password'])
|
Line 434 | Line 466 |
---|
}
// Forum/Topic locked?
|
}
// Forum/Topic locked?
|
if (($post_data['forum_status'] == ITEM_LOCKED || (isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED)) && !$auth->acl_get('m_edit', $forum_id))
| if (($post_data['forum_status'] == ITEM_LOCKED || (isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED)) && !$auth->acl_get($mode == 'reply' ? 'm_lock' : 'm_edit', $forum_id))
|
{ trigger_error(($post_data['forum_status'] == ITEM_LOCKED) ? 'FORUM_LOCKED' : 'TOPIC_LOCKED'); }
| { trigger_error(($post_data['forum_status'] == ITEM_LOCKED) ? 'FORUM_LOCKED' : 'TOPIC_LOCKED'); }
|
Line 728 | Line 760 |
---|
$url_status = ($config['allow_post_links']) ? true : false; $flash_status = ($bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash']) ? true : false; $quote_status = true;
|
$url_status = ($config['allow_post_links']) ? true : false; $flash_status = ($bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash']) ? true : false; $quote_status = true;
|
| /** * Event to override message BBCode status indications * * @event core.posting_modify_bbcode_status * * @var bool bbcode_status BBCode status * @var bool smilies_status Smilies status * @var bool img_status Image BBCode status * @var bool url_status URL BBCode status * @var bool flash_status Flash BBCode status * @var bool quote_status Quote BBCode status * @since 3.3.3-RC1 */ $vars = [ 'bbcode_status', 'smilies_status', 'img_status', 'url_status', 'flash_status', 'quote_status', ]; extract($phpbb_dispatcher->trigger_event('core.posting_modify_bbcode_status', compact($vars)));
|
// Save Draft if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote'))
| // Save Draft if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote'))
|
Line 735 | Line 790 |
---|
$subject = $request->variable('subject', '', true); $subject = (!$subject && $mode != 'post') ? $post_data['topic_title'] : $subject; $message = $request->variable('message', '', true);
|
$subject = $request->variable('subject', '', true); $subject = (!$subject && $mode != 'post') ? $post_data['topic_title'] : $subject; $message = $request->variable('message', '', true);
|
| /** * Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL to UCR/NCR. * Using their Numeric Character Reference's Hexadecimal notation. */ $subject = utf8_encode_ucr($subject);
|
if ($subject && $message) {
| if ($subject && $message) {
|
Line 753 | Line 814 |
---|
); $db->sql_query($sql);
|
); $db->sql_query($sql);
|
$meta_info = ($mode == 'post') ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id");
| /** @var \phpbb\attachment\manager $attachment_manager */ $attachment_manager = $phpbb_container->get('attachment.manager'); $attachment_manager->delete('attach', array_column($message_parser->attachment_data, 'attach_id'));
$meta_info = ($mode == 'post') ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t=$topic_id");
|
meta_refresh(3, $meta_info);
| meta_refresh(3, $meta_info);
|
Line 1162 | Line 1227 |
---|
$error[] = $user->lang['FORM_INVALID']; }
|
$error[] = $user->lang['FORM_INVALID']; }
|
if ($submit && $mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED && !isset($_POST['soft_delete']) && $auth->acl_get('m_approve', $forum_id))
| if ($submit && $mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED && !$request->is_set_post('delete') && $auth->acl_get('m_approve', $forum_id))
|
{
|
{
|
$is_first_post = ($post_id == $post_data['topic_first_post_id'] || !$post_data['topic_posts_approved']); $is_last_post = ($post_id == $post_data['topic_last_post_id'] || !$post_data['topic_posts_approved']);
| $is_first_post = ($post_id <= $post_data['topic_first_post_id'] || !$post_data['topic_posts_approved']); $is_last_post = ($post_id >= $post_data['topic_last_post_id'] || !$post_data['topic_posts_approved']);
|
$updated_post_data = $phpbb_content_visibility->set_post_visibility(ITEM_APPROVED, $post_id, $post_data['topic_id'], $post_data['forum_id'], $user->data['user_id'], time(), '', $is_first_post, $is_last_post);
if (!empty($updated_post_data))
| $updated_post_data = $phpbb_content_visibility->set_post_visibility(ITEM_APPROVED, $post_id, $post_data['topic_id'], $post_data['forum_id'], $user->data['user_id'], time(), '', $is_first_post, $is_last_post);
if (!empty($updated_post_data))
|
Line 1184 | Line 1249 |
---|
/** * Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL to UCR/NCR. * Using their Numeric Character Reference's Hexadecimal notation.
|
/** * Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL to UCR/NCR. * Using their Numeric Character Reference's Hexadecimal notation.
|
| * Check the permissions for posting Emojis first.
|
*/
|
*/
|
| if ($auth->acl_get('u_emoji')) {
|
$post_data['post_subject'] = utf8_encode_ucr($post_data['post_subject']);
|
$post_data['post_subject'] = utf8_encode_ucr($post_data['post_subject']);
|
| } else {
|
/**
|
/**
|
* This should never happen again. * Leaving the fallback here just in case there will be the need of it. *
| |
* Check for out-of-bounds characters that are currently * not supported by utf8_bin in MySQL */
| * Check for out-of-bounds characters that are currently * not supported by utf8_bin in MySQL */
|
Line 1199 | Line 1266 |
---|
$character_list = implode('<br>', $matches[0]);
$error[] = $user->lang('UNSUPPORTED_CHARACTERS_SUBJECT', $character_list);
|
$character_list = implode('<br>', $matches[0]);
$error[] = $user->lang('UNSUPPORTED_CHARACTERS_SUBJECT', $character_list);
|
| }
|
}
$post_data['poll_last_vote'] = (isset($post_data['poll_last_vote'])) ? $post_data['poll_last_vote'] : 0;
| }
$post_data['poll_last_vote'] = (isset($post_data['poll_last_vote'])) ? $post_data['poll_last_vote'] : 0;
|
Line 1361 | Line 1429 |
---|
// Store message, sync counters if (!count($error) && $submit) {
|
// Store message, sync counters if (!count($error) && $submit) {
|
if ($submit)
| /** @var \phpbb\lock\posting $posting_lock */ $posting_lock = $phpbb_container->get('posting.lock');
// Get creation time and form token, must be already checked at this point $creation_time = abs($request->variable('creation_time', 0)); $form_token = $request->variable('form_token', '');
if ($posting_lock->acquire($creation_time, $form_token))
|
{ // Lock/Unlock Topic $change_topic_status = $post_data['topic_status'];
| { // Lock/Unlock Topic $change_topic_status = $post_data['topic_status'];
|
Line 1532 | Line 1607 |
---|
}
// Handle delete mode...
|
}
// Handle delete mode...
|
if ($request->is_set_post('delete') || $request->is_set_post('delete_permanent'))
| if ($request->is_set_post('delete_permanent') || ($request->is_set_post('delete') && $post_data['post_visibility'] != ITEM_DELETED))
|
{ $delete_reason = $request->variable('delete_reason', '', true); phpbb_handle_post_delete($forum_id, $topic_id, $post_id, $post_data, !$request->is_set_post('delete_permanent'), $delete_reason);
| { $delete_reason = $request->variable('delete_reason', '', true); phpbb_handle_post_delete($forum_id, $topic_id, $post_id, $post_data, !$request->is_set_post('delete_permanent'), $delete_reason);
|
Line 1551 | Line 1626 |
---|
}
redirect($redirect_url);
|
}
redirect($redirect_url);
|
| } else { // Posting was already locked before, hence form submission was already attempted once and is now invalid $error[] = $language->lang('FORM_INVALID');
|
} } }
| } } }
|
Line 1779 | Line 1859 |
---|
$notify_checked = (isset($notify)) ? $notify : (($mode == 'post') ? $user->data['user_notify'] : $notify_set);
// Page title & action URL
|
$notify_checked = (isset($notify)) ? $notify : (($mode == 'post') ? $user->data['user_notify'] : $notify_set);
// Page title & action URL
|
$s_action = append_sid("{$phpbb_root_path}posting.$phpEx", "mode=$mode&f=$forum_id"); $s_action .= ($topic_id) ? "&t=$topic_id" : ''; $s_action .= ($post_id) ? "&p=$post_id" : '';
| $s_action = append_sid("{$phpbb_root_path}posting.$phpEx", "mode=$mode");
|
switch ($mode) { case 'post':
|
switch ($mode) { case 'post':
|
| $s_action .= $forum_id ? "&f=$forum_id" : '';
|
$page_title = $user->lang['POST_TOPIC']; break;
|
$page_title = $user->lang['POST_TOPIC']; break;
|
case 'quote':
| |
case 'reply':
|
case 'reply':
|
| $s_action .= $topic_id ? "&t=$topic_id" : ''; $page_title = $user->lang['POST_REPLY']; break;
case 'quote': $s_action .= $post_id ? "&p=$post_id" : '';
|
$page_title = $user->lang['POST_REPLY']; break;
case 'delete': case 'edit':
|
$page_title = $user->lang['POST_REPLY']; break;
case 'delete': case 'edit':
|
| $s_action .= $post_id ? "&p=$post_id" : '';
|
$page_title = $user->lang['EDIT_POST']; break; }
| $page_title = $user->lang['EDIT_POST']; break; }
|
Line 1866 | Line 1951 |
---|
'EDIT_REASON' => $request->variable('edit_reason', '', true), 'SHOW_PANEL' => $request->variable('show_panel', ''), 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id"),
|
'EDIT_REASON' => $request->variable('edit_reason', '', true), 'SHOW_PANEL' => $request->variable('show_panel', ''), 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id"),
|
'U_VIEW_TOPIC' => ($mode != 'post') ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id") : '',
| 'U_VIEW_TOPIC' => ($mode != 'post') ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t=$topic_id") : '',
|
'U_PROGRESS_BAR' => append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&mode=popup"), 'UA_PROGRESS_BAR' => addslashes(append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&mode=popup")),
| 'U_PROGRESS_BAR' => append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&mode=popup"), 'UA_PROGRESS_BAR' => addslashes(append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&mode=popup")),
|
Line 1890 | Line 1975 |
---|
'S_LOCK_POST_ALLOWED' => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false, 'S_LOCK_POST_CHECKED' => ($lock_post_checked) ? ' checked="checked"' : '', 'S_SOFTDELETE_CHECKED' => ($mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED) ? ' checked="checked"' : '',
|
'S_LOCK_POST_ALLOWED' => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false, 'S_LOCK_POST_CHECKED' => ($lock_post_checked) ? ' checked="checked"' : '', 'S_SOFTDELETE_CHECKED' => ($mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED) ? ' checked="checked"' : '',
|
'S_SOFTDELETE_ALLOWED' => ($mode == 'edit' && $phpbb_content_visibility->can_soft_delete($forum_id, $post_data['poster_id'], $lock_post_checked)) ? true : false,
| 'S_SOFTDELETE_ALLOWED' => ($mode == 'edit' && $phpbb_content_visibility->can_soft_delete($forum_id, $post_data['poster_id'], $lock_post_checked) && $post_id == $post_data['topic_last_post_id'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time'])) ? true : false,
|
'S_RESTORE_ALLOWED' => $auth->acl_get('m_approve', $forum_id), 'S_IS_DELETED' => ($mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED) ? true : false, 'S_LINKS_ALLOWED' => $url_status,
| 'S_RESTORE_ALLOWED' => $auth->acl_get('m_approve', $forum_id), 'S_IS_DELETED' => ($mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED) ? true : false, 'S_LINKS_ALLOWED' => $url_status,
|
Line 2015 | Line 2100 |
---|
}
// Attachment entry
|
}
// Attachment entry
|
posting_gen_attachment_entry($attachment_data, $filename_data, $allowed);
| posting_gen_attachment_entry($attachment_data, $filename_data, $allowed, $forum_id);
|
// Output page ... page_header($page_title);
| // Output page ... page_header($page_title);
|