Line 29 | Line 29 |
---|
// Grab only parameters needed here
|
// Grab only parameters needed here
|
$post_id = $request->variable('p', 0); $topic_id = $request->variable('t', 0); $forum_id = $request->variable('f', 0);
| |
$draft_id = $request->variable('d', 0);
$preview = (isset($_POST['preview'])) ? true : false;
| $draft_id = $request->variable('d', 0);
$preview = (isset($_POST['preview'])) ? true : false;
|
Line 43 | Line 40 |
---|
$refresh = (isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load || $preview); $submit = $request->is_set_post('post') && !$refresh && !$preview; $mode = $request->variable('mode', '');
|
$refresh = (isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load || $preview); $submit = $request->is_set_post('post') && !$refresh && !$preview; $mode = $request->variable('mode', '');
|
| // Only assign required URL parameters $forum_id = 0; $topic_id = 0; $post_id = 0;
switch ($mode) { case 'popup': case 'smilies': $forum_id = $request->variable('f', 0); break;
case 'post': $forum_id = $request->variable('f', 0); if (!$forum_id) { trigger_error('NO_FORUM'); } break;
case 'bump': case 'reply': $topic_id = $request->variable('t', 0); if ($topic_id) { $sql = 'SELECT forum_id FROM ' . TOPICS_TABLE . " WHERE topic_id = $topic_id"; $result = $db->sql_query($sql); $forum_id = (int) $db->sql_fetchfield('forum_id'); $db->sql_freeresult($result); }
if (!$topic_id || !$forum_id) { trigger_error('NO_TOPIC'); } break;
case 'edit': case 'delete': case 'quote': case 'soft_delete': $post_id = $request->variable('p', 0); if ($post_id) { $topic_forum = [];
$sql = 'SELECT t.topic_id, t.forum_id FROM ' . TOPICS_TABLE . ' t, ' . POSTS_TABLE . ' p WHERE p.post_id = ' . $post_id . ' AND t.topic_id = p.topic_id'; $result = $db->sql_query($sql); $topic_forum = $db->sql_fetchrow($result); $db->sql_freeresult($result); }
if (!$post_id || !$topic_forum) { $user->setup('posting'); trigger_error('NO_POST'); }
// Need to update session forum_id to valid value for proper viewonline information if (!$forum_id) { $user->page['forum'] = (int) $topic_forum['forum_id']; $user->update_session_page = true; $user->update_session_infos(); }
$topic_id = (int) $topic_forum['topic_id']; $forum_id = (int) $topic_forum['forum_id'];
break; }
|
// If the user is not allowed to delete the post, we try to soft delete it, so we overwrite the mode here. if ($mode == 'delete' && (($confirm && !$request->is_set_post('delete_permanent')) || !$auth->acl_gets('f_delete', 'm_delete', $forum_id)))
| // If the user is not allowed to delete the post, we try to soft delete it, so we overwrite the mode here. if ($mode == 'delete' && (($confirm && !$request->is_set_post('delete_permanent')) || !$auth->acl_gets('f_delete', 'm_delete', $forum_id)))
|
Line 104 | Line 178 |
---|
// Was cancel pressed? If so then redirect to the appropriate page if ($cancel) {
|
// Was cancel pressed? If so then redirect to the appropriate page if ($cancel) {
|
$f = ($forum_id) ? 'f=' . $forum_id . '&' : ''; $redirect = ($post_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 't=' . $topic_id) : (($forum_id) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}index.$phpEx")));
| $redirect = ($post_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . $topic_id) : (($forum_id) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}index.$phpEx")));
|
redirect($redirect);
|
redirect($redirect);
|
}
if (in_array($mode, array('post', 'reply', 'quote', 'edit', 'delete')) && !$forum_id) { trigger_error('NO_FORUM');
| |
}
/* @var $phpbb_content_visibility \phpbb\content_visibility */
| }
/* @var $phpbb_content_visibility \phpbb\content_visibility */
|
Line 128 | Line 196 |
---|
case 'bump': case 'reply':
|
case 'bump': case 'reply':
|
if (!$topic_id) { trigger_error('NO_TOPIC'); }
// Force forum id $sql = 'SELECT forum_id FROM ' . TOPICS_TABLE . ' WHERE topic_id = ' . $topic_id; $result = $db->sql_query($sql); $f_id = (int) $db->sql_fetchfield('forum_id'); $db->sql_freeresult($result);
$forum_id = (!$f_id) ? $forum_id : $f_id;
| |
$sql = 'SELECT f.*, t.* FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f WHERE t.topic_id = $topic_id
| $sql = 'SELECT f.*, t.* FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f WHERE t.topic_id = $topic_id
|
Line 154 | Line 207 |
---|
case 'edit': case 'delete': case 'soft_delete':
|
case 'edit': case 'delete': case 'soft_delete':
|
if (!$post_id) { $user->setup('posting'); trigger_error('NO_POST'); }
// Force forum id $sql = 'SELECT forum_id FROM ' . POSTS_TABLE . ' WHERE post_id = ' . $post_id; $result = $db->sql_query($sql); $f_id = (int) $db->sql_fetchfield('forum_id'); $db->sql_freeresult($result);
$forum_id = (!$f_id) ? $forum_id : $f_id;
| |
$sql = 'SELECT f.*, t.*, p.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u WHERE p.post_id = $post_id
| $sql = 'SELECT f.*, t.*, p.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u WHERE p.post_id = $post_id
|
Line 255 | Line 292 |
---|
}
$user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']);
|
}
$user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']);
|
// Use post_row values in favor of submitted ones... $forum_id = (!empty($post_data['forum_id'])) ? (int) $post_data['forum_id'] : (int) $forum_id; $topic_id = (!empty($post_data['topic_id'])) ? (int) $post_data['topic_id'] : (int) $topic_id; $post_id = (!empty($post_data['post_id'])) ? (int) $post_data['post_id'] : (int) $post_id;
| |
// Need to login to passworded forum first? if ($post_data['forum_password'])
| // Need to login to passworded forum first? if ($post_data['forum_password'])
|
Line 786 | Line 818 |
---|
$attachment_manager = $phpbb_container->get('attachment.manager'); $attachment_manager->delete('attach', array_column($message_parser->attachment_data, 'attach_id'));
|
$attachment_manager = $phpbb_container->get('attachment.manager'); $attachment_manager->delete('attach', array_column($message_parser->attachment_data, 'attach_id'));
|
$meta_info = ($mode == 'post') ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id");
| $meta_info = ($mode == 'post') ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t=$topic_id");
|
meta_refresh(3, $meta_info);
| meta_refresh(3, $meta_info);
|
Line 1397 | Line 1429 |
---|
// Store message, sync counters if (!count($error) && $submit) {
|
// Store message, sync counters if (!count($error) && $submit) {
|
if ($submit)
| /** @var \phpbb\lock\posting $posting_lock */ $posting_lock = $phpbb_container->get('posting.lock');
// Get creation time and form token, must be already checked at this point $creation_time = abs($request->variable('creation_time', 0)); $form_token = $request->variable('form_token', '');
if ($posting_lock->acquire($creation_time, $form_token))
|
{ // Lock/Unlock Topic $change_topic_status = $post_data['topic_status'];
| { // Lock/Unlock Topic $change_topic_status = $post_data['topic_status'];
|
Line 1587 | Line 1626 |
---|
}
redirect($redirect_url);
|
}
redirect($redirect_url);
|
| } else { // Posting was already locked before, hence form submission was already attempted once and is now invalid $error[] = $language->lang('FORM_INVALID');
|
} } }
| } } }
|
Line 1815 | Line 1859 |
---|
$notify_checked = (isset($notify)) ? $notify : (($mode == 'post') ? $user->data['user_notify'] : $notify_set);
// Page title & action URL
|
$notify_checked = (isset($notify)) ? $notify : (($mode == 'post') ? $user->data['user_notify'] : $notify_set);
// Page title & action URL
|
$s_action = append_sid("{$phpbb_root_path}posting.$phpEx", "mode=$mode&f=$forum_id"); $s_action .= ($topic_id) ? "&t=$topic_id" : ''; $s_action .= ($post_id) ? "&p=$post_id" : '';
| $s_action = append_sid("{$phpbb_root_path}posting.$phpEx", "mode=$mode");
|
switch ($mode) { case 'post':
|
switch ($mode) { case 'post':
|
| $s_action .= $forum_id ? "&f=$forum_id" : '';
|
$page_title = $user->lang['POST_TOPIC']; break;
|
$page_title = $user->lang['POST_TOPIC']; break;
|
case 'quote':
| |
case 'reply':
|
case 'reply':
|
| $s_action .= $topic_id ? "&t=$topic_id" : ''; $page_title = $user->lang['POST_REPLY']; break;
case 'quote': $s_action .= $post_id ? "&p=$post_id" : '';
|
$page_title = $user->lang['POST_REPLY']; break;
case 'delete': case 'edit':
|
$page_title = $user->lang['POST_REPLY']; break;
case 'delete': case 'edit':
|
| $s_action .= $post_id ? "&p=$post_id" : '';
|
$page_title = $user->lang['EDIT_POST']; break; }
| $page_title = $user->lang['EDIT_POST']; break; }
|
Line 1902 | Line 1951 |
---|
'EDIT_REASON' => $request->variable('edit_reason', '', true), 'SHOW_PANEL' => $request->variable('show_panel', ''), 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id"),
|
'EDIT_REASON' => $request->variable('edit_reason', '', true), 'SHOW_PANEL' => $request->variable('show_panel', ''), 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id"),
|
'U_VIEW_TOPIC' => ($mode != 'post') ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id") : '',
| 'U_VIEW_TOPIC' => ($mode != 'post') ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t=$topic_id") : '',
|
'U_PROGRESS_BAR' => append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&mode=popup"), 'UA_PROGRESS_BAR' => addslashes(append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&mode=popup")),
| 'U_PROGRESS_BAR' => append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&mode=popup"), 'UA_PROGRESS_BAR' => addslashes(append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&mode=popup")),
|
Line 2051 | Line 2100 |
---|
}
// Attachment entry
|
}
// Attachment entry
|
posting_gen_attachment_entry($attachment_data, $filename_data, $allowed);
| posting_gen_attachment_entry($attachment_data, $filename_data, $allowed, $forum_id);
|
// Output page ... page_header($page_title);
| // Output page ... page_header($page_title);
|