phpBB

Code Changes

File: posting.php

  Unmodified   Added   Modified   Removed
Line 29Line 29


// Grab only parameters needed here



// Grab only parameters needed here

$post_id	= $request->variable('p', 0);
$topic_id = $request->variable('t', 0);
$forum_id = $request->variable('f', 0);

 
$draft_id	= $request->variable('d', 0);

$preview = (isset($_POST['preview'])) ? true : false;

$draft_id	= $request->variable('d', 0);

$preview = (isset($_POST['preview'])) ? true : false;

Line 43Line 40
$refresh	= (isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load || $preview);
$submit = $request->is_set_post('post') && !$refresh && !$preview;
$mode = $request->variable('mode', '');

$refresh	= (isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load || $preview);
$submit = $request->is_set_post('post') && !$refresh && !$preview;
$mode = $request->variable('mode', '');

 

// Only assign required URL parameters
$forum_id = 0;
$topic_id = 0;
$post_id = 0;

switch ($mode)
{
case 'popup':
case 'smilies':
$forum_id = $request->variable('f', 0);
break;

case 'post':
$forum_id = $request->variable('f', 0);
if (!$forum_id)
{
trigger_error('NO_FORUM');
}
break;

case 'bump':
case 'reply':
$topic_id = $request->variable('t', 0);
if ($topic_id)
{
$sql = 'SELECT forum_id
FROM ' . TOPICS_TABLE . "
WHERE topic_id = $topic_id";
$result = $db->sql_query($sql);
$forum_id = (int) $db->sql_fetchfield('forum_id');
$db->sql_freeresult($result);
}

if (!$topic_id || !$forum_id)
{
trigger_error('NO_TOPIC');
}
break;

case 'edit':
case 'delete':
case 'quote':
case 'soft_delete':
$post_id = $request->variable('p', 0);
if ($post_id)
{
$topic_forum = [];

$sql = 'SELECT t.topic_id, t.forum_id
FROM ' . TOPICS_TABLE . ' t, ' . POSTS_TABLE . ' p
WHERE p.post_id = ' . $post_id . '
AND t.topic_id = p.topic_id';
$result = $db->sql_query($sql);
$topic_forum = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
}

if (!$post_id || !$topic_forum)
{
$user->setup('posting');
trigger_error('NO_POST');
}

// Need to update session forum_id to valid value for proper viewonline information
if (!$forum_id)
{
$user->page['forum'] = (int) $topic_forum['forum_id'];
$user->update_session_page = true;
$user->update_session_infos();
}

$topic_id = (int) $topic_forum['topic_id'];
$forum_id = (int) $topic_forum['forum_id'];

break;
}


// If the user is not allowed to delete the post, we try to soft delete it, so we overwrite the mode here.
if ($mode == 'delete' && (($confirm && !$request->is_set_post('delete_permanent')) || !$auth->acl_gets('f_delete', 'm_delete', $forum_id)))


// If the user is not allowed to delete the post, we try to soft delete it, so we overwrite the mode here.
if ($mode == 'delete' && (($confirm && !$request->is_set_post('delete_permanent')) || !$auth->acl_gets('f_delete', 'm_delete', $forum_id)))

Line 104Line 178
// Was cancel pressed? If so then redirect to the appropriate page
if ($cancel)
{

// Was cancel pressed? If so then redirect to the appropriate page
if ($cancel)
{

	$f = ($forum_id) ? 'f=' . $forum_id . '&' : '';
$redirect = ($post_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 't=' . $topic_id) : (($forum_id) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}index.$phpEx")));

	$redirect = ($post_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . $topic_id) : (($forum_id) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}index.$phpEx")));


	redirect($redirect);

	redirect($redirect);

}

if (in_array($mode, array('post', 'reply', 'quote', 'edit', 'delete')) && !$forum_id)
{
trigger_error('NO_FORUM');

 
}

/* @var $phpbb_content_visibility \phpbb\content_visibility */

}

/* @var $phpbb_content_visibility \phpbb\content_visibility */

Line 128Line 196

case 'bump':
case 'reply':


case 'bump':
case 'reply':

		if (!$topic_id)
{
trigger_error('NO_TOPIC');
}

// Force forum id
$sql = 'SELECT forum_id
FROM ' . TOPICS_TABLE . '
WHERE topic_id = ' . $topic_id;
$result = $db->sql_query($sql);
$f_id = (int) $db->sql_fetchfield('forum_id');
$db->sql_freeresult($result);

$forum_id = (!$f_id) ? $forum_id : $f_id;


 
		$sql = 'SELECT f.*, t.*
FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
WHERE t.topic_id = $topic_id

		$sql = 'SELECT f.*, t.*
FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
WHERE t.topic_id = $topic_id

Line 154Line 207
	case 'edit':
case 'delete':
case 'soft_delete':

	case 'edit':
case 'delete':
case 'soft_delete':

		if (!$post_id)
{
$user->setup('posting');
trigger_error('NO_POST');
}

// Force forum id
$sql = 'SELECT forum_id
FROM ' . POSTS_TABLE . '
WHERE post_id = ' . $post_id;
$result = $db->sql_query($sql);
$f_id = (int) $db->sql_fetchfield('forum_id');
$db->sql_freeresult($result);

$forum_id = (!$f_id) ? $forum_id : $f_id;


 
		$sql = 'SELECT f.*, t.*, p.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield
FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u
WHERE p.post_id = $post_id

		$sql = 'SELECT f.*, t.*, p.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield
FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u
WHERE p.post_id = $post_id

Line 255Line 292
}

$user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']);

}

$user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']);


// Use post_row values in favor of submitted ones...
$forum_id = (!empty($post_data['forum_id'])) ? (int) $post_data['forum_id'] : (int) $forum_id;
$topic_id = (!empty($post_data['topic_id'])) ? (int) $post_data['topic_id'] : (int) $topic_id;
$post_id = (!empty($post_data['post_id'])) ? (int) $post_data['post_id'] : (int) $post_id;

 

// Need to login to passworded forum first?
if ($post_data['forum_password'])


// Need to login to passworded forum first?
if ($post_data['forum_password'])

Line 786Line 818
			$attachment_manager = $phpbb_container->get('attachment.manager');
$attachment_manager->delete('attach', array_column($message_parser->attachment_data, 'attach_id'));


			$attachment_manager = $phpbb_container->get('attachment.manager');
$attachment_manager->delete('attach', array_column($message_parser->attachment_data, 'attach_id'));


			$meta_info = ($mode == 'post') ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id");

			$meta_info = ($mode == 'post') ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t=$topic_id");


meta_refresh(3, $meta_info);



meta_refresh(3, $meta_info);


Line 816Line 848
				'disable_smilies'	=> false,
'disable_magic_url' => false,
'attach_sig' => true,

				'disable_smilies'	=> false,
'disable_magic_url' => false,
'attach_sig' => true,

 
				'notify'			=> false,

				'lock_topic'		=> false,

'topic_type' => POST_NORMAL,

				'lock_topic'		=> false,

'topic_type' => POST_NORMAL,

Line 1397Line 1430
	// Store message, sync counters
if (!count($error) && $submit)
{

	// Store message, sync counters
if (!count($error) && $submit)
{

		if ($submit)








		/** @var \phpbb\lock\posting $posting_lock */
$posting_lock = $phpbb_container->get('posting.lock');

// Get creation time and form token, must be already checked at this point
$creation_time = abs($request->variable('creation_time', 0));
$form_token = $request->variable('form_token', '');

if ($posting_lock->acquire($creation_time, $form_token))

		{
// Lock/Unlock Topic
$change_topic_status = $post_data['topic_status'];

		{
// Lock/Unlock Topic
$change_topic_status = $post_data['topic_status'];

Line 1587Line 1627
			}

redirect($redirect_url);

			}

redirect($redirect_url);

 
		}
else
{
// Posting was already locked before, hence form submission was already attempted once and is now invalid
$error[] = $language->lang('FORM_INVALID');

		}
}
}

		}
}
}

Line 1815Line 1860
$notify_checked		= (isset($notify)) ? $notify : (($mode == 'post') ? $user->data['user_notify'] : $notify_set);

// Page title & action URL

$notify_checked		= (isset($notify)) ? $notify : (($mode == 'post') ? $user->data['user_notify'] : $notify_set);

// Page title & action URL

$s_action = append_sid("{$phpbb_root_path}posting.$phpEx", "mode=$mode&f=$forum_id");
$s_action .= ($topic_id) ? "&t=$topic_id" : '';
$s_action .= ($post_id) ? "&p=$post_id" : '';

$s_action = append_sid("{$phpbb_root_path}posting.$phpEx", "mode=$mode");




switch ($mode)
{
case 'post':


switch ($mode)
{
case 'post':

 
		$s_action .= $forum_id ? "&f=$forum_id" : '';

		$page_title = $user->lang['POST_TOPIC'];
break;


		$page_title = $user->lang['POST_TOPIC'];
break;


	case 'quote':

 
	case 'reply':

	case 'reply':

 
		$s_action .= $topic_id ? "&t=$topic_id" : '';
$page_title = $user->lang['POST_REPLY'];
break;

case 'quote':
$s_action .= $post_id ? "&p=$post_id" : '';

		$page_title = $user->lang['POST_REPLY'];
break;

case 'delete':
case 'edit':

		$page_title = $user->lang['POST_REPLY'];
break;

case 'delete':
case 'edit':

 
		$s_action .= $post_id ? "&p=$post_id" : '';

		$page_title = $user->lang['EDIT_POST'];
break;
}

		$page_title = $user->lang['EDIT_POST'];
break;
}

Line 1902Line 1952
	'EDIT_REASON'			=> $request->variable('edit_reason', '', true),
'SHOW_PANEL' => $request->variable('show_panel', ''),
'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id"),

	'EDIT_REASON'			=> $request->variable('edit_reason', '', true),
'SHOW_PANEL' => $request->variable('show_panel', ''),
'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id"),

	'U_VIEW_TOPIC'			=> ($mode != 'post') ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id") : '',

	'U_VIEW_TOPIC'			=> ($mode != 'post') ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t=$topic_id") : '',

	'U_PROGRESS_BAR'		=> append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&mode=popup"),
'UA_PROGRESS_BAR' => addslashes(append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&mode=popup")),


	'U_PROGRESS_BAR'		=> append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&mode=popup"),
'UA_PROGRESS_BAR' => addslashes(append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&mode=popup")),


Line 1917Line 1967
	'S_BBCODE_CHECKED'			=> ($bbcode_checked) ? ' checked="checked"' : '',
'S_SMILIES_ALLOWED' => $smilies_status,
'S_SMILIES_CHECKED' => ($smilies_checked) ? ' checked="checked"' : '',

	'S_BBCODE_CHECKED'			=> ($bbcode_checked) ? ' checked="checked"' : '',
'S_SMILIES_ALLOWED' => $smilies_status,
'S_SMILIES_CHECKED' => ($smilies_checked) ? ' checked="checked"' : '',

	'S_SIG_ALLOWED'				=> ($auth->acl_get('f_sigs', $forum_id) && $config['allow_sig'] && $user->data['is_registered']) ? true : false,

	'S_SIG_ALLOWED'				=> ($user->data['is_registered'] && $config['allow_sig'] && $auth->acl_get('f_sigs', $forum_id) && $auth->acl_get('u_sig')) ? true : false,

	'S_SIGNATURE_CHECKED'		=> ($sig_checked) ? ' checked="checked"' : '',
'S_NOTIFY_ALLOWED' => (!$user->data['is_registered'] || ($mode == 'edit' && $user->data['user_id'] != $post_data['poster_id']) || !$config['allow_topic_notify'] || !$config['email_enable']) ? false : true,
'S_NOTIFY_CHECKED' => ($notify_checked) ? ' checked="checked"' : '',

	'S_SIGNATURE_CHECKED'		=> ($sig_checked) ? ' checked="checked"' : '',
'S_NOTIFY_ALLOWED' => (!$user->data['is_registered'] || ($mode == 'edit' && $user->data['user_id'] != $post_data['poster_id']) || !$config['allow_topic_notify'] || !$config['email_enable']) ? false : true,
'S_NOTIFY_CHECKED' => ($notify_checked) ? ' checked="checked"' : '',

Line 2051Line 2101
}

// Attachment entry

}

// Attachment entry

posting_gen_attachment_entry($attachment_data, $filename_data, $allowed);

posting_gen_attachment_entry($attachment_data, $filename_data, $allowed, $forum_id);


// Output page ...
page_header($page_title);


// Output page ...
page_header($page_title);