aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--phpBB/posting.php394
-rw-r--r--phpBB/templates/Default/posting_body.tpl3
2 files changed, 277 insertions, 120 deletions
diff --git a/phpBB/posting.php b/phpBB/posting.php
index d64bfbc830..9b73e1553d 100644
--- a/phpBB/posting.php
+++ b/phpBB/posting.php
@@ -23,6 +23,7 @@
***************************************************************************/
include('extension.inc');
include('common.'.$phpEx);
+include('includes/bbcode.'.$phpEx);
//
// Obtain which forum id is required
@@ -46,153 +47,309 @@ init_userprefs($userdata);
//
//
-// Nothing in this file is set, lots of things
-// will change to meet coding standards and new
-// posting code ...
-//
+// Posting specific functions.
+//
-if($submit && !$preview)
+// This function will prepare the message for entry into the database.
+function prepare_message($message, $html_on, $bbocde_on, $smile_on, $bbcode_uid = 0)
{
- switch($mode)
- {
- case 'newtopic':
- echo "Dave likes to submit<br>";
+ $message = trim($message);
+
+ if(!$html_on)
+ {
+ $message = htmlspecialchars($message);
+ }
+
+ if($bbocde_on)
+ {
+ $message = bbencode_first_pass($message, $bbcode_uid);
+ }
+
+ if($smile_on)
+ {
+ // No smile() function yet, write one...
+ //$message = smile($message);
+ }
+
+ $message = addslashes($message);
+ return($message);
+}
- break;
- case 'reply':
- break;
- case 'editpost':
+//
+// End Posting specific functions.
+//
- break;
- }
-}
-else
-{
- switch($mode)
- {
- case 'newtopic':
- if(!isset($HTTP_GET_VARS[POST_FORUM_URL]))
- {
- error_die(GENERAL_ERROR, "Sorry, no there is no such forum");
- }
+//
+// Put AUTH code here
+//
- $pagetype = "newtopic";
- $page_title = " $l_postnew";
- $sql = "SELECT forum_name, forum_access
- FROM ".FORUMS_TABLE."
- WHERE forum_id = $forum_id";
- if(!$result = $db->sql_query($sql))
- {
- error_die(SQL_QUERY, "Could not obtain forum/forum access information.", __LINE__, __FILE__);
- }
- $forum_info = $db->sql_fetchrow($result);
- $forum_name = stripslashes($forum_info['forum_name']);
- $forum_access = $forum_info['forum_access'];
- if($forum_access == ANONALLOWED)
- {
- $about_posting = "$l_anonusers $l_inthisforum $l_anonhint";
- }
- if($forum_access == REGONLY)
+switch($mode)
+{
+ case 'newtopic':
+ if(isset($HTTP_POST_VARS['submit']))
+ {
+ if(isset($HTTP_POST_VARS['disable_html']) || !$board_config['allow_html'])
{
- $about_posting = "$l_regusers $l_inthisforum";
+ $html_on = FALSE;
}
- if($forum_access == MODONLY)
+ else
{
- $about_posting = "$l_modusers $l_inthisforum";
+ $html_on = TRUE;
}
-
- include('includes/page_header.'.$phpEx);
-
- $template->set_filenames(array(
- "body" => "posting_body.tpl",
- "jumpbox" => "jumpbox.tpl")
- );
- $jumpbox = make_jumpbox();
- $template->assign_vars(array(
- "JUMPBOX_LIST" => $jumpbox,
- "SELECT_NAME" => POST_FORUM_URL)
- );
- $template->assign_var_from_handle("JUMPBOX", "jumpbox");
- $template->assign_vars(array(
- "L_POSTNEWIN" => $l_postnewin,
- "FORUM_ID" => $forum_id,
- "FORUM_NAME" => $forum_name,
- "U_VIEW_FORUM" => append_sid("viewforum.$phpEx?".POST_FORUM_URL."=$forum_id"))
- );
-
- if($userdata['session_logged_in'])
+ if(isset($HTTP_POST_VARS['disable_bbcode']) || !$board_config['allow_bbcode'])
{
- $username_input = $userdata["username"];
- $password_input = "";
+ $bbcode_on = FALSE;
}
else
{
- if(!isset($username))
- {
- $username = $userdata["username"];
- }
- $username_input = '<input type="text" name="username" value="'.$username.'" size="25" maxlength="50">';
- $password_input = '<input type="password" name="password" size="25" maxlenght="40">';
+ $uid = make_bbcode_uid();
+ $bbocde_on = TRUE;
}
- $subject_input = '<input type="text" name="subject" value="'.$subject.'" size="50" maxlenght="255">';
- $message_input = '<textarea name="message" rows="10" cols="35" wrap="virtual">'.$message.'</textarea>';
- if($allow_html)
+
+ if(isset($HTTP_POST_VARS['disable_smile']))
{
- $html_status = $l_htmlis . " " . $l_on;
- $html_toggle = '<input type="checkbox" name="disable_html" ';
- if($disable_html)
- {
- $html_toggle .= 'checked';
- }
- $html_toggle .= "> $l_disable $l_html $l_onthispost";
+ $smile_on = FALSE;
}
else
{
- $html_status = $l_htmlis . " " . $l_off;
+ $smile_on = TRUE;
}
- if($allow_bbcode)
+
+ $message = prepare_message($HTTP_POST_VARS['message'], $html_on, $bbocde_on, $smile_on, $uid);
+
+ if(isset($HTTP_POST_VARS['attach_sig']) && !empty($userdata['user_sig']))
{
- $bbcode_status = $l_bbcodeis . " " . $l_on;
- $bbcode_toggle = '<input type="checkbox" name="disable_bbcode" ';
- if($disable_bbcode)
+ $message .= "[addsig]";
+ }
+ $subject = trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['subject'])));
+ $topic_time = gmmktime(date("h, i, s, m, d, Y"));
+ $topic_notify = ($HTTP_POST_VARS['notify']) ? $HTTP_POST_VARS['notify'] : 0;
+ $sql = "INSERT INTO ".TOPICS_TABLE." (topic_title, topic_poster, topic_time, forum_id, topic_notify, topic_status)
+ VALUES ('$subject', ".$userdata['user_id'].", ".$topic_time.", $forum_id, $topic_notify, ".UNLOCKED.")";
+
+ if($db->sql_query($sql))
+ {
+ $new_topic_id = $db->sql_nextid();
+ $sql = "INSERT INTO ".POSTS_TABLE." (topic_id, forum_id, poster_id, post_time, poster_ip, bbcode_uid)
+ VALUES ($new_topic_id, $forum_id, ".$userdata['user_id'].", $topic_time, '".encode_ip($user_ip)."', '$uid')";
+
+ if($db->sql_query($sql))
{
- $bbcode_toggle .= "checked";
+ $new_post_id = $db->sql_nextid();
+ $sql = "INSERT INTO ".POSTS_TEXT_TABLE." VALUES ($new_post_id, '".$message."')";
+ if($db->sql_query($sql))
+ {
+ $sql = "UPDATE ".TOPICS_TABLE." SET topic_last_post_id = $new_post_id WHERE topic_id = $new_topic_id";
+ if($db->sql_query($sql))
+ {
+ $sql = "UPDATE ".FORUMS_TABLE." SET forum_last_post_id = $new_post_id, forum_posts = forum_posts + 1, forum_topics = forum_topics + 1 WHERE forum_id = $forum_id";
+ if($db->sql_query($sql))
+ {
+ include('includes/page_header.'.$phpEx);
+ // If we get here the post has been inserted successfully.
+ $msg = "$l_stored<br />$l_click <a href=\"".append_sid("viewtopic.$phpEx?".POST_TOPIC_URL."=$new_topic_id")."\">$l_here</a>
+ $l_viewmsg<br />$l_click <a href=\"".append_sid("viewforum.$phpEx?".POST_FORUM_URL."=$forum_id")."\">$l_here</a> $l_returntopic";
+
+ $template->set_filenames(array(
+ "reg_header" => "error_body.tpl"
+ ));
+ $template->assign_vars(array(
+ "ERROR_MESSAGE" => $msg
+ ));
+ $template->pparse("reg_header");
+
+ include('includes/page_tail.'.$phpEx);
+ }
+ else
+ {
+ error_die(QUERY_ERROR);
+ }
+ }
+ else
+ {
+ if(DEBUG)
+ {
+ $error = $db->sql_error();
+ error_die(QUERY_ERROR, "Error updating topics table.<br>Reason: ".$error['message']."<br>Query: $sql", __LINE__, __FILE__);
+ }
+ else
+ {
+ error_die(QUERY_ERROR);
+ }
+ }
+ }
+ else
+ {
+ if(DEBUG)
+ {
+ $error = $db->sql_error();
+ error_die(QUERY_ERROR, "Error inserting data into posts text table.<br>Reason: ".$error['message']."<br>Query: $sql", __LINE__, __FILE__);
+ }
+ else
+ {
+ error_die(QUERY_ERROR);
+ }
+ }
}
- $bbcode_toggle .= "> $l_disable $l_bbcode $l_onthispost";
- }
+ else
+ {
+ if(DEBUG)
+ {
+ $error = $db->sql_error();
+ error_die(QUERY_ERROR, "Error inserting data into posts table.<br>Reason: ".$error['message']."<br>Query: $sql", __LINE__, __FILE__);
+ }
+ else
+ {
+ error_die(QUERY_ERROR);
+ }
+ }
+ }
else
{
- $bbcode_status = $l_bbcodeis . " " . $l_off;
- }
+ if(DEBUG)
+ {
+ $error = $db->sql_error();
+ error_die(QUERY_ERROR, "Error inserting data into topics text table.<br>Reason: ".$error['message']."<br>Query: $sql", __LINE__, __FILE__);
+ }
+ else
+ {
+ error_die(QUERY_ERROR);
+ }
+ }
+
+
+
+ }
+ else if(isset($HTTP_POST_VARS['preview']))
+ {
+
+
+ }
+ if(!isset($HTTP_GET_VARS[POST_FORUM_URL]) && !isset($HTTP_POST_VARS[POST_FORUM_URL]))
+ {
+ error_die(GENERAL_ERROR, "Sorry, no there is no such forum");
+ }
+
+ $pagetype = "newtopic";
+ $page_title = " $l_postnew";
+
+ $sql = "SELECT forum_name, forum_access
+ FROM ".FORUMS_TABLE."
+ WHERE forum_id = $forum_id";
+ if(!$result = $db->sql_query($sql))
+ {
+ error_die(SQL_QUERY, "Could not obtain forum/forum access information.", __LINE__, __FILE__);
+ }
+ $forum_info = $db->sql_fetchrow($result);
+ $forum_name = stripslashes($forum_info['forum_name']);
+ $forum_access = $forum_info['forum_access'];
+
+ if($forum_access == ANONALLOWED)
+ {
+ $about_posting = "$l_anonusers $l_inthisforum $l_anonhint";
+ }
+ if($forum_access == REGONLY)
+ {
+ $about_posting = "$l_regusers $l_inthisforum";
+ }
+ if($forum_access == MODONLY)
+ {
+ $about_posting = "$l_modusers $l_inthisforum";
+ }
+
+ include('includes/page_header.'.$phpEx);
+
+ $template->set_filenames(array(
+ "body" => "posting_body.tpl",
+ "jumpbox" => "jumpbox.tpl")
+ );
+ $jumpbox = make_jumpbox();
+ $template->assign_vars(array(
+ "JUMPBOX_LIST" => $jumpbox,
+ "SELECT_NAME" => POST_FORUM_URL)
+ );
+ $template->assign_var_from_handle("JUMPBOX", "jumpbox");
+ $template->assign_vars(array(
+ "L_POSTNEWIN" => $l_postnewin,
+ "FORUM_ID" => $forum_id,
+ "FORUM_NAME" => $forum_name,
+
+ "U_VIEW_FORUM" => append_sid("viewforum.$phpEx?".POST_FORUM_URL."=$forum_id"))
+ );
- $smile_toggle = '<input type="checkbox" name="disable_smile" ';
- if($disable_smile)
+ if($userdata['session_logged_in'])
+ {
+ $username_input = $userdata["username"];
+ $password_input = "";
+ }
+ else
+ {
+ if(!isset($username))
{
- $smile_toggle .= "checked";
+ $username = $userdata["username"];
}
- $smile_toggle .= "> $l_disable $l_smilies $l_onthispost";
-
- $sig_toggle = '<input type="checkbox" name="attach_sig" ';
- if($attach_sig || $userdata["attach_sig"] == 1)
+ $username_input = '<input type="text" name="username" value="'.$username.'" size="25" maxlength="50">';
+ $password_input = '<input type="password" name="password" size="25" maxlenght="40">';
+ }
+ $subject_input = '<input type="text" name="subject" value="'.$subject.'" size="50" maxlenght="255">';
+ $message_input = '<textarea name="message" rows="10" cols="35" wrap="virtual">'.$message.'</textarea>';
+ if($board_config['allow_html'])
+ {
+ $html_status = $l_htmlis . " " . $l_on;
+ $html_toggle = '<input type="checkbox" name="disable_html" ';
+ if($disable_html)
{
- $sig_toggle .= "checked";
+ $html_toggle .= 'checked';
}
- $sig_toggle .= "> $l_attachsig";
-
- $notify_toggle = '<input type="checkbox" name="notify" ';
- if($notify || $userdata["always_notify"] == 1)
+ $html_toggle .= "> $l_disable $l_html $l_onthispost";
+ }
+ else
+ {
+ $html_status = $l_htmlis . " " . $l_off;
+ }
+ if($board_config['allow_bbcode'])
+ {
+ $bbcode_status = $l_bbcodeis . " " . $l_on;
+ $bbcode_toggle = '<input type="checkbox" name="disable_bbcode" ';
+ if($disable_bbcode)
{
- $notify_toggle .= "checked";
+ $bbcode_toggle .= "checked";
}
- $notify_toggle .= "> $l_notify";
+ $bbcode_toggle .= "> $l_disable $l_bbcode $l_onthispost";
+ }
+ else
+ {
+ $bbcode_status = $l_bbcodeis . " " . $l_off;
+ }
+
+ $smile_toggle = '<input type="checkbox" name="disable_smile" ';
+ if($disable_smile)
+ {
+ $smile_toggle .= "checked";
+ }
+ $smile_toggle .= "> $l_disable $l_smilies $l_onthispost";
+
+ $sig_toggle = '<input type="checkbox" name="attach_sig" ';
+ if($attach_sig || $userdata["attach_sig"] == 1)
+ {
+ $sig_toggle .= "checked";
+ }
+ $sig_toggle .= "> $l_attachsig";
+
+ $notify_toggle = '<input type="checkbox" name="notify" ';
+ if($notify || $userdata["always_notify"] == 1)
+ {
+ $notify_toggle .= "checked";
+ }
+ $notify_toggle .= "> $l_notify";
- $hidden_form_fields = "<input type=\"hidden\" name=\"mode\" value=\"$mode\"><input type=\"hidden\" name=\"forum_id\" value=\"$forum_id\"><input type=\"hidden\" name=\"topic_id\" value=\"$topic_id\">";
+ $hidden_form_fields = "<input type=\"hidden\" name=\"mode\" value=\"$mode\"><input type=\"hidden\" name=\"".POST_FORUM_URL."\" value=\"$forum_id\"><input type=\"hidden\" name=\"topic_id\" value=\"$topic_id\">";
- $template->assign_vars(array(
+ $template->assign_vars(array(
"L_ABOUT_POST" => $l_aboutpost,
"L_SUBJECT" => $l_subject,
"L_MESSAGE_BODY" => $l_body,
@@ -216,17 +373,16 @@ else
"S_POST_ACTION" => append_sid("posting.$phpEx"),
"S_HIDDEN_FORM_FIELDS" => $hidden_form_fields)
- );
- $template->pparse("body");
- include('includes/page_tail.'.$phpEx);
- break;
- case 'reply':
+ );
+ $template->pparse("body");
+ include('includes/page_tail.'.$phpEx);
+ break;
+ case 'reply':
- break;
- case 'editpost':
+ break;
+ case 'editpost':
- break;
- }
+ break;
}
diff --git a/phpBB/templates/Default/posting_body.tpl b/phpBB/templates/Default/posting_body.tpl
index 9256a4841c..3f80412609 100644
--- a/phpBB/templates/Default/posting_body.tpl
+++ b/phpBB/templates/Default/posting_body.tpl
@@ -46,7 +46,8 @@
{HTML_TOGGLE}<br>{BBCODE_TOGGLE}<br>{SMILE_TOGGLE}<br>{SIG_TOGGLE}<br>{NOTIFY_TOGGLE}</td>
</tr>
<tr class="tableheader">
- <td align="center" colspan="2">{S_HIDDEN_POST_FIELDS}<input type="submit" name="preview" value="{L_PREVIEW}">&nbsp;<input type="submit" name="submit" value="{L_SUBMIT}">&nbsp;<input type="submit" name="cancel" value="{L_CANCEL}"></td>
+ <td align="center" colspan="2">{S_HIDDEN_FORM_FIELDS}
+ <input type="submit" name="preview" value="{L_PREVIEW}">&nbsp;<input type="submit" name="submit" value="{L_SUBMIT}">&nbsp;<input type="submit" name="cancel" value="{L_CANCEL}"></td>
</tr>
</table>
</td>
generated by cgit v1.2.1 (git 2.21.0) at 2025-11-16 00:05:47 +0000