diff options
Diffstat (limited to 'phpBB/posting.php')
| -rw-r--r-- | phpBB/posting.php | 68 |
1 files changed, 58 insertions, 10 deletions
diff --git a/phpBB/posting.php b/phpBB/posting.php index 75085a5635..59616a2858 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -222,6 +222,25 @@ if (!$post_data) trigger_error(($mode == 'post' || $mode == 'bump' || $mode == 'reply') ? 'NO_TOPIC' : 'NO_POST'); } +/** +* This event allows you to bypass reply/quote test of an unapproved post. +* +* @event core.posting_modify_row_data +* @var array post_data All post data from database +* @var string mode What action to take if the form has been submitted +* post|reply|quote|edit|delete|bump|smilies|popup +* @var int topic_id ID of the topic +* @var int forum_id ID of the forum +* @since 3.2.8-RC1 +*/ +$vars = array( + 'post_data', + 'mode', + 'topic_id', + 'forum_id', +); +extract($phpbb_dispatcher->trigger_event('core.posting_modify_row_data', compact($vars))); + // Not able to reply to unapproved posts/topics // TODO: add more descriptive language key if ($auth->acl_get('m_approve', $forum_id) && ((($mode == 'reply' || $mode == 'bump') && $post_data['topic_visibility'] != ITEM_APPROVED) || ($mode == 'quote' && $post_data['post_visibility'] != ITEM_APPROVED))) @@ -237,12 +256,6 @@ if ($mode == 'popup') $user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']); -if ($config['enable_post_confirm'] && !$user->data['is_registered']) -{ - $captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']); - $captcha->init(CONFIRM_POST); -} - // Use post_row values in favor of submitted ones... $forum_id = (!empty($post_data['forum_id'])) ? (int) $post_data['forum_id'] : (int) $forum_id; $topic_id = (!empty($post_data['topic_id'])) ? (int) $post_data['topic_id'] : (int) $topic_id; @@ -408,6 +421,12 @@ if (!$is_authed || !empty($error)) login_box('', $message); } +if ($config['enable_post_confirm'] && !$user->data['is_registered']) +{ + $captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']); + $captcha->init(CONFIRM_POST); +} + // Is the user able to post within this forum? if ($post_data['forum_type'] != FORUM_POST && in_array($mode, array('post', 'bump', 'quote', 'reply'))) { @@ -955,7 +974,10 @@ if ($submit || $preview || $refresh) } // Parse Attachments - before checksum is calculated - $message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh); + if ($message_parser->check_attachment_form_token($language, $request, 'posting')) + { + $message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh); + } /** * This event allows you to modify message text before parsing @@ -1159,11 +1181,23 @@ if ($submit || $preview || $refresh) $error[] = $user->lang['EMPTY_SUBJECT']; } - // Check for out-of-bounds characters that are currently - // not supported by utf8_bin in MySQL + /** + * Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL to UCR/NCR. + * Using their Numeric Character Reference's Hexadecimal notation. + */ + $post_data['post_subject'] = utf8_encode_ucr($post_data['post_subject']); + + /** + * This should never happen again. + * Leaving the fallback here just in case there will be the need of it. + * + * Check for out-of-bounds characters that are currently + * not supported by utf8_bin in MySQL + */ if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $post_data['post_subject'], $matches)) { - $character_list = implode('<br />', $matches[0]); + $character_list = implode('<br>', $matches[0]); + $error[] = $user->lang('UNSUPPORTED_CHARACTERS_SUBJECT', $character_list); } @@ -1671,6 +1705,20 @@ if ($generate_quote) if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh) { $post_data['post_subject'] = ((strpos($post_data['post_subject'], 'Re: ') !== 0) ? 'Re: ' : '') . censor_text($post_data['post_subject']); + + $post_subject = $post_data['post_subject']; + + /** + * This event allows you to modify the post subject of the post being quoted + * + * @event core.posting_modify_post_subject + * @var string post_subject String with the post subject already censored. + * @since 3.2.8-RC1 + */ + $vars = array('post_subject'); + extract($phpbb_dispatcher->trigger_event('core.posting_modify_post_subject', compact($vars))); + + $post_data['post_subject'] = $post_subject; } $attachment_data = $message_parser->attachment_data; |