archives - Zarb.org Mailing List Archives

diff options

Diffstat (limited to 'zarb-ml/mageia-discuss/20120510/007267.html')

-rw-r--r--

zarb-ml/mageia-discuss/20120510/007267.html

1 files changed, 84 insertions, 0 deletions

<?php /** * * @package phpBB3 * @copyright (c) 2005 phpBB Group * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 * */ /** * @ignore */ define('IN_PHPBB', true); $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './'; $phpEx = substr(strrchr(__FILE__, '.'), 1); include($phpbb_root_path . 'common.' . $phpEx); include($phpbb_root_path . 'includes/functions_posting.' . $phpEx); include($phpbb_root_path . 'includes/functions_display.' . $phpEx); include($phpbb_root_path . 'includes/message_parser.' . $phpEx); // Start session management $user->session_begin(); $auth->acl($user->data); // Grab only parameters needed here $post_id = request_var('p', 0); $topic_id = request_var('t', 0); $forum_id = request_var('f', 0); $draft_id = request_var('d', 0); $lastclick = request_var('lastclick', 0); $submit = (isset($_POST['post'])) ? true : false; $preview = (isset($_POST['preview'])) ? true : false; $save = (isset($_POST['save'])) ? true : false; $load = (isset($_POST['load'])) ? true : false; $delete = (isset($_POST['delete'])) ? true : false; $cancel = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false; $refresh = (isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['cancel_unglobalise']) || $save || $load || $preview) ? true : false; $mode = ($delete && !$preview && !$refresh && $submit) ? 'delete' : request_var('mode', ''); $error = $post_data = array(); $current_time = time(); /** * This event allows you to alter the above parameters, such as submit and mode * * Note: $refresh must be true to retain previously submitted form data. * * Note: The template class will not work properly until $user->setup() is * called, and it has not been called yet. Extensions requiring template * assignments should use an event that comes later in this file. * * @event core.modify_posting_parameters * @var int post_id ID of the post * @var int topic_id ID of the topic * @var int forum_id ID of the forum * @var int draft_id ID of the draft * @var int lastclick Timestamp of when the form was last loaded * @var bool submit Whether or not the form has been submitted * @var bool preview Whether or not the post is being previewed * @var bool save Whether or not a draft is being saved * @var bool load Whether or not a draft is being loaded * @var bool delete Whether or not the post is being deleted * @var bool cancel Whether or not to cancel the form (returns to * viewtopic or viewforum depending on if the user * is posting a new topic or editing a post) * @var bool refresh Whether or not to retain previously submitted data * @var string mode What action to take if the form has been sumitted * post|reply|quote|edit|delete|bump|smilies|popup * @var array error Any error strings; a non-empty array aborts * form submission. * NOTE: Should be actual language strings, NOT * language keys. * @since 3.1-A1 */ $vars = array('post_id', 'topic_id', 'forum_id', 'draft_id', 'lastclick', 'submit', 'preview', 'save', 'load', 'delete', 'cancel', 'refresh', 'mode', 'error'); extract($phpbb_dispatcher->trigger_event('core.modify_posting_parameters', compact($vars))); // Was cancel pressed? If so then redirect to the appropriate page if ($cancel || ($current_time - $lastclick < 2 && $submit)) { $f = ($forum_id) ? 'f=' . $forum_id . '&' : ''; $redirect = ($post_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 't=' . $topic_id) : (($forum_id) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}index.$phpEx"))); redirect($redirect); } if (in_array($mode, array('post', 'reply', 'quote', 'edit', 'delete')) && !$forum_id) { trigger_error('NO_FORUM'); } // We need to know some basic information in all cases before we do anything. switch ($mode) { case 'post': $sql = 'SELECT * FROM ' . FORUMS_TABLE . " WHERE forum_id = $forum_id"; break; case 'bump': case 'reply': if (!$topic_id) { trigger_error('NO_TOPIC'); } // Force forum id $sql = 'SELECT forum_id FROM ' . TOPICS_TABLE . ' WHERE topic_id = ' . $topic_id; $result = $db->sql_query($sql); $f_id = (int) $db->sql_fetchfield('forum_id'); $db->sql_freeresult($result); $forum_id = (!$f_id) ? $forum_id : $f_id; $sql = 'SELECT f.*, t.* FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f WHERE t.topic_id = $topic_id AND f.forum_id = t.forum_id" . (($auth->acl_get('m_approve', $forum_id)) ? '' : ' AND t.topic_approved = 1'); break; case 'quote': case 'edit': case 'delete': if (!$post_id) { $user->setup('posting'); trigger_error('NO_POST'); } // Force forum id $sql = 'SELECT forum_id FROM ' . POSTS_TABLE . ' WHERE post_id = ' . $post_id; $result = $db->sql_query($sql); $f_id = (int) $db->sql_fetchfield('forum_id'); $db->sql_freeresult($result); $forum_id = (!$f_id) ? $forum_id : $f_id; $sql = 'SELECT f.*, t.*, p.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u WHERE p.post_id = $post_id AND t.topic_id = p.topic_id AND u.user_id = p.poster_id AND f.forum_id = t.forum_id" . (($auth->acl_get('m_approve', $forum_id)) ? '' : ' AND p.post_approved = 1'); break; case 'smilies': $sql = ''; generate_smilies('window', $forum_id); break; case 'popup': if ($forum_id) { $sql = 'SELECT forum_style FROM ' . FORUMS_TABLE . ' WHERE forum_id = ' . $forum_id; } else { upload_popup(); return; } break; default: $sql = ''; break; } if (!$sql) { $user->setup('posting'); trigger_error('NO_POST_MODE'); } $result = $db->sql_query($sql); $post_data = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$post_data) { if (!($mode == 'post' || $mode == 'bump' || $mode == 'reply')) { $user->setup('posting'); } trigger_error(($mode == 'post' || $mode == 'bump' || $mode == 'reply') ? 'NO_TOPIC' : 'NO_POST'); } // Not able to reply to unapproved posts/topics // TODO: add more descriptive language key if ($auth->acl_get('m_approve', $forum_id) && ((($mode == 'reply' || $mode == 'bump') && !$post_data['topic_approved']) || ($mode == 'quote' && !$post_data['post_approved']))) { trigger_error(($mode == 'reply' || $mode == 'bump') ? 'TOPIC_UNAPPROVED' : 'POST_UNAPPROVED'); } if ($mode == 'popup') { upload_popup($post_data['forum_style']); return; } $user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']); if ($config['enable_post_confirm'] && !$user->data['is_registered']) { include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx); $captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']); $captcha->init(CONFIRM_POST); } // Use post_row values in favor of submitted ones... $forum_id = (!empty($post_data['forum_id'])) ? (int) $post_data['forum_id'] : (int) $forum_id; $topic_id = (!empty($post_data['topic_id'])) ? (int) $post_data['topic_id'] : (int) $topic_id; $post_id = (!empty($post_data['post_id'])) ? (int) $post_data['post_id'] : (int) $post_id; // Need to login to passworded forum first? if ($post_data['forum_password']) { login_forum_box(array( 'forum_id' => $forum_id, 'forum_password' => $post_data['forum_password']) ); } // Check permissions if ($user->data['is_bot']) { redirect(append_sid("{$phpbb_root_path}index.$phpEx")); } // Is the user able to read within this forum? if (!$auth->acl_get('f_read', $forum_id)) { if ($user->data['user_id'] != ANONYMOUS) { trigger_error('USER_CANNOT_READ'); } login_box('', $user->lang['LOGIN_EXPLAIN_POST']); } // Permission to do the action asked? $is_authed = false; switch ($mode) { case 'post': if ($auth->acl_get('f_post', $forum_id)) { $is_authed = true; } break; case 'bump': if ($auth->acl_get('f_bump', $forum_id)) { $is_authed = true; } break; case 'quote': $post_data['post_edit_locked'] = 0; // no break; case 'reply': if ($auth->acl_get('f_reply', $forum_id)) { $is_authed = true; } break; case 'edit': if ($user->data['is_registered'] && $auth->acl_gets('f_edit', 'm_edit', $forum_id)) { $is_authed = true; } break; case 'delete': if ($user->data['is_registered'] && $auth->acl_gets('f_delete', 'm_delete', $forum_id)) { $is_authed = true; } break; } if (!$is_authed) { $check_auth = ($mode == 'quote') ? 'reply' : $mode; if ($user->data['is_registered']) { trigger_error('USER_CANNOT_' . strtoupper($check_auth)); } login_box('', $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)]); } // Is the user able to post within this forum? if ($post_data['forum_type'] != FORUM_POST && in_array($mode, array('post', 'bump', 'quote', 'reply'))) { trigger_error('USER_CANNOT_FORUM_POST'); } // Forum/Topic locked? if (($post_data['forum_status'] == ITEM_LOCKED || (isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED)) && !$auth->acl_get('m_edit', $forum_id)) { trigger_error(($post_data['forum_status'] == ITEM_LOCKED) ? 'FORUM_LOCKED' : 'TOPIC_LOCKED'); } // Can we edit this post ... if we're a moderator with rights then always yes // else it depends on editing times, lock status and if we're the correct user if ($mode == 'edit' && !$auth->acl_get('m_edit', $forum_id)) { if ($user->data['user_id'] != $post_data['poster_id']) { trigger_error('USER_CANNOT_EDIT'); } if (!($post_data['post_time'] > time() - ($config['edit_time'] * 60) || !$config['edit_time'])) { trigger_error('CANNOT_EDIT_TIME'); } if ($post_data['post_edit_locked']) { trigger_error('CANNOT_EDIT_POST_LOCKED'); } } // Handle delete mode... if ($mode == 'delete') { handle_post_delete($forum_id, $topic_id, $post_id, $post_data); return; } // Handle bump mode... if ($mode == 'bump') { if ($bump_time = bump_topic_allowed($forum_id, $post_data['topic_bumped'], $post_data['topic_last_post_time'], $post_data['topic_poster'], $post_data['topic_last_poster_id']) && check_link_hash(request_var('hash', ''), "topic_{$post_data['topic_id']}")) { $meta_url = phpbb_bump_topic($forum_id, $topic_id, $post_data, $current_time); meta_refresh(3, $meta_url); $message = $user->lang['TOPIC_BUMPED'] . ' ' . $user->lang('VIEW_MESSAGE', '<a href="' . $meta_url . '">', '</a>'); $message .= ' ' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>'); trigger_error($message); } trigger_error('BUMP_ERROR'); } // Subject length limiting to 60 characters if first post... if ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_data['post_id'])) { $template->assign_var('S_NEW_MESSAGE', true); } // Determine some vars if (isset($post_data['poster_id']) && $post_data['poster_id'] == ANONYMOUS) { $post_data['quote_username'] = (!empty($post_data['post_username'])) ? $post_data['post_username'] : $user->lang['GUEST']; } else { $post_data['quote_username'] = isset($post_data['username']) ? $post_data['username'] : ''; } $post_data['post_edit_locked'] = (isset($post_data['post_edit_locked'])) ? (int) $post_data['post_edit_locked'] : 0; $post_data['post_subject_md5'] = (isset($post_data['post_subject']) && $mode == 'edit') ? md5($post_data['post_subject']) : ''; $post_data['post_subject'] = (in_array($mode, array('quote', 'edit'))) ? $post_data['post_subject'] : ((isset($post_data['topic_title'])) ? $post_data['topic_title'] : ''); $post_data['topic_time_limit'] = (isset($post_data['topic_time_limit'])) ? (($post_data['topic_time_limit']) ? (int) $post_data['topic_time_limit'] / 86400 : (int) $post_data['topic_time_limit']) : 0; $post_data['poll_length'] = (!empty($post_data['poll_length'])) ? (int) $post_data['poll_length'] / 86400 : 0; $post_data['poll_start'] = (!empty($post_data['poll_start'])) ? (int) $post_data['poll_start'] : 0; $post_data['icon_id'] = (!isset($post_data['icon_id']) || in_array($mode, array('quote', 'reply'))) ? 0 : (int) $post_data['icon_id']; $post_data['poll_options'] = array(); // Get Poll Data if ($post_data['poll_start']) { $sql = 'SELECT poll_option_text FROM ' . POLL_OPTIONS_TABLE . " WHERE topic_id = $topic_id ORDER BY poll_option_id"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $post_data['poll_options'][] = trim($row['poll_option_text']); } $db->sql_freeresult($result); } if ($mode == 'edit') { $original_poll_data = array( 'poll_title' => $post_data['poll_title'], 'poll_length' => $post_data['poll_length'], 'poll_max_options' => $post_data['poll_max_options'], 'poll_option_text' => implode("\n", $post_data['poll_options']), 'poll_start' => $post_data['poll_start'], 'poll_last_vote' => $post_data['poll_last_vote'], 'poll_vote_change' => $post_data['poll_vote_change'], ); } $orig_poll_options_size = sizeof($post_data['poll_options']); $message_parser = new parse_message(); if (isset($post_data['post_text'])) { $message_parser->message = &$post_data['post_text']; unset($post_data['post_text']); } // Set some default variables $uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0); foreach ($uninit as $var_name => $default_value) { if (!isset($post_data[$var_name])) { $post_data[$var_name] = $default_value; } } unset($uninit); // Always check if the submitted attachment data is valid and belongs to the user. // Further down (especially in submit_post()) we do not check this again. $message_parser->get_submitted_attachment_data($post_data['poster_id']); if ($post_data['post_attachment'] && !$submit && !$refresh && !$preview && $mode == 'edit') { // Do not change to SELECT * $sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename FROM ' . ATTACHMENTS_TABLE . " WHERE post_msg_id = $post_id AND in_message = 0 AND is_orphan = 0 ORDER BY filetime DESC"; $result = $db->sql_query($sql); $message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result)); $db->sql_freeresult($result); } if ($post_data['poster_id'] == ANONYMOUS) { $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['post_username']) : ''; } else { $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['username']) : ''; } $post_data['enable_urls'] = $post_data['enable_magic_url']; if ($mode != 'edit') { $post_data['enable_sig'] = ($config['allow_sig'] && $user->optionget('attachsig')) ? true: false; $post_data['enable_smilies'] = ($config['allow_smilies'] && $user->optionget('smilies')) ? true : false; $post_data['enable_bbcode'] = ($config['allow_bbcode'] && $user->optionget('bbcode')) ? true : false; $post_data['enable_urls'] = true; } $post_data['enable_magic_url'] = $post_data['drafts'] = false; // User own some drafts? if ($user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote')) { $sql = 'SELECT draft_id FROM ' . DRAFTS_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . (($forum_id) ? ' AND forum_id = ' . (int) $forum_id : '') . (($topic_id) ? ' AND topic_id = ' . (int) $topic_id : '') . (($draft_id) ? " AND draft_id <> $draft_id" : ''); $result = $db->sql_query_limit($sql, 1); if ($db->sql_fetchrow($result)) { $post_data['drafts'] = true; } $db->sql_freeresult($result); } $check_value = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1); // Check if user is watching this topic if ($mode != 'post' && $config['allow_topic_notify'] && $user->data['is_registered']) { $sql = 'SELECT topic_id FROM ' . TOPICS_WATCH_TABLE . ' WHERE topic_id = ' . $topic_id . ' AND user_id = ' . $user->data['user_id']; $result = $db->sql_query($sql); $post_data['notify_set'] = (int) $db->sql_fetchfield('topic_id'); $db->sql_freeresult($result); } // Do we want to edit our post ? if ($mode == 'edit' && $post_data['bbcode_uid']) { $message_parser->bbcode_uid = $post_data['bbcode_uid']; } // HTML, BBCode, Smilies, Images and Flash status $bbcode_status = ($config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id)) ? true : false; $smilies_status = ($config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id)) ? true : false; $img_status = ($bbcode_status && $auth->acl_get('f_img', $forum_id)) ? true : false; $url_status = ($config['allow_post_links']) ? true : false; $flash_status = ($bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash']) ? true : false; $quote_status = true; // Save Draft if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote')) { $subject = utf8_normalize_nfc(request_var('subject', '', true)); $subject = (!$subject && $mode != 'post') ? $post_data['topic_title'] : $subject; $message = utf8_normalize_nfc(request_var('message', '', true)); if ($subject && $message) { if (confirm_box(true)) { $sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array( 'user_id' => (int) $user->data['user_id'], 'topic_id' => (int) $topic_id, 'forum_id' => (int) $forum_id, 'save_time' => (int) $current_time, 'draft_subject' => (string) $subject, 'draft_message' => (string) $message) ); $db->sql_query($sql); $meta_info = ($mode == 'post') ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id"); meta_refresh(3, $meta_info); $message = $user->lang['DRAFT_SAVED'] . ' '; $message .= ($mode != 'post') ? sprintf($user->lang['RETURN_TOPIC'], '<a href="' . $meta_info . '">', '</a>') . ' ' : ''; $message .= sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>'); trigger_error($message); } else { $s_hidden_fields = build_hidden_fields(array( 'mode' => $mode, 'save' => true, 'f' => $forum_id, 't' => $topic_id, 'subject' => $subject, 'message' => $message, 'attachment_data' => $message_parser->attachment_data, ) ); $hidden_fields = array( 'icon_id' => 0, 'disable_bbcode' => false, 'disable_smilies' => false, 'disable_magic_url' => false, 'attach_sig' => true, 'lock_topic' => false, 'topic_type' => POST_NORMAL, 'topic_time_limit' => 0, 'poll_title' => '', 'poll_option_text' => '', 'poll_max_options' => 1, 'poll_length' => 0, 'poll_vote_change' => false, ); foreach ($hidden_fields as $name => $default) { if (!isset($_POST[$name])) { // Don't include it, if its not available unset($hidden_fields[$name]); continue; } if (is_bool($default)) { // Use the string representation $hidden_fields[$name] = request_var($name, ''); } else { $hidden_fields[$name] = request_var($name, $default); } } $s_hidden_fields .= build_hidden_fields($hidden_fields); confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields); } } else { if (utf8_clean_string($subject) === '') { $error[] = $user->lang['EMPTY_SUBJECT']; } if (utf8_clean_string($message) === '') { $error[] = $user->lang['TOO_FEW_CHARS']; } } unset($subject, $message); } // Load requested Draft if ($draft_id && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $user->data['is_registered'] && $auth->acl_get('u_savedrafts')) { $sql = 'SELECT draft_subject, draft_message FROM ' . DRAFTS_TABLE . " WHERE draft_id = $draft_id AND user_id = " . $user->data['user_id']; $result = $db->sql_query_limit($sql, 1); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row) { $post_data['post_subject'] = $row['draft_subject']; $message_parser->message = $row['draft_message']; $template->assign_var('S_DRAFT_LOADED', true); } else { $draft_id = 0; } } // Load draft overview if ($load && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_data['drafts']) { load_drafts($topic_id, $forum_id); } if ($submit || $preview || $refresh) { $post_data['topic_cur_post_id'] = request_var('topic_cur_post_id', 0); $post_data['post_subject'] = utf8_normalize_nfc(request_var('subject', '', true)); $message_parser->message = utf8_normalize_nfc(request_var('message', '', true)); $post_data['username'] = utf8_normalize_nfc(request_var('username', $post_data['username'], true)); $post_data['post_edit_reason'] = ($request->variable('edit_reason', false, false, phpbb_request_interface::POST) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? utf8_normalize_nfc(request_var('edit_reason', '', true)) : ''; $post_data['orig_topic_type'] = $post_data['topic_type']; $post_data['topic_type'] = request_var('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL)); $post_data['topic_time_limit'] = request_var('topic_time_limit', (($mode != 'post') ? (int) $post_data['topic_time_limit'] : 0)); if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id)) { $post_data['icon_id'] = request_var('icon', (int) $post_data['icon_id']); } $post_data['enable_bbcode'] = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true; $post_data['enable_smilies'] = (!$smilies_status || isset($_POST['disable_smilies'])) ? false : true; $post_data['enable_urls'] = (isset($_POST['disable_magic_url'])) ? 0 : 1; $post_data['enable_sig'] = (!$config['allow_sig'] || !$auth->acl_get('f_sigs', $forum_id) || !$auth->acl_get('u_sig')) ? false : ((isset($_POST['attach_sig']) && $user->data['is_registered']) ? true : false); if ($config['allow_topic_notify'] && $user->data['is_registered']) { $notify = (isset($_POST['notify'])) ? true : false; } else { $notify = false; } $topic_lock = (isset($_POST['lock_topic'])) ? true : false; $post_lock = (isset($_POST['lock_post'])) ? true : false; $poll_delete = (isset($_POST['poll_delete'])) ? true : false; if ($submit) { $status_switch = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1); $status_switch = ($status_switch != $check_value); } else { $status_switch = 1; } // Delete Poll if ($poll_delete && $mode == 'edit' && sizeof($post_data['poll_options']) && ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))) { if ($submit && check_form_key('posting')) { $sql = 'DELETE FROM ' . POLL_OPTIONS_TABLE . " WHERE topic_id = $topic_id"; $db->sql_query($sql); $sql = 'DELETE FROM ' . POLL_VOTES_TABLE . " WHERE topic_id = $topic_id"; $db->sql_query($sql); $topic_sql = array( 'poll_title' => '', 'poll_start' => 0, 'poll_length' => 0, 'poll_last_vote' => 0, 'poll_max_options' => 0, 'poll_vote_change' => 0 ); $sql = 'UPDATE ' . TOPICS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $topic_sql) . " WHERE topic_id = $topic_id"; $db->sql_query($sql); } $post_data['poll_title'] = $post_data['poll_option_text'] = ''; $post_data['poll_vote_change'] = $post_data['poll_max_options'] = $post_data['poll_length'] = 0; } else { $post_data['poll_title'] = utf8_normalize_nfc(request_var('poll_title', '', true)); $post_data['poll_length'] = request_var('poll_length', 0); $post_data['poll_option_text'] = utf8_normalize_nfc(request_var('poll_option_text', '', true)); $post_data['poll_max_options'] = request_var('poll_max_options', 1); $post_data['poll_vote_change'] = ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id) && isset($_POST['poll_vote_change'])) ? 1 : 0; } // If replying/quoting and last post id has changed // give user option to continue submit or return to post // notify and show user the post made between his request and the final submit if (($mode == 'reply' || $mode == 'quote') && $post_data['topic_cur_post_id'] && $post_data['topic_cur_post_id'] != $post_data['topic_last_post_id']) { // Only do so if it is allowed forum-wide if ($post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW) { if (topic_review($topic_id, $forum_id, 'post_review', $post_data['topic_cur_post_id'])) { $template->assign_var('S_POST_REVIEW', true); } $submit = false; $refresh = true; } } // Parse Attachments - before checksum is calculated $message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh); // Grab md5 'checksum' of new message $message_md5 = md5($message_parser->message); // If editing and checksum has changed we know the post was edited while we're editing // Notify and show user the changed post if ($mode == 'edit' && $post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW) { $edit_post_message_checksum = request_var('edit_post_message_checksum', ''); $edit_post_subject_checksum = request_var('edit_post_subject_checksum', ''); // $post_data['post_checksum'] is the checksum of the post submitted in the meantime // $message_md5 is the checksum of the post we're about to submit // $edit_post_message_checksum is the checksum of the post we're editing // ... // We make sure nobody else made exactly the same change // we're about to submit by also checking $message_md5 != $post_data['post_checksum'] if (($edit_post_message_checksum !== '' && $edit_post_message_checksum != $post_data['post_checksum'] && $message_md5 != $post_data['post_checksum']) || ($edit_post_subject_checksum !== '' && $edit_post_subject_checksum != $post_data['post_subject_md5'] && md5($post_data['post_subject']) != $post_data['post_subject_md5'])) { if (topic_review($topic_id, $forum_id, 'post_review_edit', $post_id)) { $template->assign_vars(array( 'S_POST_REVIEW' => true, 'L_POST_REVIEW' => $user->lang['POST_REVIEW_EDIT'], 'L_POST_REVIEW_EXPLAIN' => $user->lang['POST_REVIEW_EDIT_EXPLAIN'], )); } $submit = false; $refresh = true; } } // Check checksum ... don't re-parse message if the same $update_message = ($mode != 'edit' || $message_md5 != $post_data['post_checksum'] || $status_switch || strlen($post_data['bbcode_uid']) < BBCODE_UID_LEN) ? true : false; // Also check if subject got updated... $update_subject = $mode != 'edit' || ($post_data['post_subject_md5'] && $post_data['post_subject_md5'] != md5($post_data['post_subject'])); // Parse message if ($update_message) { if (sizeof($message_parser->warn_msg)) { $error[] = implode(' ', $message_parser->warn_msg); $message_parser->warn_msg = array(); } $message_parser->parse($post_data['enable_bbcode'], ($config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']); // On a refresh we do not care about message parsing errors if (sizeof($message_parser->warn_msg) && $refresh) { $message_parser->warn_msg = array(); } } else { $message_parser->bbcode_bitfield = $post_data['bbcode_bitfield']; } if ($mode != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$auth->acl_get('f_ignoreflood', $forum_id)) { // Flood check $last_post_time = 0; if ($user->data['is_registered']) { $last_post_time = $user->data['user_lastpost_time']; } else { $sql = 'SELECT post_time AS last_post_time FROM ' . POSTS_TABLE . " WHERE poster_ip = '" . $user->ip . "' AND post_time > " . ($current_time - $config['flood_interval']); $result = $db->sql_query_limit($sql, 1); if ($row = $db->sql_fetchrow($result)) { $last_post_time = $row['last_post_time']; } $db->sql_freeresult($result); } if ($last_post_time && ($current_time - $last_post_time) < intval($config['flood_interval'])) { $error[] = $user->lang['FLOOD_ERROR']; } } // Validate username if (($post_data['username'] && !$user->data['is_registered']) || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS && $post_data['username'] && $post_data['post_username'] && $post_data['post_username'] != $post_data['username'])) { include($phpbb_root_path . 'includes/functions_user.' . $phpEx); $user->add_lang('ucp'); if (($result = validate_username($post_data['username'], (!empty($post_data['post_username'])) ? $post_data['post_username'] : '')) !== false) { $error[] = $user->lang[$result . '_USERNAME']; } if (($result = validate_string($post_data['username'], false, $config['min_name_chars'], $config['max_name_chars'])) !== false) { $min_max_amount = ($result == 'TOO_SHORT') ? $config['min_name_chars'] : $config['max_name_chars']; $error[] = $user->lang('FIELD_' . $result, $min_max_amount, $user->lang['USERNAME']); } } if ($config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply'))) { $captcha_data = array( 'message' => utf8_normalize_nfc(request_var('message', '', true)), 'subject' => utf8_normalize_nfc(request_var('subject', '', true)), 'username' => utf8_normalize_nfc(request_var('username', '', true)), ); $vc_response = $captcha->validate($captcha_data); if ($vc_response) { $error[] = $vc_response; } } // check form if (($submit || $preview) && !check_form_key('posting')) { $error[] = $user->lang['FORM_INVALID']; } // Parse subject if (!$preview && !$refresh && utf8_clean_string($post_data['post_subject']) === '' && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id))) { $error[] = $user->lang['EMPTY_SUBJECT']; } $post_data['poll_last_vote'] = (isset($post_data['poll_last_vote'])) ? $post_data['poll_last_vote'] : 0; if ($post_data['poll_option_text'] && ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/)) && $auth->acl_get('f_poll', $forum_id)) { $poll = array( 'poll_title' => $post_data['poll_title'], 'poll_length' => $post_data['poll_length'], 'poll_max_options' => $post_data['poll_max_options'], 'poll_option_text' => $post_data['poll_option_text'], 'poll_start' => $post_data['poll_start'], 'poll_last_vote' => $post_data['poll_last_vote'], 'poll_vote_change' => $post_data['poll_vote_change'], 'enable_bbcode' => $post_data['enable_bbcode'], 'enable_urls' => $post_data['enable_urls'], 'enable_smilies' => $post_data['enable_smilies'], 'img_status' => $img_status ); $message_parser->parse_poll($poll); $post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : array(); $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : ''; /* We reset votes, therefore also allow removing options if ($post_data['poll_last_vote'] && ($poll['poll_options_size'] < $orig_poll_options_size)) { $message_parser->warn_msg[] = $user->lang['NO_DELETE_POLL_OPTIONS']; }*/ } else if ($mode == 'edit' && $post_id == $post_data['topic_first_post_id'] && $auth->acl_get('f_poll', $forum_id)) { // The user removed all poll options, this is equal to deleting the poll. $poll = array( 'poll_title' => '', 'poll_length' => 0, 'poll_max_options' => 0, 'poll_option_text' => '', 'poll_start' => 0, 'poll_last_vote' => 0, 'poll_vote_change' => 0, 'poll_options' => array(), ); $post_data['poll_options'] = array(); $post_data['poll_title'] = ''; $post_data['poll_start'] = $post_data['poll_length'] = $post_data['poll_max_options'] = $post_data['poll_last_vote'] = $post_data['poll_vote_change'] = 0; } else if (!$auth->acl_get('f_poll', $forum_id) && ($mode == 'edit') && ($post_id == $post_data['topic_first_post_id']) && ($original_poll_data['poll_title'] != '')) { // We have a poll but the editing user is not permitted to create/edit it. // So we just keep the original poll-data. $poll = array_merge($original_poll_data, array( 'enable_bbcode' => $post_data['enable_bbcode'], 'enable_urls' => $post_data['enable_urls'], 'enable_smilies' => $post_data['enable_smilies'], 'img_status' => $img_status, )); $message_parser->parse_poll($poll); $post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : array(); $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : ''; } else { $poll = array(); } // Check topic type if ($post_data['topic_type'] != POST_NORMAL && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id))) { switch ($post_data['topic_type']) { case POST_GLOBAL: case POST_ANNOUNCE: $auth_option = 'f_announce'; break; case POST_STICKY: $auth_option = 'f_sticky'; break; default: $auth_option = ''; break; } if (!$auth->acl_get($auth_option, $forum_id)) { // There is a special case where a user edits his post whereby the topic type got changed by an admin/mod. // Another case would be a mod not having sticky permissions for example but edit permissions. if ($mode == 'edit') { // To prevent non-authed users messing around with the topic type we reset it to the original one. $post_data['topic_type'] = $post_data['orig_topic_type']; } else { $error[] = $user->lang['CANNOT_POST_' . str_replace('F_', '', strtoupper($auth_option))]; } } } if (sizeof($message_parser->warn_msg)) { $error[] = implode(' ', $message_parser->warn_msg); } // DNSBL check if ($config['check_dnsbl'] && !$refresh) { if (($dnsbl = $user->check_dnsbl('post')) !== false) { $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]); } } // Store message, sync counters if (!sizeof($error) && $submit) { if ($submit) { // Lock/Unlock Topic $change_topic_status = $post_data['topic_status']; $perm_lock_unlock = ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED)) ? true : false; if ($post_data['topic_status'] == ITEM_LOCKED && !$topic_lock && $perm_lock_unlock) { $change_topic_status = ITEM_UNLOCKED; } else if ($post_data['topic_status'] == ITEM_UNLOCKED && $topic_lock && $perm_lock_unlock) { $change_topic_status = ITEM_LOCKED; } if ($change_topic_status != $post_data['topic_status']) { $sql = 'UPDATE ' . TOPICS_TABLE . " SET topic_status = $change_topic_status WHERE topic_id = $topic_id AND topic_moved_id = 0"; $db->sql_query($sql); $user_lock = ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && $user->data['user_id'] == $post_data['topic_poster']) ? 'USER_' : ''; add_log('mod', $forum_id, $topic_id, 'LOG_' . $user_lock . (($change_topic_status == ITEM_LOCKED) ? 'LOCK' : 'UNLOCK'), $post_data['topic_title']); } // Lock/Unlock Post Edit if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_LOCKED && !$post_lock && $auth->acl_get('m_edit', $forum_id)) { $post_data['post_edit_locked'] = ITEM_UNLOCKED; } else if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_UNLOCKED && $post_lock && $auth->acl_get('m_edit', $forum_id)) { $post_data['post_edit_locked'] = ITEM_LOCKED; } $data = array( 'topic_title' => (empty($post_data['topic_title'])) ? $post_data['post_subject'] : $post_data['topic_title'], 'topic_first_post_id' => (isset($post_data['topic_first_post_id'])) ? (int) $post_data['topic_first_post_id'] : 0, 'topic_last_post_id' => (isset($post_data['topic_last_post_id'])) ? (int) $post_data['topic_last_post_id'] : 0, 'topic_time_limit' => (int) $post_data['topic_time_limit'], 'topic_attachment' => (isset($post_data['topic_attachment'])) ? (int) $post_data['topic_attachment'] : 0, 'post_id' => (int) $post_id, 'topic_id' => (int) $topic_id, 'forum_id' => (int) $forum_id, 'icon_id' => (int) $post_data['icon_id'], 'poster_id' => (int) $post_data['poster_id'], 'enable_sig' => (bool) $post_data['enable_sig'], 'enable_bbcode' => (bool) $post_data['enable_bbcode'], 'enable_smilies' => (bool) $post_data['enable_smilies'], 'enable_urls' => (bool) $post_data['enable_urls'], 'enable_indexing' => (bool) $post_data['enable_indexing'], 'message_md5' => (string) $message_md5, 'post_time' => (isset($post_data['post_time'])) ? (int) $post_data['post_time'] : $current_time, 'post_checksum' => (isset($post_data['post_checksum'])) ? (string) $post_data['post_checksum'] : '', 'post_edit_reason' => $post_data['post_edit_reason'], 'post_edit_user' => ($mode == 'edit') ? $user->data['user_id'] : ((isset($post_data['post_edit_user'])) ? (int) $post_data['post_edit_user'] : 0), 'forum_parents' => $post_data['forum_parents'], 'forum_name' => $post_data['forum_name'], 'notify' => $notify, 'notify_set' => $post_data['notify_set'], 'poster_ip' => (isset($post_data['poster_ip'])) ? $post_data['poster_ip'] : $user->ip, 'post_edit_locked' => (int) $post_data['post_edit_locked'], 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data, 'topic_approved' => (isset($post_data['topic_approved'])) ? $post_data['topic_approved'] : false, 'post_approved' => (isset($post_data['post_approved'])) ? $post_data['post_approved'] : false, ); if ($mode == 'edit') { $data['topic_replies_real'] = $post_data['topic_replies_real']; $data['topic_replies'] = $post_data['topic_replies']; } // The last parameter tells submit_post if search indexer has to be run $redirect_url = submit_post($mode, $post_data['post_subject'], $post_data['username'], $post_data['topic_type'], $poll, $data, $update_message, ($update_message || $update_subject) ? true : false); if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === true) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote')) { $captcha->reset(); } // Check the permissions for post approval. // Moderators must go through post approval like ordinary users. if ((!$auth->acl_get('f_noapprove', $data['forum_id']) && empty($data['force_approved_state'])) || (isset($data['force_approved_state']) && !$data['force_approved_state'])) { meta_refresh(10, $redirect_url); $message = ($mode == 'edit') ? $user->lang['POST_EDITED_MOD'] : $user->lang['POST_STORED_MOD']; $message .= (($user->data['user_id'] == ANONYMOUS) ? '' : ' '. $user->lang['POST_APPROVAL_NOTIFY']); } else { meta_refresh(3, $redirect_url); $message = ($mode == 'edit') ? 'POST_EDITED' : 'POST_STORED'; $message = $user->lang[$message] . ' ' . sprintf($user->lang['VIEW_MESSAGE'], '<a href="' . $redirect_url . '">', '</a>'); } $message .= ' ' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $data['forum_id']) . '">', '</a>'); trigger_error($message); } } } // Preview if (!sizeof($error) && $preview) { $post_data['post_time'] = ($mode == 'edit') ? $post_data['post_time'] : $current_time;


context:
space:
mode: