diff options
| author | James Atkinson <thefinn@users.sourceforge.net> | 2001-05-27 03:11:27 +0000 |
|---|---|---|
| committer | James Atkinson <thefinn@users.sourceforge.net> | 2001-05-27 03:11:27 +0000 |
| commit | 9889b8ba53ca33e81b8731d52960bf5c5057be00 (patch) | |
| tree | 186b3b2f5b56bf476f954434491baf33ad0f2f6c /phpBB/posting.php | |
| parent | 1fc155f93d658c8d390a7edd8182262c10549d51 (diff) | |
| download | forums-9889b8ba53ca33e81b8731d52960bf5c5057be00.tar forums-9889b8ba53ca33e81b8731d52960bf5c5057be00.tar.gz forums-9889b8ba53ca33e81b8731d52960bf5c5057be00.tar.bz2 forums-9889b8ba53ca33e81b8731d52960bf5c5057be00.tar.xz forums-9889b8ba53ca33e81b8731d52960bf5c5057be00.zip | |
More work on posting. Editing now works. Also replies can have subjects.
git-svn-id: file:///svn/phpbb/trunk@336 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/posting.php')
| -rw-r--r-- | phpBB/posting.php | 139 |
1 files changed, 101 insertions, 38 deletions
diff --git a/phpBB/posting.php b/phpBB/posting.php index a74783ed08..129103e240 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -80,7 +80,6 @@ function prepare_message($message, $html_on, $bbocde_on, $smile_on, $bbcode_uid // End Posting specific functions. // - // // Put AUTH code here // @@ -88,11 +87,35 @@ function prepare_message($message, $html_on, $bbocde_on, $smile_on, $bbcode_uid $error = FALSE; // -// Prepare our message and subject on a 'submit' +// Prepare our message and subject on a 'submit' // if(isset($HTTP_POST_VARS['submit'])) { - $subject = trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['subject']))); + // + // Flood control + // + if($mode != 'editpost') + { + $enc_ip = encode_ip($user_ip); + $sql = "SELECT max(post_time) AS last_post_time FROM ".POSTS_TABLE." WHERE poster_ip = '$enc_ip'"; + if($result = $db->sql_query($sql)) + { + $db_row = $db->sql_fetchrowset($result); + $last_post_time = $db_row[0]['last_post_time']; + $current_time = get_gmt_ts(); + + if(($current_time - $last_post_time) < $board_config['flood_interval']) + { + $error = TRUE; + $error_msg = $l_flooderror; + } + } + } + // + // End: Flood control + // + + $subject = trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['subject']))); if($mode == 'newtopic' && empty($subject)) { $error = TRUE; @@ -102,7 +125,7 @@ if(isset($HTTP_POST_VARS['submit'])) } $error_msg .= $l_emptysubj; } - + if(!empty($HTTP_POST_VARS['message'])) { if(!$error) @@ -125,7 +148,7 @@ if(isset($HTTP_POST_VARS['submit'])) $uid = make_bbcode_uid(); $bbocde_on = TRUE; } - + if(isset($HTTP_POST_VARS['disable_smile'])) { $smile_on = FALSE; @@ -136,7 +159,7 @@ if(isset($HTTP_POST_VARS['submit'])) } $message = prepare_message($HTTP_POST_VARS['message'], $html_on, $bbocde_on, $smile_on, $uid); - + if(isset($HTTP_POST_VARS['attach_sig']) && !empty($userdata['user_sig'])) { $message .= "[addsig]"; @@ -164,7 +187,7 @@ switch($mode) case 'newtopic': $page_title = " $l_postnew"; $section_title = $l_postnewin; - + if(isset($HTTP_POST_VARS['submit']) && !$error) { $topic_time = get_gmt_ts(); @@ -181,7 +204,7 @@ switch($mode) if($db->sql_query($sql)) { $new_post_id = $db->sql_nextid(); - $sql = "INSERT INTO ".POSTS_TEXT_TABLE." VALUES ($new_post_id, '".$message."')"; + $sql = "INSERT INTO ".POSTS_TEXT_TABLE." (post_id, post_subject, post_text) VALUES ($new_post_id, '".$subject."', '".$message."')"; if($db->sql_query($sql)) { $sql = "UPDATE ".TOPICS_TABLE." SET topic_last_post_id = $new_post_id WHERE topic_id = $new_topic_id"; @@ -278,7 +301,7 @@ switch($mode) case 'reply': $page_title = " $l_reply"; $section_title = $l_postreplyto; - + if(isset($HTTP_POST_VARS['submit']) && !$error) { $new_topic_id = $HTTP_POST_VARS[POST_TOPIC_URL]; @@ -290,7 +313,7 @@ switch($mode) if($db->sql_query($sql)) { $new_post_id = $db->sql_nextid(); - $sql = "INSERT INTO ".POSTS_TEXT_TABLE." VALUES ($new_post_id, '".$message."')"; + $sql = "INSERT INTO ".POSTS_TEXT_TABLE." (post_id, post_subject, post_text) VALUES ($new_post_id, '".$subject."', '".$message."')"; if($db->sql_query($sql)) { $sql = "UPDATE ".TOPICS_TABLE." SET topic_last_post_id = $new_post_id, topic_replies = topic_replies + 1 WHERE topic_id = $new_topic_id"; @@ -301,7 +324,7 @@ switch($mode) { if($userdata['user_id'] != ANONYMOUS) { - + $sql = "UPDATE ".USERS_TABLE." SET user_posts = user_posts + 1 WHERE user_id = ".$userdata['user_id']; $db->sql_query($sql); } @@ -372,14 +395,51 @@ switch($mode) { if(isset($HTTP_POST_VARS['delete_post'])) { - - + + } else { - - - + $post_id = $HTTP_POST_VARS[POST_POST_URL]; + $new_topic_id = $HTTP_POST_VARS[POST_TOPIC_URL]; + + $sql = "UPDATE ".POSTS_TEXT_TABLE." SET post_text = '$message', post_subject = '$subject' WHERE post_id = ".$HTTP_POST_VARS[POST_POST_URL]; + if($db->sql_query($sql)) + { + if($is_first_post) + { + // Update topics table here, set notification level and such + } + else + { + include('includes/page_header.'.$phpEx); + // If we get here the post has been inserted successfully. + $msg = "$l_stored<br />$l_click <a href=\"".append_sid("viewtopic.$phpEx?".POST_TOPIC_URL."=$new_topic_id#$post_id")."\">$l_here</a> + $l_viewmsg<br />$l_click <a href=\"".append_sid("viewforum.$phpEx?".POST_FORUM_URL."=$forum_id")."\">$l_here</a> $l_returntopic"; + + $template->set_filenames(array( + "reg_header" => "error_body.tpl" + )); + $template->assign_vars(array( + "ERROR_MESSAGE" => $msg + )); + $template->pparse("reg_header"); + + include('includes/page_tail.'.$phpEx); + } + } + else + { + if(DEBUG) + { + $error = $db->sql_error(); + error_die(QUERY_ERROR, "Error updateing posts text table.<br>Reason: ".$error['message']."<br>Query: $sql", __LINE__, __FILE__); + } + else + { + error_die(QUERY_ERROR); + } + } } } else @@ -388,37 +448,42 @@ switch($mode) if(!empty($post_id)) { - $sql = "SELECT p.*, pt.post_text, u.username, u.user_id, u.user_sig, t.topic_title, t.topic_notify - FROM ".POSTS_TABLE." p, ".USERS_TABLE." u, ".TOPICS_TABLE." t, ".POSTS_TEXT_TABLE." pt - WHERE (p.post_id = '$post_id') + $sql = "SELECT p.*, pt.post_text, pt.post_subject, u.username, u.user_id, u.user_sig, t.topic_title, t.topic_notify + FROM ".POSTS_TABLE." p, ".USERS_TABLE." u, ".TOPICS_TABLE." t, ".POSTS_TEXT_TABLE." pt + WHERE (p.post_id = '$post_id') AND pt.post_id = p.post_id - AND (p.topic_id = t.topic_id) + AND (p.topic_id = t.topic_id) AND (p.poster_id = u.user_id)"; - + if($result = $db->sql_query($sql)) { $postrow = $db->sql_fetchrowset($result); + $subject = stripslashes($postrow[0]['post_subject']); $message = stripslashes($postrow[0]['post_text']); - $message = eregi_replace("\[addsig]$", "\n_________________\n" . stripslashes($postrow[0]['user_sig']), $message); + if(eregi("\[addsig]$", $message)) + { + $attach_sig = TRUE; + } + $message = eregi_replace("\[addsig]$", "", $message); $message = str_replace("<br />", "\n", $message); - + // These have not been implemented yet! /* $message = bbdecode($message); $message = desmile($message); */ - + $message = undo_htmlspecialchars($message); - + // Special handling for </textarea> tags in the message, which can break the editing form.. $message = preg_replace('#</textarea>#si', '</TEXTAREA>', $message); - + // is_first_post needs functionality! if($postrow[0]['topic_notify'] && $is_first_post) { $notify = TRUE; } - + if($is_first_post) { $subject = stripslashes($postrow[0]['topic_title']); @@ -476,7 +541,7 @@ if($error) error_die(GENERAL_ERROR, "Sorry, no there is no such forum"); } - + $sql = "SELECT forum_name, forum_access FROM ".FORUMS_TABLE." WHERE forum_id = $forum_id"; @@ -511,7 +576,7 @@ if($error) "SELECT_NAME" => POST_FORUM_URL) ); $template->assign_var_from_handle("JUMPBOX", "jumpbox"); - + $template->assign_vars(array( "L_POSTNEWIN" => $section_title, @@ -574,16 +639,13 @@ if($error) } $smile_toggle .= "> $l_disable $l_smilies $l_onthispost"; - if($mode != 'editpost') + $sig_toggle = '<input type="checkbox" name="attach_sig" '; + if($attach_sig || $userdata['user_attachsig'] == 1) { - $sig_toggle = '<input type="checkbox" name="attach_sig" '; - if($attach_sig || $userdata['user_attachsig'] == 1) - { - $sig_toggle .= "checked"; - } - $sig_toggle .= "> $l_attachsig"; + $sig_toggle .= "checked"; } - + $sig_toggle .= "> $l_attachsig"; + if($mode == 'newtopic' || ($mode == 'editpost' && $notify)) { $notify_toggle = '<input type="checkbox" name="notify" '; @@ -597,8 +659,9 @@ if($error) if($mode == 'reply' || $mode == 'editpost') { $topic_id = ($HTTP_GET_VARS[POST_TOPIC_URL]) ? $HTTP_GET_VARS[POST_TOPIC_URL] : $HTTP_POST_VARS[POST_TOPIC_URL]; + $post_id = ($HTTP_GET_VARS[POST_POST_URL]) ? $HTTP_GET_VARS[POST_POST_URL] : $HTTP_POST_VARS[POST_POST_URL]; } - $hidden_form_fields = "<input type=\"hidden\" name=\"mode\" value=\"$mode\"><input type=\"hidden\" name=\"".POST_FORUM_URL."\" value=\"$forum_id\"><input type=\"hidden\" name=\"".POST_TOPIC_URL."\" value=\"$topic_id\">"; + $hidden_form_fields = "<input type=\"hidden\" name=\"mode\" value=\"$mode\"><input type=\"hidden\" name=\"".POST_FORUM_URL."\" value=\"$forum_id\"><input type=\"hidden\" name=\"".POST_TOPIC_URL."\" value=\"$topic_id\"><input type=\"hidden\" name=\"".POST_POST_URL."\" value=\"$post_id\">"; $template->assign_vars(array( "L_ABOUT_POST" => $l_aboutpost, |