diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2014-05-11 22:36:45 +0200 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2014-05-11 22:36:45 +0200 |
| commit | 92e25398c72fe5b1766a6ad4e411aacc72bd177c (patch) | |
| tree | 9f305a8231bf795a450d737cabf73c2ee6969e56 /phpBB | |
| parent | 34e93b0e1511611c7103b98e2dec8e630317748b (diff) | |
| parent | b430979f604c89bd4ee8e48c6a637ed52dcc5609 (diff) | |
| download | forums-92e25398c72fe5b1766a6ad4e411aacc72bd177c.tar forums-92e25398c72fe5b1766a6ad4e411aacc72bd177c.tar.gz forums-92e25398c72fe5b1766a6ad4e411aacc72bd177c.tar.bz2 forums-92e25398c72fe5b1766a6ad4e411aacc72bd177c.tar.xz forums-92e25398c72fe5b1766a6ad4e411aacc72bd177c.zip | |
Merge remote-tracking branch 'nickvergessen/ticket/12518' into develop-ascraeus
* nickvergessen/ticket/12518:
[ticket/12518] Add event to overwrite the cannot edit condition in posting.php
[ticket/12518] Add event to overwrite the allow edit and delete conditions
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/posting.php | 49 | ||||
| -rw-r--r-- | phpBB/viewtopic.php | 70 |
2 files changed, 93 insertions, 26 deletions
diff --git a/phpBB/posting.php b/phpBB/posting.php index d48157dcd6..6e1bde42f8 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -381,19 +381,46 @@ if (($post_data['forum_status'] == ITEM_LOCKED || (isset($post_data['topic_statu // else it depends on editing times, lock status and if we're the correct user if ($mode == 'edit' && !$auth->acl_get('m_edit', $forum_id)) { - if ($user->data['user_id'] != $post_data['poster_id']) - { - trigger_error('USER_CANNOT_EDIT'); - } - - if (!($post_data['post_time'] > time() - ($config['edit_time'] * 60) || !$config['edit_time'])) - { - trigger_error('CANNOT_EDIT_TIME'); - } + $force_edit_allowed = false; + + $s_cannot_edit = $user->data['user_id'] != $post_data['poster_id']; + $s_cannot_edit_time = !($post_data['post_time'] > time() - ($config['edit_time'] * 60) || !$config['edit_time']); + $s_cannot_edit_locked = $post_data['post_edit_locked']; + + /** + * This event allows you to modify the conditions for the "cannot edit post" checks + * + * @event core.posting_modify_cannot_edit_conditions + * @var array post_data Array with post data + * @var bool force_edit_allowed Allow the user to edit the post (all permissions and conditions are ignored) + * @var bool s_cannot_edit User can not edit the post because it's not his + * @var bool s_cannot_edit_locked User can not edit the post because it's locked + * @var bool s_cannot_edit_time User can not edit the post because edit_time has passed + * @since 3.1.0-b4 + */ + $vars = array( + 'post_data', + 'force_edit_allowed', + 's_cannot_edit', + 's_cannot_edit_locked', + 's_cannot_edit_time', + ); + extract($phpbb_dispatcher->trigger_event('core.posting_modify_cannot_edit_conditions', compact($vars))); - if ($post_data['post_edit_locked']) + if (!$force_edit_allowed) { - trigger_error('CANNOT_EDIT_POST_LOCKED'); + if ($s_cannot_edit) + { + trigger_error('USER_CANNOT_EDIT'); + } + else if ($s_cannot_edit_time) + { + trigger_error('CANNOT_EDIT_TIME'); + } + else if ($s_cannot_edit_locked) + { + trigger_error('CANNOT_EDIT_POST_LOCKED'); + } } } diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index a0cd590e58..56e4479973 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -1582,27 +1582,67 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i) $s_first_unread = $first_unread = true; } - $edit_allowed = ($user->data['is_registered'] && ($auth->acl_get('m_edit', $forum_id) || ( - $user->data['user_id'] == $poster_id && - $auth->acl_get('f_edit', $forum_id) && - $topic_data['topic_status'] != ITEM_LOCKED && - !$row['post_edit_locked'] && - ($row['post_time'] > time() - ($config['edit_time'] * 60) || !$config['edit_time']) + $force_edit_allowed = $force_delete_allowed = false; + + $s_cannot_edit = !$auth->acl_get('f_edit', $forum_id) || $user->data['user_id'] != $poster_id; + $s_cannot_edit_time = !($row['post_time'] > time() - ($config['edit_time'] * 60) || !$config['edit_time']); + $s_cannot_edit_locked = $topic_data['topic_status'] == ITEM_LOCKED || $row['post_edit_locked']; + + $s_cannot_delete = $user->data['user_id'] != $poster_id || ( + !$auth->acl_get('f_delete', $forum_id) && + (!$auth->acl_get('f_softdelete', $forum_id) || $row['post_visibility'] == ITEM_DELETED) + ); + $s_cannot_delete_lastpost = $topic_data['topic_last_post_id'] != $row['post_id']; + $s_cannot_delete_time = !($row['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time']); + // we do not want to allow removal of the last post if a moderator locked it! + $s_cannot_delete_locked = $topic_data['topic_status'] == ITEM_LOCKED || $row['post_edit_locked']; + + /** + * This event allows you to modify the conditions for the "can edit post" and "can delete post" checks + * + * @event core.viewtopic_modify_post_action_conditions + * @var array row Array with post data + * @var array topic_data Array with topic data + * @var bool force_edit_allowed Allow the user to edit the post (all permissions and conditions are ignored) + * @var bool s_cannot_edit User can not edit the post because it's not his + * @var bool s_cannot_edit_locked User can not edit the post because it's locked + * @var bool s_cannot_edit_time User can not edit the post because edit_time has passed + * @var bool force_delete_allowed Allow the user to delete the post (all permissions and conditions are ignored) + * @var bool s_cannot_delete User can not delete the post because it's not his + * @var bool s_cannot_delete_lastpost User can not delete the post because it's not the last post of the topic + * @var bool s_cannot_delete_locked User can not delete the post because it's locked + * @var bool s_cannot_delete_time User can not delete the post because edit_time has passed + * @since 3.1.0-b4 + */ + $vars = array( + 'row', + 'topic_data', + 'force_edit_allowed', + 's_cannot_edit', + 's_cannot_edit_locked', + 's_cannot_edit_time', + 'force_delete_allowed', + 's_cannot_delete', + 's_cannot_delete_lastpost', + 's_cannot_delete_locked', + 's_cannot_delete_time', + ); + extract($phpbb_dispatcher->trigger_event('core.viewtopic_modify_post_action_conditions', compact($vars))); + + $edit_allowed = $force_edit_allowed || ($user->data['is_registered'] && ($auth->acl_get('m_edit', $forum_id) || ( + !$s_cannot_edit && + !$s_cannot_edit_time && + !$s_cannot_edit_locked ))); $quote_allowed = $auth->acl_get('m_edit', $forum_id) || ($topic_data['topic_status'] != ITEM_LOCKED && ($user->data['user_id'] == ANONYMOUS || $auth->acl_get('f_reply', $forum_id)) ); - $delete_allowed = ($user->data['is_registered'] && (($auth->acl_get('m_delete', $forum_id) || ($auth->acl_get('m_softdelete', $forum_id) && $row['post_visibility'] != ITEM_DELETED)) || ( - $user->data['user_id'] == $poster_id && - ($auth->acl_get('f_delete', $forum_id) || ($auth->acl_get('f_softdelete', $forum_id) && $row['post_visibility'] != ITEM_DELETED)) && - $topic_data['topic_status'] != ITEM_LOCKED && - $topic_data['topic_last_post_id'] == $row['post_id'] && - ($row['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time']) && - // we do not want to allow removal of the last post if a moderator locked it! - !$row['post_edit_locked'] - ))); + $delete_allowed = $force_delete_allowed || ($user->data['is_registered'] && ( + ($auth->acl_get('m_delete', $forum_id) || ($auth->acl_get('m_softdelete', $forum_id) && $row['post_visibility'] != ITEM_DELETED)) || + (!$s_cannot_delete && !$s_cannot_delete_lastpost && !$s_cannot_delete_time && !$s_cannot_delete_locked) + )); // Can this user receive a Private Message? $can_receive_pm = ( |