diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2003-09-04 18:30:20 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2003-09-04 18:30:20 +0000 |
| commit | fec9073f3a21818fa3bcfe89f0a73e861a3ad229 (patch) | |
| tree | 3d3191047cb59534c515551cac418c7d62c6955a /phpBB | |
| parent | 52e42838d9925ab063571f927df3aa59ed296710 (diff) | |
| download | forums-fec9073f3a21818fa3bcfe89f0a73e861a3ad229.tar forums-fec9073f3a21818fa3bcfe89f0a73e861a3ad229.tar.gz forums-fec9073f3a21818fa3bcfe89f0a73e861a3ad229.tar.bz2 forums-fec9073f3a21818fa3bcfe89f0a73e861a3ad229.tar.xz forums-fec9073f3a21818fa3bcfe89f0a73e861a3ad229.zip | |
initial draft functionality, loading (and a bunch of other stuff) is not implemented yet + bugfixes.
git-svn-id: file:///svn/phpbb/trunk@4467 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/common.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/functions_display.php | 3 | ||||
| -rw-r--r-- | phpBB/includes/message_parser.php | 4 | ||||
| -rw-r--r-- | phpBB/includes/ucp/ucp_main.php | 186 | ||||
| -rw-r--r-- | phpBB/install/schemas/mysql_schema.sql | 13 | ||||
| -rw-r--r-- | phpBB/install/schemas/schema_data.sql | 1 | ||||
| -rw-r--r-- | phpBB/language/en/lang_admin.php | 1 | ||||
| -rw-r--r-- | phpBB/language/en/lang_main.php | 20 | ||||
| -rw-r--r-- | phpBB/posting.php | 114 | ||||
| -rw-r--r-- | phpBB/styles/subSilver/template/posting_body.html | 26 | ||||
| -rw-r--r-- | phpBB/styles/subSilver/template/ucp_main.html | 103 |
11 files changed, 414 insertions, 59 deletions
diff --git a/phpBB/common.php b/phpBB/common.php index 0e65c330ce..2e24daf45c 100644 --- a/phpBB/common.php +++ b/phpBB/common.php @@ -157,6 +157,7 @@ define('CACHE_TABLE', $table_prefix.'cache'); define('CONFIG_TABLE', $table_prefix.'config'); define('CONFIRM_TABLE', $table_prefix.'confirm'); define('DISALLOW_TABLE', $table_prefix.'disallow'); // +define('DRAFTS_TABLE', $table_prefix.'drafts'); define('EXTENSIONS_TABLE', $table_prefix.'extensions'); define('EXTENSION_GROUPS_TABLE', $table_prefix.'extension_groups'); define('FORUMS_TABLE', $table_prefix.'forums'); @@ -169,7 +170,6 @@ define('LANG_TABLE', $table_prefix.'lang'); define('LOG_TABLE', $table_prefix.'log'); define('MODERATOR_TABLE', $table_prefix.'moderator_cache'); define('POSTS_TABLE', $table_prefix.'posts'); -define('POSTS_TEXT_TABLE', $table_prefix.'posts_text'); define('PRIVMSGS_TABLE', $table_prefix.'privmsgs'); define('PRIVMSGS_TEXT_TABLE', $table_prefix.'privmsgs_text'); define('RANKS_TABLE', $table_prefix.'ranks'); diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index cc3010f03d..9c6d0fd844 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -323,8 +323,7 @@ function display_attachments($attachment_data, &$update_count, $force_physical = $filesize = ($filesize >= 1048576) ? round((round($filesize / 1048576 * 100) / 100), 2) : (($filesize >= 1024) ? round((round($filesize / 1024 * 100) / 100), 2) : $filesize); $display_name = $attachment['real_filename']; - $comment = stripslashes(trim(str_replace("\n", '<br />', $attachment['comment']))); - $comment = htmlspecialchars(str_replace("\\'", "'", $comment)); + $comment = str_replace("\n", '<br />', $attachment['comment']); $denied = FALSE; diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index bedb0d5371..98c61da6ba 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -673,7 +673,7 @@ class parse_message $error = array(); $num_attachments = count($this->attachment_data); - $this->filename_data['filecomment'] = (isset($_POST['filecomment'])) ? trim(strip_tags($_POST['filecomment'])) : ''; + $this->filename_data['filecomment'] = (isset($_POST['filecomment'])) ? trim(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), htmlspecialchars($_POST['filecomment']))) : ''; $this->filename_data['filename'] = ($_FILES['fileupload']['name'] != 'none') ? trim($_FILES['fileupload']['name']) : ''; $add_file = (isset($_POST['add_file'])) ? TRUE : FALSE; @@ -757,7 +757,7 @@ class parse_message foreach ($actual_comment_list as $index => $entry) { - $this->attachment_data[$index]['comment'] = $entry; + $this->attachment_data[$index]['comment'] = trim(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), htmlspecialchars($entry))); } } diff --git a/phpBB/includes/ucp/ucp_main.php b/phpBB/includes/ucp/ucp_main.php index 13921c776d..30dd590f9f 100644 --- a/phpBB/includes/ucp/ucp_main.php +++ b/phpBB/includes/ucp/ucp_main.php @@ -1,23 +1,15 @@ <?php -/*************************************************************************** - * ucp_main.php - * ------------------- - * begin : Saturday, Feb 21, 2003 - * copyright : (C) 2001 The phpBB Group - * email : support@phpbb.com - * - * $Id$ - * - ***************************************************************************/ - -/*************************************************************************** - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - ***************************************************************************/ +// ------------------------------------------------------------- +// +// $Id$ +// +// FILENAME : ucp_main.php +// STARTED : Sat Feb 21, 2003 +// COPYRIGHT : © 2003 phpBB Group +// WWW : http://www.phpbb.com/ +// LICENCE : GPL vs2.0 [ see /docs/COPYING ] +// +// ------------------------------------------------------------- class ucp_main extends ucp { @@ -30,6 +22,7 @@ class ucp_main extends ucp // Setup internal subsection display $submodules['FRONT'] = "i=$id&mode=front"; $submodules['WATCHED'] = "i=$id&mode=watched"; + $submodules['DRAFTS'] = "i=$id&mode=drafts"; $this->menu($id, $submodules, $submode); unset($submodules); @@ -526,13 +519,166 @@ class ucp_main extends ucp $db->sql_freeresult($result); break; + + case 'drafts': + + $edit = (isset($_REQUEST['edit'])) ? true : false; + $submit = (isset($_POST['submit'])) ? true : false; + $draft_id = ($edit) ? intval($_REQUEST['edit']) : 0; + + $s_hidden_fields = ($edit) ? '<input type="hidden" name="edit" value="' . $draft_id . '" />' : ''; + $draft_title = $post_subject = $post_message = ''; + + if ($_POST['delete']) + { + $drafts = (isset($_POST['d'])) ? implode(', ', array_map('intval', array_keys($_POST['d']))) : false; + + if ($drafts) + { + $sql = 'DELETE FROM ' . DRAFTS_TABLE . " + WHERE draft_id IN ($drafts) + AND user_id = " .$user->data['user_id']; + $db->sql_query($sql); + + $message = $user->lang['DRAFTS_DELETED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], "<a href=\"ucp.$phpEx$SID&i=$id&mode=$submode\">", '</a>'); + + meta_refresh(3, "ucp.$phpEx$SID&i=$id&mode=$submode"); + trigger_error($message); + } + } + + if ($submit && $edit) + { + $draft_title = (isset($_POST['draft_title'])) ? trim(htmlspecialchars($_POST['draft_title'])) : ''; + $post_subject = (isset($_POST['subject'])) ? trim(htmlspecialchars($_POST['subject'])) : ''; + $post_message = (isset($_POST['message'])) ? trim(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), htmlspecialchars($_POST['message']))) : ''; + + if ($post_message != '' && $draft_title != '') + { + $draft_row = array( + 'title' => $draft_title, + 'post_subject' => $post_subject, + 'post_message' => $post_message + ); + + $sql = 'UPDATE ' . DRAFTS_TABLE . ' + SET ' . $db->sql_build_array('UPDATE', $draft_row) . " + WHERE draft_id = $draft_id + AND user_id = " . $user->data['user_id']; + $db->sql_query($sql); + + $message = $user->lang['DRAFT_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], "<a href=\"ucp.$phpEx$SID&i=$id&mode=$submode\">", '</a>'); + + meta_refresh(3, "ucp.$phpEx$SID&i=$id&mode=$submode"); + trigger_error($message); + } + else + { + $template->assign_var('ERROR', ($post_message == '') ? $user->lang['EMPTY_DRAFT'] : (($draft_title == '') ? $user->lang['EMPTY_DRAFT_TITLE'] : '')); + } + } + + $sql = 'SELECT * + FROM ' . DRAFTS_TABLE . ' + WHERE user_id = ' . $user->data['user_id'] . ' ' . + (($edit) ? "AND draft_id = $draft_id" : '') . ' + ORDER BY save_time DESC'; + $result = $db->sql_query($sql); + + $draftrows = $topic_ids = $topic_rows = array(); + + while ($row = $db->sql_fetchrow($result)) + { + if ($row['topic_id']) + { + $topic_ids[] = (int) $row['topic_id']; + } + $draftrows[] = $row; + } + $db->sql_freeresult($result); + + if (sizeof($topic_ids)) + { + $sql = 'SELECT topic_id, forum_id, topic_title + FROM ' . TOPICS_TABLE . ' + WHERE topic_id IN (' . implode(',', array_unique($topic_ids)) . ')'; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $topic_rows[$row['topic_id']] = $row; + } + $db->sql_freeresult($result); + } + unset($topic_ids); + + if (sizeof($draftrows)) + { + $template->assign_vars(array( + 'S_DRAFT_ROWS' => true, + 'S_EDIT_DRAFT' => $edit) + ); + + $row_count = 0; + foreach ($draftrows as $draft) + { + $title = $draft['title']; + if (strlen($title) > 30) + { + $title = substr($title, 0, 27) . '...'; + } + + if (isset($topic_rows[$draft['topic_id']])) + { + $view_topic_url = ($auth->acl_get('f_read', $topic_rows[$draft['topic_id']]['forum_id'])) ? "viewtopic.$phpEx$SID&f=" . $topic_rows[$draft['topic_id']]['forum_id'] . "&t=" . $draft['topic_id'] : ''; + } + else + { + $view_topic_url = ''; + } + $topic_title = ($view_topic_url != '') ? $topic_rows[$draft['topic_id']]['topic_title'] : ''; + + if (strlen($topic_title) > 30) + { + $topic_title = substr($topic_title, 0, 27) . '...'; + } + + $template_row = array( + 'DRAFT_ID' => $draft['draft_id'], + 'DATE' => $user->format_date($draft['save_time']), + 'TITLE' => $title, + 'TOPIC_TITLE' => ($view_topic_url != '') ? $topic_title : '', + + 'DRAFT_TITLE' => ($submit) ? $draft_title : $draft['title'], + 'POST_MESSAGE' => ($submit) ? $post_message : $draft['post_message'], + 'POST_SUBJECT' => ($submit) ? $post_subject : $draft['post_subject'], + + 'U_VIEW_TOPIC' => $view_topic_url, + 'U_VIEW_EDIT' => "ucp.$phpEx$SID&i=$id&mode=$submode&edit=" . $draft['draft_id'], + + 'S_ROW_COUNT' => $row_count++, + 'S_HIDDEN_FIELDS' => $s_hidden_fields + ); + + if ($edit) + { + $template->assign_vars($template_row); + } + else + { + $template->assign_block_vars('draftrow', $template_row); + } + } + } + + break; } $template->assign_vars(array( 'L_TITLE' => $user->lang['UCP_' . strtoupper($submode)], - 'S_DISPLAY_MARK_ALL' => ($submode == 'watched') ? true : false, + 'S_DISPLAY_MARK_ALL' => ($submode == 'watched' || ($submode == 'drafts' && !isset($_GET['edit']))) ? true : false, 'S_DISPLAY_' . strtoupper($submode) => true, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => "ucp.$phpEx$SID&i=$id&mode=$submode") diff --git a/phpBB/install/schemas/mysql_schema.sql b/phpBB/install/schemas/mysql_schema.sql index fd5d08eef1..b7fabcaf5b 100644 --- a/phpBB/install/schemas/mysql_schema.sql +++ b/phpBB/install/schemas/mysql_schema.sql @@ -133,6 +133,19 @@ CREATE TABLE phpbb_disallow ( PRIMARY KEY (disallow_id) ); +# Table: 'phpbb_drafts' +CREATE TABLE phpbb_drafts ( + draft_id mediumint(8) UNSIGNED NOT NULL auto_increment, + user_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, + topic_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, + save_time int(11) UNSIGNED DEFAULT '0' NOT NULL, + title varchar(60) DEFAULT '' NOT NULL, + post_subject varchar(60), + post_message text DEFAULT '' NOT NULL, + PRIMARY KEY (draft_id), + KEY user_id (user_id,save_time) +); + # Table: 'phpbb_extensions' CREATE TABLE phpbb_extensions ( extension_id mediumint(8) UNSIGNED NOT NULL auto_increment, diff --git a/phpBB/install/schemas/schema_data.sql b/phpBB/install/schemas/schema_data.sql index a122c844f9..f2debab77c 100644 --- a/phpBB/install/schemas/schema_data.sql +++ b/phpBB/install/schemas/schema_data.sql @@ -235,6 +235,7 @@ INSERT INTO phpbb_auth_options (auth_option, is_global) VALUES ('u_chgname', 1); INSERT INTO phpbb_auth_options (auth_option, is_global) VALUES ('u_chgpasswd', 1); INSERT INTO phpbb_auth_options (auth_option, is_global) VALUES ('u_chgcensors', 1); INSERT INTO phpbb_auth_options (auth_option, is_global) VALUES ('u_search', 1); +INSERT INTO phpbb_auth_options (auth_option, is_global) VALUES ('u_savedrafts', 1); # MSSQL IDENTITY phpbb_styles ON # diff --git a/phpBB/language/en/lang_admin.php b/phpBB/language/en/lang_admin.php index c5dc852f0a..032b15498b 100644 --- a/phpBB/language/en/lang_admin.php +++ b/phpBB/language/en/lang_admin.php @@ -445,6 +445,7 @@ $lang += array( 'acl_u_chgpasswd' => 'Can change password', 'acl_u_chgcensors' => 'Can disable word censors', 'acl_u_search' => 'Can search board', + 'acl_u_savedrafts' => 'Can save drafts' ); // User pruning diff --git a/phpBB/language/en/lang_main.php b/phpBB/language/en/lang_main.php index c6a3037865..84a448b3da 100644 --- a/phpBB/language/en/lang_main.php +++ b/phpBB/language/en/lang_main.php @@ -628,7 +628,14 @@ $lang += array( 'FLASH_IS_OFF' => '[flash] is <u>ON</u>', 'ATTACH_SIG' => 'Attach a signature (signatures can be altered via the UCP)', 'NOTIFY_REPLY' => 'Send me an email when a reply is posted', + 'SAVE' => 'Save', + 'LOAD' => 'Load', + 'DRAFT_SAVED' => 'Post contents successfully saved as draft.<br />You are able to load this draft to posts you make, or view and edit them within your User Control Panel.', + 'ENTER_DRAFT_TITLE' => 'Enter draft title', + 'DRAFT_TITLE_EXPLAIN' => 'Now you are able to change the draft title directly. At the moment the draft title is similar to the post subject.', + + 'UPDATE' => 'Update', 'POST_STORED' => 'Your message has been posted successfully', 'POST_STORED_MOD' => 'Your message has been saved but requires approval', @@ -698,6 +705,19 @@ $lang += array( 'UNWATCHED_TOPICS' => 'You are no longer watching the selected topics.', 'UNWATCHED_FORUMS_TOPICS'=> 'You are no longer watching the selected forums or topics.', + 'UCP_DRAFTS' => 'Saved drafts', + 'DRAFTS_EXPLAIN' => 'Here you can view, edit and delete your saved drafts.', + 'VIEW_EDIT' => 'View/Edit', + 'DRAFT_TITLE' => 'Draft Title', + 'SAVE_DATE' => 'Saved at', + 'NEW_OR_DELETED_TOPIC' => 'New topic or deleted', + 'EDIT_DRAFT_EXPLAIN' => 'Here you are able to edit your draft.', + 'DRAFTS_DELETED' => 'All selected drafts were successfully deleted.', + 'DRAFT_UPDATED' => 'Draft successfully updated.', + 'EMPTY_DRAFT_TITLE' => 'You must enter a draft title', + 'EMPTY_DRAFT' => 'You must enter a message to submit your changes', + 'BACK_TO_DRAFTS' => 'Back to saved drafts', + 'UCP_PROFILE' => 'Profile', diff --git a/phpBB/posting.php b/phpBB/posting.php index e89fcb9389..8fda76640b 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -32,14 +32,14 @@ $topic_id = (!empty($_REQUEST['t'])) ? intval($_REQUEST['t']) : false; $forum_id = (!empty($_REQUEST['f'])) ? intval($_REQUEST['f']) : false; $lastclick = (isset($_POST['lastclick'])) ? intval($_POST['lastclick']) : 0; -$submit = (isset($_POST['post'])) ? true : false; -$preview = (isset($_POST['preview'])) ? true : false; -$save = (isset($_POST['save'])) ? true : false; -$cancel = (isset($_POST['cancel'])) ? true : false; -$confirm = (isset($_POST['confirm'])) ? true : false; -$delete = (isset($_POST['delete'])) ? true : false; +$submit = (isset($_POST['post'])) ? TRUE : FALSE; +$preview = (isset($_POST['preview'])) ? TRUE : FALSE; +$save = (isset($_POST['save'])) ? TRUE : FALSE; +$cancel = (isset($_POST['cancel'])) ? TRUE : FALSE; +$confirm = (isset($_POST['confirm'])) ? TRUE : FALSE; +$delete = (isset($_POST['delete'])) ? TRUE : FALSE; -$refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['edit_comment']) || isset($_POST['cancel_unglobalise']); +$refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['edit_comment']) || isset($_POST['cancel_unglobalise']) || isset($_POST['draft_save']) || $save; if ($delete && !$preview && !$refresh && $submit) { @@ -167,16 +167,16 @@ if ($sql != '') $message_parser = new parse_message(0); // <- TODO: add constant (MSG_POST/MSG_PM) - $message_parser->filename_data['filecomment'] = (isset($_POST['filecomment'])) ? trim(strip_tags($_POST['filecomment'])) : ''; + $message_parser->filename_data['filecomment'] = (isset($_POST['filecomment'])) ? trim(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), htmlspecialchars($_POST['filecomment']))) : ''; $message_parser->filename_data['filename'] = ($_FILES['fileupload']['name'] != 'none') ? trim($_FILES['fileupload']['name']) : ''; // Get Attachment Data $message_parser->attachment_data = (isset($_POST['attachment_data'])) ? $_POST['attachment_data'] : array(); - // Make sure we do not add slashes twice... + // foreach ($message_parser->attachment_data as $pos => $var) { - $message_parser->attachment_data[$pos]['comment'] = stripslashes($message_parser->attachment_data[$pos]['comment']); + $message_parser->attachment_data[$pos]['comment'] = trim(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), htmlspecialchars($message_parser->attachment_data[$pos]['comment']))); } if ($post_attachment && !$submit && !$refresh && !$preview && $mode == 'edit') @@ -211,12 +211,24 @@ if ($sql != '') $enable_sig = ($config['allow_sig'] && $user->data['user_attachsig']) ? true : false; $enable_smilies = ($config['allow_smilies'] && $user->data['user_allowsmile']) ? true : false; $enable_bbcode = ($config['allow_bbcode'] && $user->data['user_allowbbcode']) ? true : false; - $enable_urls = true; + $enable_urls = TRUE; } - $enable_magic_url = false; -} + $enable_magic_url = $drafts = FALSE; + // User owns some drafts? + if ($user->data['user_id'] != ANONYMOUS && $auth->acl_get('u_savedrafts')) + { + $sql = 'SELECT draft_id + FROM ' . DRAFTS_TABLE . ' + WHERE user_id = ' . $user->data['user_id']; + $result = $db->sql_query_limit($sql, 1); + if ($row = $db->sql_fetchrow($result)) + { + $drafts = TRUE; + } + } +} // Notify user checkbox if ($mode != 'post' && $user->data['user_id'] != ANONYMOUS) @@ -439,17 +451,59 @@ $img_status = ($config['allow_img'] && $auth->acl_get('f_img', $forum_id)) ? tr $flash_status = ($config['allow_flash'] && $auth->acl_get('f_flash', $forum_id)) ? true : false; +// Save Draft +if (($save || isset($_POST['draft_save']))&& $user->data['user_id'] != ANONYMOUS && $auth->acl_get('u_savedrafts')) +{ + if (isset($_POST['draft_title_update']) && intval($_POST['draft_id']) && trim($_POST['draft_title']) != '') + { + $sql = 'UPDATE ' . DRAFTS_TABLE . " + SET title = '" . $db->sql_escape(trim(htmlspecialchars($_POST['draft_title']))) . "' + WHERE draft_id = " . intval($_POST['draft_id']) . " + AND user_id = " . $user->data['user_id']; + $db->sql_query($sql); + } + else + { + $subject = (!empty($_POST['subject'])) ? trim(htmlspecialchars($_POST['subject'])) : ''; + $message = (!empty($_POST['message'])) ? trim(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), htmlspecialchars($_POST['message']))) : ''; + + if ($message != '') + { + $sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array( + 'user_id' => $user->data['user_id'], + 'topic_id' => $topic_id, + 'save_time' => time(), + 'title' => $subject, + 'post_subject' => $subject, + 'post_message' => $message)); + $db->sql_query($sql); + + $drafts = TRUE; + + $template->assign_var('DRAFT_ID', $db->sql_nextid()); + } + else + { + $save = FALSE; + } + + unset($subject); + unset($message); + } +} + + if ($submit || $preview || $refresh) { $topic_cur_post_id = (isset($_POST['topic_cur_post_id'])) ? intval($_POST['topic_cur_post_id']) : false; - $subject = (!empty($_POST['subject'])) ? trim(htmlspecialchars(strip_tags($_POST['subject']))) : ''; + $subject = (!empty($_POST['subject'])) ? trim(htmlspecialchars($_POST['subject'])) : ''; if (strcmp($subject, strtoupper($subject)) == 0 && $subject != '') { $subject = phpbb_strtolower($subject); } - $message_parser->message = (!empty($_POST['message'])) ? trim(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), $_POST['message'])) : ''; + $message_parser->message = (!empty($_POST['message'])) ? trim(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), htmlspecialchars($_POST['message']))) : ''; $username = (!empty($_POST['username'])) ? trim($_POST['username']) : ((!empty($username)) ? $username : ''); $topic_type = (!empty($_POST['topic_type'])) ? (int) $_POST['topic_type'] : (($mode != 'post') ? $topic_type : POST_NORMAL); @@ -933,9 +987,9 @@ if ($mode == 'post' || ($mode == 'edit' && $post_id == $topic_first_post_id)) } } -$html_checked = (isset($enable_html)) ? !$enable_html : ((intval($config['allow_html'])) ? !$user->data['user_allowhtml'] : 1); -$bbcode_checked = (isset($enable_bbcode)) ? !$enable_bbcode : ((intval($config['allow_bbcode'])) ? !$user->data['user_allowbbcode'] : 1); -$smilies_checked = (isset($enable_smilies)) ? !$enable_smilies : ((intval($config['allow_smilies'])) ? !$user->data['user_allowsmile'] : 1); +$html_checked = (isset($enable_html)) ? !$enable_html : (($config['allow_html']) ? !$user->data['user_allowhtml'] : 1); +$bbcode_checked = (isset($enable_bbcode)) ? !$enable_bbcode : (($config['allow_bbcode']) ? !$user->data['user_allowbbcode'] : 1); +$smilies_checked = (isset($enable_smilies)) ? !$enable_smilies : (($config['allow_smilies']) ? !$user->data['user_allowsmile'] : 1); $urls_checked = (isset($enable_urls)) ? !$enable_urls : 0; $sig_checked = $enable_sig; $notify_checked = (isset($notify)) ? $notify : (($notify_set == -1) ? (($user->data['user_id'] != ANONYMOUS) ? $user->data['user_notify'] : 0) : $notify_set); @@ -1029,7 +1083,9 @@ $template->assign_vars(array( 'S_LOCK_POST_CHECKED' => ($lock_post_checked) ? 'checked="checked"' : '', 'S_MAGIC_URL_CHECKED' => ($urls_checked) ? 'checked="checked"' : '', 'S_TYPE_TOGGLE' => $topic_type_toggle, - 'S_SAVE_ALLOWED' => ($auth->acl_get('f_save', $forum_id)) ? true : false, + 'S_SAVE_ALLOWED' => ($auth->acl_get('u_savedrafts') && $user->data['user_id'] != ANONYMOUS) ? true : false, + 'S_HAS_DRAFTS' => ($auth->acl_get('u_savedrafts') && $user->data['user_id'] != ANONYMOUS && $drafts) ? true : false, + 'S_DRAFT_SAVED' => $save, 'S_FORM_ENCTYPE' => $form_enctype, 'S_POST_ACTION' => $s_action, @@ -1059,13 +1115,13 @@ else if ($mode == 'edit' && !empty($poll_last_vote) && ($auth->acl_get('f_poll', } // Attachment entry -if ($auth->acl_get('f_attach', $forum_id) || $auth->acl_get('m_edit', $forum_id)) +if ($auth->acl_get('f_attach', $forum_id) && $config['allow_attachments'] && $form_enctype != '') { $template->assign_vars(array( 'S_SHOW_ATTACH_BOX' => true) ); - if (count($message_parser->attachment_data)) + if (sizeof($message_parser->attachment_data)) { $template->assign_vars(array( 'S_HAS_ATTACHMENTS' => true) @@ -1087,7 +1143,7 @@ if ($auth->acl_get('f_attach', $forum_id) || $auth->acl_get('m_edit', $forum_id) $template->assign_block_vars('attach_row', array( 'FILENAME' => $attach_row['real_filename'], 'ATTACH_FILENAME' => $attach_row['physical_filename'], - 'FILE_COMMENT' => stripslashes(htmlspecialchars($attach_row['comment'])), + 'FILE_COMMENT' => $attach_row['comment'], 'ATTACH_ID' => $attach_row['attach_id'], 'ASSOC_INDEX' => $count, @@ -1100,7 +1156,7 @@ if ($auth->acl_get('f_attach', $forum_id) || $auth->acl_get('m_edit', $forum_id) } $template->assign_vars(array( - 'FILE_COMMENT' => stripslashes(htmlspecialchars($message_parser->filename_data['filecomment'])), + 'FILE_COMMENT' => $message_parser->filename_data['filecomment'], 'FILESIZE' => $config['max_filesize'], 'FILENAME' => $message_parser->filename_data['filename']) ); @@ -1283,13 +1339,9 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_ if ($attach_row['attach_id'] != '-1') { // update entry in db if attachment already stored in db and filespace - $attach_sql = array( - 'comment' => trim($attach_row['comment']) - ); - - $sql = 'UPDATE ' . ATTACHMENTS_DESC_TABLE . ' - SET ' . $db->sql_build_array('UPDATE', $attach_sql) . ' - WHERE attach_id = ' . (int) $attach_row['attach_id']; + $sql = 'UPDATE ' . ATTACHMENTS_DESC_TABLE . " + SET comment = '" . $db->sql_escape($attach_row['comment']) . "' + WHERE attach_id = " . (int) $attach_row['attach_id']; $db->sql_query($sql); } else @@ -1298,7 +1350,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_ $attach_sql = array( 'physical_filename' => $attach_row['physical_filename'], 'real_filename' => $attach_row['real_filename'], - 'comment' => trim($attach_row['comment']), + 'comment' => $attach_row['comment'], 'extension' => $attach_row['extension'], 'mimetype' => $attach_row['mimetype'], 'filesize' => $attach_row['filesize'], diff --git a/phpBB/styles/subSilver/template/posting_body.html b/phpBB/styles/subSilver/template/posting_body.html index b68cead19f..a34d95a4a5 100644 --- a/phpBB/styles/subSilver/template/posting_body.html +++ b/phpBB/styles/subSilver/template/posting_body.html @@ -51,6 +51,28 @@ function checkForm() </tr> </table> +<!-- IF S_DRAFT_SAVED --> +<table class="tablebg" width="95%" border="0" cellspacing="1" cellpadding="4" align="center"> + <tr> + <th height="28" align="center">{L_INFORMATION}</th> + </tr> + <tr> + <td class="row1" align="center"><span class="gen">{L_DRAFT_SAVED}</span></td> + </tr> + <tr> + <td class="spacer" height="1"><img src="images/spacer.gif" alt="" width="1" height="1" /></td> + </tr> + <tr> + <td class="row2" align="center"><span class="gen">{L_DRAFT_TITLE_EXPLAIN}<br /><br />{L_ENTER_DRAFT_TITLE} </span><input class="post" style="width:450px" type="text" name="draft_title" size="45" maxlength="60" tabindex="2" value="{SUBJECT}" /><br /><br /> + <input class="btnmain" type="submit" name="draft_save" value="{L_UPDATE}" /> + <input type="hidden" name="draft_title_update" value="1" /> + <input type="hidden" name="draft_id" value="{DRAFT_ID}" /> + </td> + </tr> +</table> +<br /> +<!-- ENDIF --> + <!-- IF S_POST_REVIEW --> <table class="tablebg" width="95%" border="0" cellspacing="1" cellpadding="4" align="center"> <tr> @@ -305,7 +327,7 @@ function checkForm() <!-- ENDIF --> <!-- IF S_SHOW_ATTACH_BOX or S_SHOW_POLL_BOX --> <tr> - <td class="cat" colspan="2" align="center"><input class="btnlite" type="submit" tabindex="5" name="preview" value="{L_PREVIEW}" /> <input class="btnmain" type="submit" accesskey="s" tabindex="6" name="post" value="{L_SUBMIT}" /><!-- IF S_SAVE_ALLOWED --> <input class="btnlite" type="submit" accesskey="k" tabindex="8" name="save" value="{L_SAVE}" /><!-- ENDIF --> <input class="btnlite" type="submit" accesskey="c" tabindex="7" name="cancel" value="{L_CANCEL}" /></td> + <td class="cat" colspan="2" align="center"><input class="btnlite" type="submit" tabindex="5" name="preview" value="{L_PREVIEW}" /> <input class="btnmain" type="submit" accesskey="s" tabindex="6" name="post" value="{L_SUBMIT}" /><!-- IF S_SAVE_ALLOWED --> <input class="btnlite" type="submit" accesskey="k" tabindex="8" name="save" value="{L_SAVE}" /><!-- ENDIF --><!-- IF S_HAS_DRAFTS --> <input class="btnlite" type="submit" accesskey="d" tabindex="9" name="load_draft" value="{L_LOAD}" /><!-- ENDIF --> <input class="btnlite" type="submit" accesskey="c" tabindex="7" name="cancel" value="{L_CANCEL}" /></td> </tr> <!-- ENDIF --> <!-- IF S_SHOW_ATTACH_BOX --> @@ -320,7 +342,7 @@ function checkForm() </tr> <!-- ENDIF --> <tr> - <td class="cat" colspan="2" align="center">{S_HIDDEN_FIELDS}<input class="btnlite" type="submit" tabindex="5" name="preview" value="{L_PREVIEW}" /> <input class="btnmain" type="submit" accesskey="s" tabindex="6" name="post" value="{L_SUBMIT}" /><!-- IF S_SAVE_ALLOWED --> <input class="btnlite" type="submit" accesskey="k" tabindex="8" name="save" value="{L_SAVE}" /><!-- ENDIF --> <input class="btnlite" type="submit" accesskey="c" tabindex="7" name="cancel" value="{L_CANCEL}" /></td> + <td class="cat" colspan="2" align="center">{S_HIDDEN_FIELDS}<input class="btnlite" type="submit" tabindex="5" name="preview" value="{L_PREVIEW}" /> <input class="btnmain" type="submit" accesskey="s" tabindex="6" name="post" value="{L_SUBMIT}" /><!-- IF S_SAVE_ALLOWED --> <input class="btnlite" type="submit" accesskey="k" tabindex="8" name="save" value="{L_SAVE}" /><!-- ENDIF --><!-- IF S_HAS_DRAFTS --> <input class="btnlite" type="submit" accesskey="d" tabindex="9" name="load_draft" value="{L_LOAD}" /><!-- ENDIF --> <input class="btnlite" type="submit" accesskey="c" tabindex="7" name="cancel" value="{L_CANCEL}" /></td> </tr> </table> diff --git a/phpBB/styles/subSilver/template/ucp_main.html b/phpBB/styles/subSilver/template/ucp_main.html index 5e6d9cb636..a21103e292 100644 --- a/phpBB/styles/subSilver/template/ucp_main.html +++ b/phpBB/styles/subSilver/template/ucp_main.html @@ -1,5 +1,6 @@ <!-- INCLUDE ucp_header.html --> +<!-- IF not S_DISPLAY_DRAFTS --> <table class="tablebg" width="80%" cellspacing="1" cellpadding="4" border="0" align="right"> <tr> <!-- IF S_DISPLAY_WATCHED --> @@ -99,7 +100,107 @@ </tr> <!-- ENDIF --> +</table> + +<!-- ELSE --> +<table class="tablebg" width="80%" cellspacing="1" cellpadding="4" border="0" align="right"> + <tr> + <th colspan="5" height="28">{L_UCP}</th> + </tr> + <tr> + <td colspan="5" class="row3" align="center"><span class="gensmall">{L_DRAFTS_EXPLAIN}</span></td> + </tr> + <!-- IF not S_EDIT_DRAFT --> + + <!-- IF S_DRAFT_ROWS --> + <tr> + <th>{L_SAVE_DATE}</th> + <th>{L_DRAFT_TITLE}</th> + <th>{L_TOPIC}</th> + <th>{L_OPTIONS}</th> + <th>{L_DELETE}</th> + </tr> + <!-- ENDIF --> + <!-- BEGIN draftrow --> + <!-- IF draftrow.S_ROW_COUNT is even --> + <tr class="row1"> + <!-- ELSE --> + <tr class="row2"> + <!-- ENDIF --> + <td class="postdetails">{draftrow.DATE}</td> + <td><b class="topictitle">{draftrow.TITLE}</b></td> + <td class="topictitle"><!-- IF draftrow.S_POST_TOPIC -->{L_CURRENT_TOPIC}<!-- ELSEIF draftrow.TOPIC_TITLE --><a href="{draftrow.U_VIEW_TOPIC}" target="_blank">{draftrow.TOPIC_TITLE}</a><!-- ELSE --><i>{L_NEW_OR_DELETED_TOPIC}</i><!-- ENDIF --></td> + <td align="center"><span class="gen"><!-- IF draftrow.S_FROM_POST --><a href="">{L_INSERT}</a><br /><!-- ENDIF --><a href="{draftrow.U_VIEW_EDIT}">{L_VIEW_EDIT}</a></td> + <td align="center"><input type="checkbox" name="d[{draftrow.DRAFT_ID}]" /></td> + </tr> + <!-- BEGINELSE --> + <tr class="row1"> + <td colspan="5" height="25" align="center"><b class="genmed">{L_NO_SAVED_DRAFTS}</b></td> + </tr> + <!-- END draftrow --> + <tr> + <td class="cat" colspan="5" height="28" align="right"><input class="btnlite" type="submit" name="delete" value="{L_DELETE_MARKED}" /> </td> + </tr> + + <!-- ELSEIF S_EDIT_DRAFT --> + <!-- IF ERROR --> + <tr> + <td class="row3" colspan="2" align="center"><span class="gensmall" style="color:red">{ERROR}</span></td> + </tr> + <!-- ENDIF --> + <tr> + <td class="row1" width="22%"><b class="genmed">{L_DRAFT_TITLE}:</b></td> + <td class="row2" width="78%"><input class="post" style="width:450px" type="text" name="draft_title" size="45" maxlength="60" tabindex="1" value="{DRAFT_TITLE}" /></td> + </tr> + <tr> + <td class="row1" width="22%"><b class="genmed">{L_SUBJECT}:</b></td> + <td class="row2"><input class="post" style="width:450px" type="text" name="subject" size="45" maxlength="60" tabindex="2" value="{POST_SUBJECT}" /></td> + </tr> + <tr> + <td class="row1" width="22%"><b class="genmed">{L_MESSAGE}: </b><br /><span class="gensmall">{L_EDIT_DRAFT_EXPLAIN}</span></td> + <td class="row2"><table cellspacing="0" cellpadding="2" border="0"> + <tr align="center" valign="middle"> + <td><input class="btnbbcode" type="button" accesskey="b" name="addbbcode0" value=" B " style="font-weight:bold; width: 30px" onclick="bbstyle(0)" onmouseover="helpline('b')" /></td> + <td><input class="btnbbcode" type="button" accesskey="i" name="addbbcode2" value=" i " style="font-style:italic; width: 30px" onclick="bbstyle(2)" onmouseover="helpline('i')" /></td> + <td><input class="btnbbcode" type="button" accesskey="u" name="addbbcode4" value=" u " style="text-decoration: underline; width: 30px" onclick="bbstyle(4)" onmouseover="helpline('u')" /></td> + <td><input class="btnbbcode" type="button" accesskey="q" name="addbbcode6" value="Quote" style="width: 50px" onclick="bbstyle(6)" onmouseover="helpline('q')" /></td> + <td><input class="btnbbcode" type="button" accesskey="c" name="addbbcode8" value="Code" style="width: 40px" onclick="bbstyle(8)" onmouseover="helpline('c')" /></td> + <td><input class="btnbbcode" type="button" accesskey="l" name="addbbcode10" value="List" style="width: 40px" onclick="bbstyle(10)" onmouseover="helpline('l')" /></td> + <td><input class="btnbbcode" type="button" accesskey="o" name="addbbcode12" value="List=" style="width: 40px" onclick="bbstyle(12)" onmouseover="helpline('o')" /></td> + <td><input class="btnbbcode" type="button" accesskey="p" name="addbbcode14" value="Img" style="width: 40px" onclick="bbstyle(14)" onmouseover="helpline('p')" /></td> + <td><input class="btnbbcode" type="button" accesskey="w" name="addbbcode18" value="URL" style="text-decoration: underline; width: 40px" onclick="bbstyle(18)" onmouseover="helpline('w')" /></td> + </tr> + <tr> + <td colspan="9"><table width="100%" cellspacing="0" cellpadding="0" border="0"> + <tr> + <td><span class="genmed"> {L_FONT_SIZE}:</span> <select name="addbbcode20" onchange="bbfontstyle('[size=' + this.form.addbbcode20.options[this.form.addbbcode20.selectedIndex].value + ']', '[/size]');this.form.addbbcode20.selectedIndex = 2;" onmouseover="helpline('f')"> + <option value="7">{L_FONT_TINY}</option> + <option value="9">{L_FONT_SMALL}</option> + <option value="12" selected="selected">{L_FONT_NORMAL}</option> + <option value="18">{L_FONT_LARGE}</option> + <option value="24">{L_FONT_HUGE}</option> + </select></td> + <td class="gensmall" nowrap="nowrap" align="right"><a href="javascript:bbstyle(-1)" onmouseover="helpline('a')">{L_CLOSE_TAGS}</a></td> + </tr> + </table></td> + </tr> + <tr> + <td colspan="9"><input class="helpline" type="text" name="helpbox" size="45" maxlength="100" value="{L_STYLES_TIP}" /></td> + </tr> + <tr> + <td colspan="9"><textarea class="post" name="message" rows="10" cols="76" onselect="storeCaret(this);" onclick="storeCaret(this);" onkeyup="storeCaret(this);">{POST_MESSAGE}</textarea></td> + </tr> + </table></td> + </tr> + <tr class="row3"> + <td colspan="9" align="left" class="topictitle"><a href="{S_UCP_ACTION}">{L_BACK_TO_DRAFTS}</a></td> + </tr> + <tr> + <td class="cat" colspan="2" height="28" align="center">{S_HIDDEN_FIELDS}<input class="btnmain" type="submit" name="submit" value="{L_SUBMIT}" /> <input class="btnlite" type="reset" value="{L_RESET}" name="reset" /></td> + </tr> + <!-- ENDIF --> </table> +<!-- ENDIF --> -<!-- INCLUDE ucp_footer.html -->
\ No newline at end of file +<!-- INCLUDE ucp_footer.html --> |