diff options
| -rw-r--r-- | phpBB/includes/bbcode.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/post.php | 12 | ||||
| -rwxr-xr-x | phpBB/language/lang_english.php | 2 | ||||
| -rw-r--r-- | phpBB/posting.php | 380 | ||||
| -rw-r--r-- | phpBB/templates/PSO/posting_body.tpl | 69 | ||||
| -rw-r--r-- | phpBB/templates/PSO/posting_preview.tpl | 16 | ||||
| -rw-r--r-- | phpBB/viewtopic.php | 15 |
7 files changed, 322 insertions, 174 deletions
diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php index 70599a6c60..528c00eba0 100644 --- a/phpBB/includes/bbcode.php +++ b/phpBB/includes/bbcode.php @@ -364,7 +364,7 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_ function bbencode_second_pass_code($text, $uid) { // If HTML is turned on we undo any HTML special chars that were created by the viewtopic code. - $text = undo_htmlspecialchars($text); +// $text = undo_htmlspecialchars($text); $code_start_html = '<TABLE BORDER="0" ALIGN="CENTER" WIDTH="85%"><TR><TD><font size="-1">Code:</font><HR></TD></TR><TR><TD><FONT SIZE="-1"><PRE>'; $code_end_html = '</PRE></FONT></TD></TR><TR><TD><HR></TD></TR></TABLE>'; diff --git a/phpBB/includes/post.php b/phpBB/includes/post.php index 9e135a259c..b66bf8c0bb 100644 --- a/phpBB/includes/post.php +++ b/phpBB/includes/post.php @@ -35,11 +35,7 @@ function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid // $message = trim($message); - if( !$html_on ) - { - $message = htmlspecialchars($message); - } -/* else if($html_on) + if( $html_on ) { $start = -1; $end = 0; @@ -62,7 +58,7 @@ function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid $match_tag = trim($board_config['allow_html_tags'][$i]); list($match_tag_split) = explode(" ", $match_tag); - if( preg_match("/^((\/$match_tag_split$)|($match_tag))[ \=]+/i", substr($message, $start + 1, $length - 2) . " ") ) + if( preg_match("/^((\/" . $match_tag_split . ")|(" . $match_tag . "))[ \=]+/i", trim(substr($message, $start + 1, $length - 2)) . " ") ) { $tagallowed = 1; } @@ -70,14 +66,14 @@ function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid if($length && !$tagallowed) { - $message = str_replace(substr($message, $start, $length), "", $message); + $message = str_replace(substr($message, $start, $length), htmlspecialchars(substr($message, $start, $length)), $message); } } $start = -1; } } } -*/ + if($bbcode_on) { $message = bbencode_first_pass($message, $bbcode_uid); diff --git a/phpBB/language/lang_english.php b/phpBB/language/lang_english.php index d563892a24..92f32cc1af 100755 --- a/phpBB/language/lang_english.php +++ b/phpBB/language/lang_english.php @@ -277,7 +277,7 @@ $lang['HTML'] = "HTML"; $lang['BBCode'] = "BBCode"; $lang['Smilies'] = "Smilies"; $lang['in_this_post'] = " in this post"; -$lang['Notify'] = "Notify"; +$lang['Notify'] = "Notify me when a reply is posted"; $lang['Delete_post'] = "Delete this post"; $lang['is_ON'] = " is ON"; // this goes after either BBCode or HTML $lang['is_OFF'] = " is OFF"; // see above diff --git a/phpBB/posting.php b/phpBB/posting.php index 5d7dbfbbff..06f414b598 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -65,13 +65,41 @@ else $mode = (isset($HTTP_POST_VARS['mode'])) ? $HTTP_POST_VARS['mode'] : ( (isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : ""); -$disable_html = (isset($HTTP_POST_VARS['disable_html'])) ? $HTTP_POST_VARS['disable_html'] : !$userdata['user_allowhtml']; -$disable_bbcode = (isset($HTTP_POST_VARS['disable_bbcode'])) ? $HTTP_POST_VARS['disable_bbcode'] : !$userdata['user_allowbbcode']; -$disable_smilies = (isset($HTTP_POST_VARS['disable_smile'])) ? $HTTP_POST_VARS['disable_smile'] : !$userdata['user_allowsmile']; -$attach_sig = (isset($HTTP_POST_VARS['attach_sig'])) ? $HTTP_POST_VARS['attach_sig'] : $userdata['user_attachsig']; +// +// Set toggles for various options +// +if(!$board_config['allow_html']) +{ + $html_on = 0; +} +else +{ + $html_on = ( isset($HTTP_POST_VARS['submit']) || isset($HTTP_POST_VARS['preview']) ) ? ( ( !empty($HTTP_POST_VARS['disable_html']) ) ? 0 : TRUE ) : $userdata['user_allowhtml']; +} + +if(!$board_config['allow_bbcode']) +{ + $bbcode_on = 0; +} +else +{ + $bbcode_on = ( isset($HTTP_POST_VARS['submit']) || isset($HTTP_POST_VARS['preview']) ) ? ( ( !empty($HTTP_POST_VARS['disable_bbcode']) ) ? 0 : TRUE ) : $userdata['user_allowbbcode']; +} + +if(!$board_config['allow_smilies']) +{ + $smilies_on = 0; +} +else +{ + $smilies_on = ( isset($HTTP_POST_VARS['submit']) || isset($HTTP_POST_VARS['preview']) ) ? ( ( !empty($HTTP_POST_VARS['disable_smilies']) ) ? 0 : TRUE ) : $userdata['user_allowsmile']; +} + +$attach_sig = ( isset($HTTP_POST_VARS['submit']) || isset($HTTP_POST_VARS['preview']) ) ? ( ( !empty($HTTP_POST_VARS['attach_sig']) ) ? TRUE : 0 ) : $userdata['user_attachsig']; + +$notify = ( isset($HTTP_POST_VARS['submit']) || isset($HTTP_POST_VARS['preview']) ) ? ( ( !empty($HTTP_POST_VARS['notify']) ) ? TRUE : 0 ) : $userdata['always_notify']; -$notify = (isset($HTTP_POST_VARS['notify'])) ? $HTTP_POST_VARS['notify'] : $userdata["always_notify"]; -$preview = (isset($HTTP_POST_VARS['preview'])) ? TRUE : FALSE; +$preview = (isset($HTTP_POST_VARS['preview'])) ? TRUE : 0; if( isset($HTTP_POST_VARS['topictype']) ) { @@ -92,10 +120,10 @@ else { $topic_type = POST_NORMAL; } + // -// Here we do various lookups to find topic_id, forum_id, post_id -// etc. Doing it here prevents spoofing (eg. faking forum_id, -// topic_id or post_id). +// Here we do various lookups to find topic_id, forum_id, post_id etc. +// Doing it here prevents spoofing (eg. faking forum_id, topic_id or post_id // if( $mode != "newtopic" ) { @@ -157,9 +185,9 @@ if( $mode != "newtopic" ) if( $mode == "editpost" ) { - $is_first_post = ($check_row['post_id'] == $post_id) ? TRUE : FALSE; - $is_last_post = ($check_row['topic_last_post_id'] == $post_id) ? TRUE : FALSE; - $is_last_post_forum = ($check_row['forum_last_post_id'] == $post_id) ? TRUE : FALSE; + $is_first_post = ($check_row['post_id'] == $post_id) ? TRUE : 0; + $is_last_post = ($check_row['topic_last_post_id'] == $post_id) ? TRUE : 0; + $is_last_post_forum = ($check_row['forum_last_post_id'] == $post_id) ? TRUE : 0; } else { @@ -168,8 +196,8 @@ if( $mode != "newtopic" ) $topic_id = $check_row['topic_id']; } - $is_first_post = FALSE; - $is_last_post = FALSE; + $is_first_post = 0; + $is_last_post = 0; } } else @@ -187,7 +215,7 @@ else $check_row = $db->sql_fetchrow($result); $is_first_post = TRUE; - $is_last_post = FALSE; + $is_last_post = 0; $topic_status = TOPIC_UNLOCKED; $forum_status = $check_row['forum_status']; } @@ -198,7 +226,7 @@ else } // -// Is topic locked? +// Is topic or forum locked? // if($forum_status == FORUM_LOCKED) { @@ -304,11 +332,11 @@ if(!$is_auth[$is_auth_type]) // // Clear error check // -$error = FALSE; +$error = 0; $error_msg = ""; // -// Prepare our message and subject on a 'submit' +// Prepare our message and subject on a 'submit' (inc. preview) // if( ( isset($HTTP_POST_VARS['submit']) || $preview ) && $topic_status == TOPIC_UNLOCKED ) { @@ -375,24 +403,16 @@ if( ( isset($HTTP_POST_VARS['submit']) || $preview ) && $topic_status == TOPIC_U { if(!$error && !$preview) { - $smile_on = ($disable_smilies || !$board_config['allow_smilies']) ? 0 : TRUE; - $html_on = ($disable_html || !$board_config['allow_html']) ? 0 : TRUE; - - if($disable_bbcode || !$board_config['allow_bbcode']) - { - $bbcode_on = 0; - } - else + if($bbcode_on) { $bbcode_uid = make_bbcode_uid(); - $bbcode_on = TRUE; } // - // prepare_message returns a bbcode parsed - // html parsed and slashed result ... + // prepare_message returns a bbcode parsed html parsed and slashed result + // ... note that we send NOT'ed version of the disable vars to the function // - $message = prepare_message(stripslashes($HTTP_POST_VARS['message']), $html_on, $bbcode_on, $smile_on, $bbcode_uid); + $message = prepare_message(stripslashes($HTTP_POST_VARS['message']), $html_on, $bbcode_on, $smilies_on, $bbcode_uid); if( $attach_sig ) { @@ -452,7 +472,7 @@ if( ($mode == "newtopic" || $mode == "reply") && $topic_status == TOPIC_UNLOCKED if($mode == "reply" || ( $mode == "newtopic" && $result ) ) { $sql = "INSERT INTO " . POSTS_TABLE . " (topic_id, forum_id, poster_id, post_username, post_time, poster_ip, bbcode_uid, enable_bbcode, enable_html, enable_smilies) - VALUES ($new_topic_id, $forum_id, " . $userdata['user_id'] . ", '$username', $topic_time, '$user_ip', '$bbcode_uid', $bbcode_on, $html_on, $smile_on)"; + VALUES ($new_topic_id, $forum_id, " . $userdata['user_id'] . ", '$username', $topic_time, '$user_ip', '$bbcode_uid', $bbcode_on, $html_on, $smilies_on)"; if($mode == "reply") { $result = $db->sql_query($sql, BEGIN_TRANSACTION); @@ -853,7 +873,7 @@ else if( $mode == "editpost" && $topic_status == TOPIC_UNLOCKED ) } $sql = "UPDATE " . POSTS_TABLE . " - SET bbcode_uid = '$bbcode_uid', enable_bbcode = $bbcode_on, enable_html = $html_on, enable_smilies = $smile_on" . $edited_sql . " + SET bbcode_uid = '$bbcode_uid', enable_bbcode = $bbcode_on, enable_html = $html_on, enable_smilies = $smilies_on" . $edited_sql . " WHERE post_id = $post_id"; if($db->sql_query($sql, BEGIN_TRANSACTION)) @@ -965,11 +985,11 @@ else if( $mode == "editpost" && $topic_status == TOPIC_UNLOCKED ) } else { - $attach_sig = FALSE; + $attach_sig = 0; } // Removes UID from BBCode entries - $message = preg_replace("/\:[0-9a-z\:]*?\]/si", "]", $message); + $message = preg_replace("/\:[0-9a-z\:]+\]/si", "]", $message); $message = str_replace("<br />", "\n", $message); @@ -1064,25 +1084,63 @@ if($preview && !$error) break; } - $preview_smile_on = ($disable_smilies) ? FALSE : TRUE; - $preview_html_on = ($disable_html) ? FALSE : TRUE; - $preview_html_on = TRUE; + if($bbcode_on) + { + $bbcode_uid = make_bbcode_uid(); + } + + $preview_message = stripslashes(prepare_message($message, $html_on, $bbcode_on, $smilies_on, $bbcode_uid)); - if($disable_bbcode) + // + // Finalise processing as per viewtopic + // + $user_sig = ($userdata['user_sig'] != "") ? $userdata['user_sig'] : ""; + + if( !$html_on ) + { + if($user_sig != "") + { + $user_sig = htmlspecialchars($user_sig); + } + $preview_message = htmlspecialchars($preview_message); + } + + if($bbcode_on) { - $preview_bbcode_on = FALSE; + $preview_message = bbencode_second_pass($preview_message, $bbcode_uid); + + if($user_sig != "") + { + $sig_uid = make_bbcode_uid(); + $user_sig = bbencode_first_pass($user_sig, $sig_uid); + $user_sig = bbencode_second_pass($user_sig, $sig_uid); + } + + // + // This compensates for bbcode's rather agressive (but I guess necessary) + // HTML handling + // + if( !$html_on ) + { + $preview_message = preg_replace("'&'", "&", $preview_message); + } } else { - $bbcode_uid = make_bbcode_uid(); - $preview_bbcode_on = TRUE; + // Removes UID from BBCode entries + $preview_message = preg_replace("/\:[0-9a-z\:]+\]/si", "]", $preview_message); } - $preview_message = stripslashes(prepare_message($message, $preview_html_on, $preview_bbcode_on, $preview_smile_on, $bbcode_uid)); - if(!$disable_bbcode) + if($smilies_on) { - $preview_message = bbencode_second_pass($preview_message, $bbcode_uid); + $preview_message = smilies_pass($preview_message); } + + if($attach_sig && $user_sig != "") + { + $preview_message = $preview_message . "<br /><br />_________________<br />" . $user_sig; + } + $preview_message = make_clickable($preview_message); $preview_message = str_replace("\n", "<br />", $preview_message); @@ -1090,10 +1148,10 @@ if($preview && !$error) "preview" => "posting_preview.tpl") ); $template->assign_vars(array( - "TOPIC_TITLE" => stripslashes($subject), - "POST_SUBJECT" => stripslashes($subject), "ROW_COLOR" => "#" . $theme['td_color1'], "ROW_CLASS" => $theme['td_class1'], + "TOPIC_TITLE" => stripslashes($subject), + "POST_SUBJECT" => stripslashes($subject), "POSTER_NAME" => stripslashes($username), "POST_DATE" => create_date($board_config['default_dateformat'], time(), $board_config['default_timezone']), "MESSAGE" => $preview_message, @@ -1104,7 +1162,7 @@ if($preview && !$error) $template->pparse("preview"); } // -// End: Preview Post +// End Preview Post // // @@ -1116,8 +1174,8 @@ if( empty($forum_id) ) } $sql = "SELECT forum_name - FROM " . FORUMS_TABLE . " - WHERE forum_id = $forum_id"; + FROM " . FORUMS_TABLE . " + WHERE forum_id = $forum_id"; if(!$result = $db->sql_query($sql)) { message_die(GENERAL_ERROR, "Could not obtain forum information.", "", __LINE__, __FILE__, $sql); @@ -1125,75 +1183,107 @@ if(!$result = $db->sql_query($sql)) $forum_info = $db->sql_fetchrow($result); $forum_name = stripslashes($forum_info['forum_name']); -if($userdata['session_logged_in']) -{ - $username_input = stripslashes($userdata["username"]); - $password_input = ""; -} -else -{ - $username_input = '<input type="text" name="username" value="' . $username . '" size="25" maxlength="50">'; - $password_input = '<input type="password" name="password" size="25" maxlength="40">'; -} -$subject_input = '<input type="text" name="subject" value="' . stripslashes($subject) . '" size="50" maxlength="255">'; -$message_input = '<textarea name="message" rows="10" cols="40" wrap="virtual">' . $message . '</textarea>'; +$template->set_filenames(array( + "body" => "posting_body.tpl", + "jumpbox" => "jumpbox.tpl") +); + +$jumpbox = make_jumpbox(); +$template->assign_vars(array( + "L_GO" => $lang['Go'], + "L_JUMP_TO" => $lang['Jump_to'], + "L_SELECT_FORUM" => $lang['Select_forum'], + "JUMPBOX_LIST" => $jumpbox, + "SELECT_NAME" => POST_FORUM_URL) +); +$template->assign_var_from_handle("JUMPBOX", "jumpbox"); +$template->assign_vars(array( + "FORUM_ID" => $forum_id, + "FORUM_NAME" => $forum_name, + + "L_POSTNEWIN" => $section_title, + + "U_VIEW_FORUM" => append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id")) +); + +// +// Generate form data +// +$display_username = ($userdata['session_logged_in']) ? stripslashes($userdata["username"]) : ""; +$display_subject = ($subject != "") ? stripslashes($subject) : ""; + +// +// HTML toggle selection +// if($board_config['allow_html']) { $html_status = $lang['ON']; - $html_toggle = '<input type="checkbox" name="disable_html" '; - if($disable_html) - { - $html_toggle .= 'checked'; - } - $html_toggle .= "> " . $lang['Disable'] . $lang['HTML'] . $lang['in_this_post']; + $template->assign_block_vars("html_checkbox", array()); } else { $html_status = $lang['OFF']; } +// +// BBCode toggle selection +// if($board_config['allow_bbcode']) { $bbcode_status = $lang['ON']; - $bbcode_toggle = '<input type="checkbox" name="disable_bbcode" '; - if($disable_bbcode) - { - $bbcode_toggle .= "checked"; - } - $bbcode_toggle .= "> " . $lang['Disable'] . $lang['BBCode'] . $lang['in_this_post']; + $template->assign_block_vars("bbcode_checkbox", array()); } else { $bbcode_status = $lang['OFF']; } +// +// Smilies toggle selection +// if($board_config['allow_smilies']) { $smilies_status = $lang['ON']; - $smile_toggle = '<input type="checkbox" name="disable_smile" '; - if($disable_smilies) - { - $smile_toggle .= "checked"; - } - $smile_toggle .= "> " . $lang['Disable'] . $lang['Smilies'] . $lang['in_this_post']; + $template->assign_block_vars("smilies_checkbox", array()); } else { $smilies_status = $lang['OFF']; } - -$sig_toggle = '<input type="checkbox" name="attach_sig" '; +// +// Signature toggle selection +// if($attach_sig) { - $sig_toggle .= "checked"; + $template->assign_block_vars("signature_checkbox", array()); +} + +// +// Notify selection +// +if($mode == "newtopic" || $preview || ( $mode == "editpost" && $notify_show ) ) +{ + $template->assign_block_vars("notify_checkbox", array()); +} + +// +// Delete selection +// +if($mode == 'editpost' && !$preview && ( $is_last_post || $is_auth['auth_mod'] ) ) +{ + $template->assign_block_vars("delete_checkbox", array()); } -$sig_toggle .= "> " . $lang['Attach_signature']; +// +// Topic type selection +// $topic_type_radio = ''; if($mode == 'newtopic' || ( $mode == 'editpost' && $is_first_post ) ) { + $template->assign_block_vars("type_toggle", array()); + if($is_auth['auth_announce']) { $announce_toggle = '<input type="radio" name="topictype" value="announce"'; @@ -1201,7 +1291,7 @@ if($mode == 'newtopic' || ( $mode == 'editpost' && $is_first_post ) ) { $announce_toggle .= ' checked'; } - $announce_toggle .= '> ' . $lang['Post_Announcement'] . ' '; + $announce_toggle .= ' /> ' . $lang['Post_Announcement'] . ' '; } if($is_auth['auth_sticky']) @@ -1211,45 +1301,27 @@ if($mode == 'newtopic' || ( $mode == 'editpost' && $is_first_post ) ) { $sticky_toggle .= ' checked'; } - $sticky_toggle .= '> ' . $lang['Post_Sticky'] . ' '; + $sticky_toggle .= ' /> ' . $lang['Post_Sticky'] . ' '; } if( $is_auth['auth_announce'] || $is_auth['auth_sticky'] ) { - $topic_type_toggle = ' ' . $lang['Post_topic_as'] . ': <input type="radio" name="topictype" value="normal"'; + $topic_type_toggle = $lang['Post_topic_as'] . ': <input type="radio" name="topictype" value="normal"'; if(!$is_announce && !$is_sticky) { $topic_type_toggle .= ' checked'; } - $topic_type_toggle .= '> ' . $lang['Post_Normal'] . ' ' . $sticky_toggle . $announce_toggle; + $topic_type_toggle .= ' /> ' . $lang['Post_Normal'] . ' ' . $sticky_toggle . $announce_toggle; } } -if($mode == "newtopic" || ($mode == "editpost" && $notify_show)) -{ - $notify_toggle = '<input type="checkbox" name="notify" '; - if($notify) - { - $notify_toggle .= "checked"; - } - $notify_toggle .= "> " . $lang['Notify']; -} - -// -// Display delete toggle? -// -if($mode == 'editpost' && ( $is_last_post || $is_auth['auth_mod'] ) ) -{ - $delete_toggle = '<input type="checkbox" name="delete"> ' . $lang['Delete_post']; -} - // // Define hidden fields // $hidden_form_fields = ""; if($mode == "newtopic") { - $hidden_form_fields .= "<input type=\"hidden\" name=\"" . POST_FORUM_URL . "\" value=\"$forum_id\">"; + $hidden_form_fields .= "<input type=\"hidden\" name=\"" . POST_FORUM_URL . "\" value=\"$forum_id\" />"; } else if($mode == "reply" || $mode == "quote") { @@ -1258,49 +1330,66 @@ else if($mode == "reply" || $mode == "quote") // to allow proper handling by submit/preview // $mode = "reply"; - $hidden_form_fields .= "<input type=\"hidden\" name=\"" . POST_TOPIC_URL . "\" value=\"$topic_id\">"; + $hidden_form_fields .= "<input type=\"hidden\" name=\"" . POST_TOPIC_URL . "\" value=\"$topic_id\" />"; } else if($mode == "editpost") { - $hidden_form_fields .= "<input type=\"hidden\" name=\"" . POST_TOPIC_URL . "\" value=\"$topic_id\"><input type=\"hidden\" name=\"" . POST_POST_URL . "\" value=\"$post_id\">"; + $hidden_form_fields .= "<input type=\"hidden\" name=\"" . POST_TOPIC_URL . "\" value=\"$topic_id\" /><input type=\"hidden\" name=\"" . POST_POST_URL . "\" value=\"$post_id\" />"; } -$hidden_form_fields .= "<input type=\"hidden\" name=\"mode\" value=\"$mode\">"; +$hidden_form_fields .= "<input type=\"hidden\" name=\"mode\" value=\"$mode\" />"; -$template->set_filenames(array( - "body" => "posting_body.tpl", - "jumpbox" => "jumpbox.tpl") -); -$jumpbox = make_jumpbox(); -$template->assign_vars(array( - "JUMPBOX_LIST" => $jumpbox, - "SELECT_NAME" => POST_FORUM_URL) -); -$template->assign_var_from_handle("JUMPBOX", "jumpbox"); - -$template->assign_vars(array( - "FORUM_ID" => $forum_id, - "FORUM_NAME" => $forum_name, - - "L_POSTNEWIN" => $section_title, +// +// User not logged in so offer up a username +// field box +// +if( !$userdata['session_logged_in'] ) +{ + $template->assign_block_vars("anon_user", array()); +} - "U_VIEW_FORUM" => append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id")) -); +// +// Here we check (if we're editing or replying) +// whether the post has html/bbcode/smilies disabled +// if it does then we modify the status vars appropriately +// +if( !$preview && $mode == "editpost" ) +{ + if($postrow['enable_html'] && $board_config['allow_html']) + { + $html_on = TRUE; + } + else + { + $html_on = 0; + } + if($postrow['enable_bbcode'] && $board_config['allow_bbcode']) + { + $bbcode_on = TRUE; + } + else + { + $bbcode_on = 0; + } + if($postrow['enable_smilies'] && $board_config['allow_smilies']) + { + $smilies_on = TRUE; + } + else + { + $smilies_on = 0; + } +} +// +// Output the data to the template +// $template->assign_vars(array( - "USERNAME_INPUT" => $username_input, - "PASSWORD_INPUT" => $password_input, - "SUBJECT_INPUT" => $subject_input, - "MESSAGE_INPUT" => $message_input, + "USERNAME" => $display_username, + "SUBJECT" => $display_subject, + "MESSAGE" => $message, "HTML_STATUS" => $html_status, - "HTML_TOGGLE" => $html_toggle, - "SMILIES_STATUS" => $smilies_status, - "SMILE_TOGGLE" => $smile_toggle, - "SIG_TOGGLE" => $sig_toggle, - "NOTIFY_TOGGLE" => $notify_toggle, - "DELETE_TOGGLE" => $delete_toggle, - "TYPE_TOGGLE" => $topic_type_toggle, - "BBCODE_TOGGLE" => $bbcode_toggle, "BBCODE_STATUS" => $bbcode_status, + "SMILIES_STATUS" => $smilies_status, "L_SUBJECT" => $lang['Subject'], "L_MESSAGE_BODY" => $lang['Message_body'], @@ -1314,6 +1403,19 @@ $template->assign_vars(array( "L_BBCODE_IS" => $lang['BBCode'] . " " . $lang['is'], "L_SMILIES_ARE" => $lang['Smilies'] . " " . $lang['are'], + "L_DISABLE_HTML" => $lang['Disable'] . $lang['HTML'] . $lang['in_this_post'], + "L_DISABLE_BBCODE" => $lang['Disable'] . $lang['BBCode'] . $lang['in_this_post'], + "L_DISABLE_SMILIES" => $lang['Disable'] . $lang['Smilies'] . $lang['in_this_post'], + "L_ATTACH_SIGNATURE" => $lang['Attach_signature'], + "L_NOTIFY_ON_REPLY" => $lang['Notify'], + "L_DELETE_POST" => $lang['Delete_post'], + + "S_HTML_CHECKED" => (!$html_on) ? "checked=\"checked\"" : "", + "S_BBCODE_CHECKED" => (!$bbcode_on) ? "checked=\"checked\"" : "", + "S_SMILIES_CHECKED" => (!$smilies_on) ? "checked=\"checked\"" : "", + "S_SIGNATURE_CHECKED" => ($attach_sig) ? "checked=\"checked\"" : "", + "S_NOTIFY_CHECKED" => ($attach_sig) ? "checked=\"checked\"" : "", + "S_TYPE_TOGGLE" => $topic_type_toggle, "S_TOPIC_ID" => $topic_id, "S_POST_ACTION" => append_sid("posting.$phpEx"), diff --git a/phpBB/templates/PSO/posting_body.tpl b/phpBB/templates/PSO/posting_body.tpl index 8d0a61e1d8..79e4e6f15d 100644 --- a/phpBB/templates/PSO/posting_body.tpl +++ b/phpBB/templates/PSO/posting_body.tpl @@ -1,4 +1,4 @@ -<table width="80%" cellspacing="0" cellpadding="4" border="0" align="center"> +<form action="{S_POST_ACTION}" method="POST"><table width="80%" cellspacing="0" cellpadding="4" border="0" align="center"> <tr> <td align="left"><span class="gensmall"><a href="{U_INDEX}">{SITENAME} {L_INDEX}</a> -> <a href="{U_VIEW_FORUM}">{FORUM_NAME}</a></span></td> </tr> @@ -15,42 +15,85 @@ function insertCode(formObj, selectObj) </script> <table width="80%" cellpadding="1" cellspacing="0" border="0" align="center"> - <tr><form action="{S_POST_ACTION}" method="POST"> + <tr> <td class="tablebg"><table border="0" cellpadding="3" cellspacing="1" width="100%"> <tr> <td class="cat" colspan="2"><span class="cattitle"><b>{L_POST_A}</b></span></td> </tr> - <!-- IF $S_ANON_USER eq TRUE --> + <!-- BEGIN anon_user --> <tr> <td class="row1"><span class="gen"><b>{L_USERNAME}</b></span></td> - <td class="row2">{USERNAME_INPUT}</td> + <td class="row2"><span class="courier"><input type="text" name="username" size="25" maxlength="25" value="{USERNAME}" /></span></td> </tr> - <!-- ENDIF --> + <!-- END anon_user --> <tr> <td class="row1"><span class="gen"><b>{L_SUBJECT}</b></span></td> - <td class="row2"><span class="courier">{SUBJECT_INPUT}</span></td> + <td class="row2"><span class="courier"><input type="text" name="subject" size="50" maxlength="100" value="{SUBJECT}" /></span></td> </tr> <tr> - <td class="row1"><span class="gen"><b>{L_MESSAGE_BODY}</b></span><br><br><span class="gensmall">{L_HTML_IS} <u>{HTML_STATUS}</u><br>{L_BBCODE_IS} <u>{BBCODE_STATUS}</u><br>{L_SMILIES_ARE} <u>{SMILIES_STATUS}</u></span></td> + <td class="row1"><span class="gen"><b>{L_MESSAGE_BODY}</b></span><br><br><span class="gensmall">{L_HTML_IS} <u>{HTML_STATUS}</u><br />{L_BBCODE_IS} <u>{BBCODE_STATUS}</u><br />{L_SMILIES_ARE} <u>{SMILIES_STATUS}</u></span></td> <td class="row2"><table width="100%" cellspacing="0" cellpadding="0" border="0"> <tr> - <td><span class="gen">{MESSAGE_INPUT}</span></td> - <td valign="top"> <span class="gensmall">BBcodes:</span><br><span class="couriersmall"><select class="small" name="addbbcode" size="6" onchange="insertCode(this.form, this);"> <option value="[b][/b]">[b] [/b]</option> <option value="[i][/i]">[i] [/i]</option> <option value="[quote][/quote]">[quote] [/quote]</option> <option value="[code][/code]">[code] [/code]</option> <option value="[list][/list]">[list] [/list]</option> <option value="[list=][/list]">[list=] [/list]</option> <option value="[img][/img]">[img] [/img]</option> <option value="[url][/url]">[url] [/url]</option></select></span><br clear="all"> <span class="gensmall">Smiley codes:</span><br><span class="couriersmall"><select class="small" name="addsmiley" size="1" onchange="insertCode(this.form, this);"> <option value=":)">Smiley</option> <option value=":(">Frown</option> <option value=":d">Big Grin</option> <option value=";)">Wink</option> <option value=":o">Eek!</option> <option value="8)">Cool</option> <option value=":?">Confused</option> <option value=":p">Razz</option> <option value=":|">Mad</option></select></span></td> + <td><span class="gen"><textarea name="message" rows="10" cols="45" wrap="virtual">{MESSAGE}</textarea></span></td> + <td valign="top"> <span class="gensmall">BBcodes:</span><br><span class="couriersmall"><select class="small" name="addbbcode" size="6" onchange="insertCode(this.form, this);"> <option value="[b][/b]">[b] [/b]</option> <option value="[i][/i]">[i] [/i]</option> <option value="[quote][/quote]">[quote] [/quote]</option> <option value="[code][/code]">[code] [/code]</option> <option value="[list][/list]">[list] [/list]</option> <option value="[list=][/list]">[list=] [/list]</option> <option value="[img][/img]">[img] [/img]</option> <option value="[url][/url]">[url] [/url]</option></select></span> <br clear="all" /> <span class="gensmall">Smiley codes:</span><br><span class="couriersmall"><select class="small" name="addsmiley" size="1" onchange="insertCode(this.form, this);"> <option value=":)">Smiley</option> </option> <option value=";)">Wink</option> <option value=":d">Big Grin</option> <option value=":lol:">Laugh Out Loud</option> <option value=":(">Sad</option> <option value=":o">Eek!</option> <option value=":">Eek!</option> <option value=":oops:">Opps!</option> <option value="8)">Cool</option> <option value=":?">Confused</option> <option value=":roll:">Rolling Eyes</option> <option value=":p">Razz</option> <option value=":x">Mad</option> <option value=":|">Neutral</option> <option value=":!:">Exclamation</option> <option value=":?:">Question</option> <option value=":idea:">Idea</option> <option value=":arrow:">Arrow</option></select></span></td> </tr> </table></td> </tr> <tr> <td class="row1"><span class="gen"><b>{L_OPTIONS}</b></span></td> - <td class="row2"><span class="gen">{HTML_TOGGLE}<br>{BBCODE_TOGGLE}<br>{SMILE_TOGGLE}<br>{SIG_TOGGLE}<br>{NOTIFY_TOGGLE}<br>{DELETE_TOGGLE}<br> {TYPE_TOGGLE}</span></td> + <td class="row2"><table cellspacing="0" cellpadding="1" border="0"> + <!-- BEGIN html_checkbox --> + <tr> + <td><input type="checkbox" name="disable_html" {S_HTML_CHECKED} /></td> + <td><span class="gen">{L_DISABLE_HTML}</span></td> + </tr> + <!-- END html_checkbox --> + <!-- BEGIN bbcode_checkbox --> + <tr> + <td><input type="checkbox" name="disable_bbcode" {S_BBCODE_CHECKED} /></td> + <td><span class="gen">{L_DISABLE_BBCODE}</span></td> + </tr> + <!-- END bbcode_checkbox --> + <!-- BEGIN smilies_checkbox --> + <tr> + <td><input type="checkbox" name="disable_smilies" {S_SMILIES_CHECKED} /></td> + <td><span class="gen">{L_DISABLE_SMILIES}</span></td> + </tr> + <!-- END smilies_checkbox --> + <!-- BEGIN signature_checkbox --> + <tr> + <td><input type="checkbox" name="attach_sig" {S_SIGNATURE_CHECKED} /></td> + <td><span class="gen">{L_ATTACH_SIGNATURE}</span></td> + </tr> + <!-- END signature_checkbox --> + <!-- BEGIN notify_checkbox --> + <tr> + <td><input type="checkbox" name="notify" {S_NOTIFY_CHECKED} /></td> + <td><span class="gen">{L_NOTIFY_ON_REPLY}</span></td> + </tr> + <!-- END notify_checkbox --> + <!-- BEGIN delete_checkbox --> + <tr> + <td><input type="checkbox" name="delete" /></td> + <td><span class="gen">{L_DELETE_POST}</span></td> + </tr> + <!-- END delete_checkbox --> + <!-- BEGIN type_toggle --> + <tr> + <td></td> + <td><br /><span class="gen">{S_TYPE_TOGGLE}</span></td> + </tr> + <!-- END type_toggle --> + </table></td> </tr> <tr> <td class="cat" colspan="2" align="center">{S_HIDDEN_FORM_FIELDS}<input type="submit" name="preview" value="{L_PREVIEW}"> <input type="submit" name="submit" value="{L_SUBMIT}"> <input type="submit" name="cancel" value="{L_CANCEL}"></td> </tr> </table></td> - </form></tr> -</table> + </tr> +</table></form> -<table cellspacing="2" border="0" width="80%" align="center"> +<table width="80%" cellspacing="2" border="0" align="center"> <tr> <td valign="top"><span class="gensmall"><b>{S_TIMEZONE}</b></span></td> <td align="right" valign="top" nowrap>{JUMPBOX}</td> diff --git a/phpBB/templates/PSO/posting_preview.tpl b/phpBB/templates/PSO/posting_preview.tpl index a14deb24b4..7c4d64a108 100644 --- a/phpBB/templates/PSO/posting_preview.tpl +++ b/phpBB/templates/PSO/posting_preview.tpl @@ -1,32 +1,26 @@ -<table border="0" cellpadding="1" cellspacing="0" width="98%" align="center"> +<table width="80%" border="0" cellpadding="1" cellspacing="0" align="center"> <tr> <td class="tablebg"><table border="0" cellpadding="4" cellspacing="1" width="100%"> <tr> - <td class="cat" colspan="2"><table width="100%" cellspacing="0" cellpadding="0" border="0"> + <td class="cat"><table width="100%" cellspacing="0" cellpadding="0" border="0"> <tr> <td><span class="cattitle"><b>{L_PREVIEW}</b></span></td> </tr> </table></td> </tr> <tr> - <th width="20%"> {L_AUTHOR} </th> <th> {L_MESSAGE} </th> </tr> <tr bgcolor="{ROW_COLOR}"> - <td width="20%" align="left" valign="top"><table height="100%" cellspacing="0" cellpadding="0" border="0"> + <td height="100%"><table width="100%" height="100%" cellspacing="1" cellpadding="0" border="0"> <tr> - <td valign="top"><span class="gen"><b>{POSTER_NAME}</b></span><br><br></td> - </tr> - </table></td> - <td width="80%" height="100%"><table width="100%" height="100%" cellspacing="1" cellpadding="0" border="0"> - <tr> - <td><img src="images/icon_minipost.gif" alt="Post image icon"><span class="gensmall">{L_POSTED}: {POST_DATE} Post Subject: {POST_SUBJECT}</span><hr></td> + <td><img src="images/icon_minipost.gif" alt="Post image icon" /><span class="gensmall">{L_POSTED}: {POST_DATE} Post Subject: {POST_SUBJECT}</span><hr /></td> </tr> <tr> <td height="100%" valign="top"><span class="gen">{MESSAGE}</span></td> </tr> <tr> - <td><hr></td> + <td><hr /></td> </tr> </table></td> </tr> diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index 4e788a0d84..2b2a1a3194 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -480,7 +480,6 @@ for($i = 0; $i < $total_posts; $i++) $user_sig = htmlspecialchars($user_sig); } $message = htmlspecialchars($message); -// $message = str_replace('&', '&', $message); } if($board_config['allow_bbcode'] && $bbcode_uid != "") @@ -493,6 +492,20 @@ for($i = 0; $i < $total_posts; $i++) } $message = bbencode_second_pass($message, $bbcode_uid); + + // + // This compensates for bbcode's rather agressive (but I guess necessary) + // HTML handling + // + if(!$postrow[$i]['enable_html'] || ($postrow[$i]['enable_html'] && !$board_config['allow_html']) ) + { + $message = preg_replace("'&'", "&", $message); + } + } + else + { + // Removes UID from BBCode entries + $message = preg_replace("/\:[0-9a-z\:]+\]/si", "]", $message); } $message = make_clickable($message); |