diff options
Diffstat (limited to 'phpBB/posting.php')
| -rw-r--r-- | phpBB/posting.php | 91 |
1 files changed, 58 insertions, 33 deletions
diff --git a/phpBB/posting.php b/phpBB/posting.php index e7a21d2c79..cba967779f 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -29,11 +29,11 @@ $auth->acl($user->data); // Grab only parameters needed here -$post_id = request_var('p', 0); -$topic_id = request_var('t', 0); -$forum_id = request_var('f', 0); -$draft_id = request_var('d', 0); -$lastclick = request_var('lastclick', 0); +$post_id = $request->variable('p', 0); +$topic_id = $request->variable('t', 0); +$forum_id = $request->variable('f', 0); +$draft_id = $request->variable('d', 0); +$lastclick = $request->variable('lastclick', 0); $submit = (isset($_POST['post'])) ? true : false; $preview = (isset($_POST['preview'])) ? true : false; @@ -43,7 +43,7 @@ $confirm = $request->is_set_post('confirm'); $cancel = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false; $refresh = (isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['cancel_unglobalise']) || $save || $load || $preview); -$mode = request_var('mode', ''); +$mode = $request->variable('mode', ''); // If the user is not allowed to delete the post, we try to soft delete it, so we overwrite the mode here. if ($mode == 'delete' && (($confirm && !$request->is_set_post('delete_permanent')) || !$auth->acl_gets('f_delete', 'm_delete', $forum_id))) @@ -116,6 +116,7 @@ if (in_array($mode, array('post', 'reply', 'quote', 'edit', 'delete')) && !$foru trigger_error('NO_FORUM'); } +/* @var $phpbb_content_visibility \phpbb\content_visibility */ $phpbb_content_visibility = $phpbb_container->get('content.visibility'); // We need to know some basic information in all cases before we do anything. @@ -489,7 +490,7 @@ if ($mode == 'delete' || $mode == 'soft_delete') if ($mode == 'bump') { if ($bump_time = bump_topic_allowed($forum_id, $post_data['topic_bumped'], $post_data['topic_last_post_time'], $post_data['topic_poster'], $post_data['topic_last_poster_id']) - && check_link_hash(request_var('hash', ''), "topic_{$post_data['topic_id']}")) + && check_link_hash($request->variable('hash', ''), "topic_{$post_data['topic_id']}")) { $meta_url = phpbb_bump_topic($forum_id, $topic_id, $post_data, $current_time); meta_refresh(3, $meta_url); @@ -564,7 +565,10 @@ if ($mode == 'edit') $orig_poll_options_size = sizeof($post_data['poll_options']); $message_parser = new parse_message(); +/* @var $plupload \phpbb\plupload\plupload */ $plupload = $phpbb_container->get('plupload'); + +/* @var $mimetype_guesser \phpbb\mimetype\guesser */ $mimetype_guesser = $phpbb_container->get('mimetype.guesser'); $message_parser->set_plupload($plupload); $message_parser->set_mimetype_guesser($mimetype_guesser); @@ -675,9 +679,9 @@ $quote_status = true; // Save Draft if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote')) { - $subject = utf8_normalize_nfc(request_var('subject', '', true)); + $subject = $request->variable('subject', '', true); $subject = (!$subject && $mode != 'post') ? $post_data['topic_title'] : $subject; - $message = utf8_normalize_nfc(request_var('message', '', true)); + $message = $request->variable('message', '', true); if ($subject && $message) { @@ -747,11 +751,11 @@ if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ( if (is_bool($default)) { // Use the string representation - $hidden_fields[$name] = request_var($name, ''); + $hidden_fields[$name] = $request->variable($name, ''); } else { - $hidden_fields[$name] = request_var($name, $default); + $hidden_fields[$name] = $request->variable($name, $default); } } @@ -808,20 +812,20 @@ if ($load && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_ if ($submit || $preview || $refresh) { - $post_data['topic_cur_post_id'] = request_var('topic_cur_post_id', 0); - $post_data['post_subject'] = utf8_normalize_nfc(request_var('subject', '', true)); - $message_parser->message = utf8_normalize_nfc(request_var('message', '', true)); + $post_data['topic_cur_post_id'] = $request->variable('topic_cur_post_id', 0); + $post_data['post_subject'] = $request->variable('subject', '', true); + $message_parser->message = $request->variable('message', '', true); - $post_data['username'] = utf8_normalize_nfc(request_var('username', $post_data['username'], true)); - $post_data['post_edit_reason'] = ($request->variable('edit_reason', false, false, \phpbb\request\request_interface::POST) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? utf8_normalize_nfc(request_var('edit_reason', '', true)) : ''; + $post_data['username'] = $request->variable('username', $post_data['username'], true); + $post_data['post_edit_reason'] = ($request->variable('edit_reason', false, false, \phpbb\request\request_interface::POST) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? $request->variable('edit_reason', '', true) : ''; $post_data['orig_topic_type'] = $post_data['topic_type']; - $post_data['topic_type'] = request_var('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL)); - $post_data['topic_time_limit'] = request_var('topic_time_limit', (($mode != 'post') ? (int) $post_data['topic_time_limit'] : 0)); + $post_data['topic_type'] = $request->variable('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL)); + $post_data['topic_time_limit'] = $request->variable('topic_time_limit', (($mode != 'post') ? (int) $post_data['topic_time_limit'] : 0)); if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id)) { - $post_data['icon_id'] = request_var('icon', (int) $post_data['icon_id']); + $post_data['icon_id'] = $request->variable('icon', (int) $post_data['icon_id']); } $post_data['enable_bbcode'] = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true; @@ -886,10 +890,10 @@ if ($submit || $preview || $refresh) } else { - $post_data['poll_title'] = utf8_normalize_nfc(request_var('poll_title', '', true)); - $post_data['poll_length'] = request_var('poll_length', 0); - $post_data['poll_option_text'] = utf8_normalize_nfc(request_var('poll_option_text', '', true)); - $post_data['poll_max_options'] = request_var('poll_max_options', 1); + $post_data['poll_title'] = $request->variable('poll_title', '', true); + $post_data['poll_length'] = $request->variable('poll_length', 0); + $post_data['poll_option_text'] = $request->variable('poll_option_text', '', true); + $post_data['poll_max_options'] = $request->variable('poll_max_options', 1); $post_data['poll_vote_change'] = ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id) && isset($_POST['poll_vote_change'])) ? 1 : 0; } @@ -958,8 +962,8 @@ if ($submit || $preview || $refresh) // Notify and show user the changed post if ($mode == 'edit' && $post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW) { - $edit_post_message_checksum = request_var('edit_post_message_checksum', ''); - $edit_post_subject_checksum = request_var('edit_post_subject_checksum', ''); + $edit_post_message_checksum = $request->variable('edit_post_message_checksum', ''); + $edit_post_subject_checksum = $request->variable('edit_post_subject_checksum', ''); // $post_data['post_checksum'] is the checksum of the post submitted in the meantime // $message_md5 is the checksum of the post we're about to submit @@ -1073,9 +1077,9 @@ if ($submit || $preview || $refresh) if ($config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply'))) { $captcha_data = array( - 'message' => utf8_normalize_nfc(request_var('message', '', true)), - 'subject' => utf8_normalize_nfc(request_var('subject', '', true)), - 'username' => utf8_normalize_nfc(request_var('username', '', true)), + 'message' => $request->variable('message', '', true), + 'subject' => $request->variable('subject', '', true), + 'username' => $request->variable('username', '', true), ); $vc_response = $captcha->validate($captcha_data); if ($vc_response) @@ -1295,7 +1299,11 @@ if ($submit || $preview || $refresh) $user_lock = ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && $user->data['user_id'] == $post_data['topic_poster']) ? 'USER_' : ''; - add_log('mod', $forum_id, $topic_id, 'LOG_' . $user_lock . (($change_topic_status == ITEM_LOCKED) ? 'LOCK' : 'UNLOCK'), $post_data['topic_title']); + $phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_' . $user_lock . (($change_topic_status == ITEM_LOCKED) ? 'LOCK' : 'UNLOCK'), false, array( + 'forum_id' => $forum_id, + 'topic_id' => $topic_id, + $post_data['topic_title'] + )); } // Lock/Unlock Post Edit @@ -1573,15 +1581,30 @@ if (!sizeof($error) && $preview) } } +// Remove quotes that would become nested too deep before decoding the text +$generate_quote = ($mode == 'quote' && !$submit && !$preview && !$refresh); +if ($generate_quote && $config['max_quote_depth'] > 0 && preg_match('#^<[rt][ >]#', $message_parser->message)) +{ + $message_parser->message = $phpbb_container->get('text_formatter.utils')->remove_bbcode( + $message_parser->message, + 'quote', + $config['max_quote_depth'] - 1 + ); +} + // Decode text for message display $post_data['bbcode_uid'] = ($mode == 'quote' && !$preview && !$refresh && !sizeof($error)) ? $post_data['bbcode_uid'] : $message_parser->bbcode_uid; $message_parser->decode_message($post_data['bbcode_uid']); -if ($mode == 'quote' && !$submit && !$preview && !$refresh) +if ($generate_quote) { if ($config['allow_bbcode']) { - $message_parser->message = '[quote="' . $post_data['quote_username'] . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n"; + $message_parser->message = $phpbb_container->get('text_formatter.utils')->generate_quote( + censor_text(trim($message_parser->message)), + array('author' => $post_data['quote_username']) + ); + $message_parser->message .= "\n"; } else { @@ -1703,7 +1726,7 @@ if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($c $s_hidden_fields = ($mode == 'reply' || $mode == 'quote') ? '<input type="hidden" name="topic_cur_post_id" value="' . $post_data['topic_last_post_id'] . '" />' : ''; $s_hidden_fields .= '<input type="hidden" name="lastclick" value="' . $current_time . '" />'; -$s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . request_var('draft_loaded', $draft_id) . '" />' : ''; +$s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . $request->variable('draft_loaded', $draft_id) . '" />' : ''; if ($mode == 'edit') { @@ -1722,6 +1745,8 @@ if (isset($captcha) && $captcha->is_solved() !== false) $form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !$config['allow_attachments'] || !$auth->acl_get('u_attach') || !$auth->acl_get('f_attach', $forum_id)) ? '' : ' enctype="multipart/form-data"'; add_form_key('posting'); +/** @var \phpbb\controller\helper $controller_helper */ +$controller_helper = $phpbb_container->get('controller.helper'); // Build array of variables for main posting page $page_data = array( @@ -1736,7 +1761,7 @@ $page_data = array( 'USERNAME' => ((!$preview && $mode != 'quote') || $preview) ? $post_data['username'] : '', 'SUBJECT' => $post_data['post_subject'], 'MESSAGE' => $post_data['post_text'], - 'BBCODE_STATUS' => ($bbcode_status) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'), + 'BBCODE_STATUS' => $user->lang(($bbcode_status ? 'BBCODE_IS_ON' : 'BBCODE_IS_OFF'), '<a href="' . $controller_helper->route('phpbb_help_bbcode_controller') . '">', '</a>'), 'IMG_STATUS' => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'], 'FLASH_STATUS' => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'], 'SMILIES_STATUS' => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], |