From b5544b2f471ce4c93b08d19919ab062725545ce8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gae=CC=88tan=20Muller?= Date: Sat, 3 Jan 2015 11:39:29 +0100 Subject: [ticket/13450] Type-hint return value of $phpbb_container->get() PHPBB3-13450 --- phpBB/posting.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 10c3b696e6..b6af63038a 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -116,6 +116,7 @@ if (in_array($mode, array('post', 'reply', 'quote', 'edit', 'delete')) && !$foru trigger_error('NO_FORUM'); } +/* @var $phpbb_content_visibility \phpbb\content_visibility */ $phpbb_content_visibility = $phpbb_container->get('content.visibility'); // We need to know some basic information in all cases before we do anything. @@ -561,7 +562,10 @@ if ($mode == 'edit') $orig_poll_options_size = sizeof($post_data['poll_options']); $message_parser = new parse_message(); +/* @var $plupload \phpbb\plupload\plupload */ $plupload = $phpbb_container->get('plupload'); + +/* @var $mimetype_guesser \phpbb\mimetype\guesser */ $mimetype_guesser = $phpbb_container->get('mimetype.guesser'); $message_parser->set_plupload($plupload); $message_parser->set_mimetype_guesser($mimetype_guesser); -- cgit v1.2.1 From 7fc586080bf5e7b6e90dcf44526200d7c9356d57 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gae=CC=88tan=20Muller?= Date: Mon, 5 Jan 2015 22:21:31 +0100 Subject: [ticket/13468] Update calls to `add_log()` PHPBB3-13468 --- phpBB/posting.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 0f2ea303ea..8b90b3b04a 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1293,7 +1293,11 @@ if ($submit || $preview || $refresh) $user_lock = ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && $user->data['user_id'] == $post_data['topic_poster']) ? 'USER_' : ''; - add_log('mod', $forum_id, $topic_id, 'LOG_' . $user_lock . (($change_topic_status == ITEM_LOCKED) ? 'LOCK' : 'UNLOCK'), $post_data['topic_title']); + $phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_' . $user_lock . (($change_topic_status == ITEM_LOCKED) ? 'LOCK' : 'UNLOCK'), false, array( + 'forum_id' => $forum_id, + 'topic_id' => $topic_id, + $post_data['topic_title'] + )); } // Lock/Unlock Post Edit -- cgit v1.2.1 From f6e06da4c68917dafb057bf7fe19f884a3e148c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gae=CC=88tan=20Muller?= Date: Sun, 4 Jan 2015 20:41:04 +0100 Subject: [ticket/13455] Update calls to `request_var()` PHPBB3-13455 --- phpBB/posting.php | 58 +++++++++++++++++++++++++++---------------------------- 1 file changed, 29 insertions(+), 29 deletions(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 8b90b3b04a..a82bd37641 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -29,11 +29,11 @@ $auth->acl($user->data); // Grab only parameters needed here -$post_id = request_var('p', 0); -$topic_id = request_var('t', 0); -$forum_id = request_var('f', 0); -$draft_id = request_var('d', 0); -$lastclick = request_var('lastclick', 0); +$post_id = $request->variable('p', 0); +$topic_id = $request->variable('t', 0); +$forum_id = $request->variable('f', 0); +$draft_id = $request->variable('d', 0); +$lastclick = $request->variable('lastclick', 0); $submit = (isset($_POST['post'])) ? true : false; $preview = (isset($_POST['preview'])) ? true : false; @@ -43,7 +43,7 @@ $confirm = $request->is_set_post('confirm'); $cancel = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false; $refresh = (isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['cancel_unglobalise']) || $save || $load || $preview); -$mode = request_var('mode', ''); +$mode = $request->variable('mode', ''); // If the user is not allowed to delete the post, we try to soft delete it, so we overwrite the mode here. if ($mode == 'delete' && (($confirm && !$request->is_set_post('delete_permanent')) || !$auth->acl_gets('f_delete', 'm_delete', $forum_id))) @@ -487,7 +487,7 @@ if ($mode == 'delete' || $mode == 'soft_delete') if ($mode == 'bump') { if ($bump_time = bump_topic_allowed($forum_id, $post_data['topic_bumped'], $post_data['topic_last_post_time'], $post_data['topic_poster'], $post_data['topic_last_poster_id']) - && check_link_hash(request_var('hash', ''), "topic_{$post_data['topic_id']}")) + && check_link_hash($request->variable('hash', ''), "topic_{$post_data['topic_id']}")) { $meta_url = phpbb_bump_topic($forum_id, $topic_id, $post_data, $current_time); meta_refresh(3, $meta_url); @@ -676,9 +676,9 @@ $quote_status = true; // Save Draft if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote')) { - $subject = utf8_normalize_nfc(request_var('subject', '', true)); + $subject = utf8_normalize_nfc($request->variable('subject', '', true)); $subject = (!$subject && $mode != 'post') ? $post_data['topic_title'] : $subject; - $message = utf8_normalize_nfc(request_var('message', '', true)); + $message = utf8_normalize_nfc($request->variable('message', '', true)); if ($subject && $message) { @@ -748,11 +748,11 @@ if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ( if (is_bool($default)) { // Use the string representation - $hidden_fields[$name] = request_var($name, ''); + $hidden_fields[$name] = $request->variable($name, ''); } else { - $hidden_fields[$name] = request_var($name, $default); + $hidden_fields[$name] = $request->variable($name, $default); } } @@ -809,20 +809,20 @@ if ($load && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_ if ($submit || $preview || $refresh) { - $post_data['topic_cur_post_id'] = request_var('topic_cur_post_id', 0); - $post_data['post_subject'] = utf8_normalize_nfc(request_var('subject', '', true)); - $message_parser->message = utf8_normalize_nfc(request_var('message', '', true)); + $post_data['topic_cur_post_id'] = $request->variable('topic_cur_post_id', 0); + $post_data['post_subject'] = utf8_normalize_nfc($request->variable('subject', '', true)); + $message_parser->message = utf8_normalize_nfc($request->variable('message', '', true)); - $post_data['username'] = utf8_normalize_nfc(request_var('username', $post_data['username'], true)); - $post_data['post_edit_reason'] = ($request->variable('edit_reason', false, false, \phpbb\request\request_interface::POST) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? utf8_normalize_nfc(request_var('edit_reason', '', true)) : ''; + $post_data['username'] = utf8_normalize_nfc($request->variable('username', $post_data['username'], true)); + $post_data['post_edit_reason'] = ($request->variable('edit_reason', false, false, \phpbb\request\request_interface::POST) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? utf8_normalize_nfc($request->variable('edit_reason', '', true)) : ''; $post_data['orig_topic_type'] = $post_data['topic_type']; - $post_data['topic_type'] = request_var('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL)); - $post_data['topic_time_limit'] = request_var('topic_time_limit', (($mode != 'post') ? (int) $post_data['topic_time_limit'] : 0)); + $post_data['topic_type'] = $request->variable('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL)); + $post_data['topic_time_limit'] = $request->variable('topic_time_limit', (($mode != 'post') ? (int) $post_data['topic_time_limit'] : 0)); if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id)) { - $post_data['icon_id'] = request_var('icon', (int) $post_data['icon_id']); + $post_data['icon_id'] = $request->variable('icon', (int) $post_data['icon_id']); } $post_data['enable_bbcode'] = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true; @@ -887,10 +887,10 @@ if ($submit || $preview || $refresh) } else { - $post_data['poll_title'] = utf8_normalize_nfc(request_var('poll_title', '', true)); - $post_data['poll_length'] = request_var('poll_length', 0); - $post_data['poll_option_text'] = utf8_normalize_nfc(request_var('poll_option_text', '', true)); - $post_data['poll_max_options'] = request_var('poll_max_options', 1); + $post_data['poll_title'] = utf8_normalize_nfc($request->variable('poll_title', '', true)); + $post_data['poll_length'] = $request->variable('poll_length', 0); + $post_data['poll_option_text'] = utf8_normalize_nfc($request->variable('poll_option_text', '', true)); + $post_data['poll_max_options'] = $request->variable('poll_max_options', 1); $post_data['poll_vote_change'] = ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id) && isset($_POST['poll_vote_change'])) ? 1 : 0; } @@ -959,8 +959,8 @@ if ($submit || $preview || $refresh) // Notify and show user the changed post if ($mode == 'edit' && $post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW) { - $edit_post_message_checksum = request_var('edit_post_message_checksum', ''); - $edit_post_subject_checksum = request_var('edit_post_subject_checksum', ''); + $edit_post_message_checksum = $request->variable('edit_post_message_checksum', ''); + $edit_post_subject_checksum = $request->variable('edit_post_subject_checksum', ''); // $post_data['post_checksum'] is the checksum of the post submitted in the meantime // $message_md5 is the checksum of the post we're about to submit @@ -1074,9 +1074,9 @@ if ($submit || $preview || $refresh) if ($config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply'))) { $captcha_data = array( - 'message' => utf8_normalize_nfc(request_var('message', '', true)), - 'subject' => utf8_normalize_nfc(request_var('subject', '', true)), - 'username' => utf8_normalize_nfc(request_var('username', '', true)), + 'message' => utf8_normalize_nfc($request->variable('message', '', true)), + 'subject' => utf8_normalize_nfc($request->variable('subject', '', true)), + 'username' => utf8_normalize_nfc($request->variable('username', '', true)), ); $vc_response = $captcha->validate($captcha_data); if ($vc_response) @@ -1701,7 +1701,7 @@ if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($c $s_hidden_fields = ($mode == 'reply' || $mode == 'quote') ? '' : ''; $s_hidden_fields .= ''; -$s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '' : ''; +$s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '' : ''; if ($mode == 'edit') { -- cgit v1.2.1 From abcb2680eec86dc8016c489ebc7362e29be9e4df Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gae=CC=88tan=20Muller?= Date: Mon, 2 Feb 2015 21:35:46 +0100 Subject: [ticket/13455] Remove unnecessary calls to `utf8_normalize_nfc()` PHPBB3-13455 --- phpBB/posting.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index a82bd37641..ecd9e9f6c0 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -676,9 +676,9 @@ $quote_status = true; // Save Draft if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote')) { - $subject = utf8_normalize_nfc($request->variable('subject', '', true)); + $subject = $request->variable('subject', '', true); $subject = (!$subject && $mode != 'post') ? $post_data['topic_title'] : $subject; - $message = utf8_normalize_nfc($request->variable('message', '', true)); + $message = $request->variable('message', '', true); if ($subject && $message) { @@ -810,11 +810,11 @@ if ($load && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_ if ($submit || $preview || $refresh) { $post_data['topic_cur_post_id'] = $request->variable('topic_cur_post_id', 0); - $post_data['post_subject'] = utf8_normalize_nfc($request->variable('subject', '', true)); - $message_parser->message = utf8_normalize_nfc($request->variable('message', '', true)); + $post_data['post_subject'] = $request->variable('subject', '', true); + $message_parser->message = $request->variable('message', '', true); - $post_data['username'] = utf8_normalize_nfc($request->variable('username', $post_data['username'], true)); - $post_data['post_edit_reason'] = ($request->variable('edit_reason', false, false, \phpbb\request\request_interface::POST) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? utf8_normalize_nfc($request->variable('edit_reason', '', true)) : ''; + $post_data['username'] = $request->variable('username', $post_data['username'], true); + $post_data['post_edit_reason'] = ($request->variable('edit_reason', false, false, \phpbb\request\request_interface::POST) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? $request->variable('edit_reason', '', true) : ''; $post_data['orig_topic_type'] = $post_data['topic_type']; $post_data['topic_type'] = $request->variable('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL)); @@ -887,9 +887,9 @@ if ($submit || $preview || $refresh) } else { - $post_data['poll_title'] = utf8_normalize_nfc($request->variable('poll_title', '', true)); + $post_data['poll_title'] = $request->variable('poll_title', '', true); $post_data['poll_length'] = $request->variable('poll_length', 0); - $post_data['poll_option_text'] = utf8_normalize_nfc($request->variable('poll_option_text', '', true)); + $post_data['poll_option_text'] = $request->variable('poll_option_text', '', true); $post_data['poll_max_options'] = $request->variable('poll_max_options', 1); $post_data['poll_vote_change'] = ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id) && isset($_POST['poll_vote_change'])) ? 1 : 0; } @@ -1074,9 +1074,9 @@ if ($submit || $preview || $refresh) if ($config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply'))) { $captcha_data = array( - 'message' => utf8_normalize_nfc($request->variable('message', '', true)), - 'subject' => utf8_normalize_nfc($request->variable('subject', '', true)), - 'username' => utf8_normalize_nfc($request->variable('username', '', true)), + 'message' => $request->variable('message', '', true), + 'subject' => $request->variable('subject', '', true), + 'username' => $request->variable('username', '', true), ); $vc_response = $captcha->validate($captcha_data); if ($vc_response) -- cgit v1.2.1 From 19a236205f6e0892be4301b422f5da7479e12941 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Sun, 22 Feb 2015 22:44:50 +0100 Subject: [ticket/13647] Generate route links for faq PHPBB3-13647 --- phpBB/posting.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index ecd9e9f6c0..9768dc6ea7 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1720,6 +1720,8 @@ if (isset($captcha) && $captcha->is_solved() !== false) $form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !$config['allow_attachments'] || !$auth->acl_get('u_attach') || !$auth->acl_get('f_attach', $forum_id)) ? '' : ' enctype="multipart/form-data"'; add_form_key('posting'); +/** @var \phpbb\controller\helper $controller_helper */ +$controller_helper = $phpbb_container->get('controller.helper'); // Build array of variables for main posting page $page_data = array( @@ -1734,7 +1736,7 @@ $page_data = array( 'USERNAME' => ((!$preview && $mode != 'quote') || $preview) ? $post_data['username'] : '', 'SUBJECT' => $post_data['post_subject'], 'MESSAGE' => $post_data['post_text'], - 'BBCODE_STATUS' => ($bbcode_status) ? sprintf($user->lang['BBCODE_IS_ON'], '', '') : sprintf($user->lang['BBCODE_IS_OFF'], '', ''), + 'BBCODE_STATUS' => $user->lang(($bbcode_status ? 'BBCODE_IS_ON' : 'BBCODE_IS_OFF'), '', ''), 'IMG_STATUS' => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'], 'FLASH_STATUS' => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'], 'SMILIES_STATUS' => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], -- cgit v1.2.1 From 07231e7943e9ffdba08393be56510e682ab7a7e5 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Sat, 16 May 2015 22:06:37 +0200 Subject: [ticket/13844] FAQ in new controller format PHPBB3-13844 --- phpBB/posting.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 2d01922c80..fd09f5e464 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1743,7 +1743,7 @@ $page_data = array( 'USERNAME' => ((!$preview && $mode != 'quote') || $preview) ? $post_data['username'] : '', 'SUBJECT' => $post_data['post_subject'], 'MESSAGE' => $post_data['post_text'], - 'BBCODE_STATUS' => $user->lang(($bbcode_status ? 'BBCODE_IS_ON' : 'BBCODE_IS_OFF'), '', ''), + 'BBCODE_STATUS' => $user->lang(($bbcode_status ? 'BBCODE_IS_ON' : 'BBCODE_IS_OFF'), '', ''), 'IMG_STATUS' => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'], 'FLASH_STATUS' => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'], 'SMILIES_STATUS' => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], -- cgit v1.2.1 From c1777f481101c0a311939f83f2afd38a0c09e394 Mon Sep 17 00:00:00 2001 From: JoshyPHP Date: Mon, 18 May 2015 03:57:48 +0200 Subject: [ticket/11530] Remove extra quotes when depth limit is exceeded PHPBB3-11530 --- phpBB/posting.php | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 2d01922c80..a4fb4d7a8d 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1578,11 +1578,22 @@ if (!sizeof($error) && $preview) } } +// Remove quotes that would become nested too deep before decoding the text +$generate_quote = ($mode == 'quote' && !$submit && !$preview && !$refresh); +if ($generate_quote && $config['max_quote_depth'] > 0 && preg_match('#^<[rt][ >]#', $message_parser->message)) +{ + $message_parser->message = $phpbb_container->get('text_formatter.utils')->remove_bbcode( + $message_parser->message, + 'quote', + $config['max_quote_depth'] - 1 + ); +} + // Decode text for message display $post_data['bbcode_uid'] = ($mode == 'quote' && !$preview && !$refresh && !sizeof($error)) ? $post_data['bbcode_uid'] : $message_parser->bbcode_uid; $message_parser->decode_message($post_data['bbcode_uid']); -if ($mode == 'quote' && !$submit && !$preview && !$refresh) +if ($generate_quote) { if ($config['allow_bbcode']) { -- cgit v1.2.1 From 8a077e0e943d87ee1d26b0501f0b9bcc472ab904 Mon Sep 17 00:00:00 2001 From: JoshyPHP Date: Sun, 17 May 2015 20:15:06 +0200 Subject: [ticket/13847] Move quote generation to text_formatter.utils PHPBB3-13847 --- phpBB/posting.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index a4fb4d7a8d..4d52da2567 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1597,7 +1597,11 @@ if ($generate_quote) { if ($config['allow_bbcode']) { - $message_parser->message = '[quote="' . $post_data['quote_username'] . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n"; + $message_parser->message = $phpbb_container->get('text_formatter.utils')->generate_quote( + censor_text(trim($message_parser->message)), + array('author' => $post_data['quote_username']) + ); + $message_parser->message .= "\n"; } else { -- cgit v1.2.1 From 2f0d11ba3c28f27e535988de2a8d08f7b17aef92 Mon Sep 17 00:00:00 2001 From: JoshyPHP Date: Sat, 30 May 2015 22:17:14 +0200 Subject: [ticket/13901] Add more whitespace to long quotes for readability PHPBB3-13901 --- phpBB/posting.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 1c7b756fc2..4f4c6cd373 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1598,10 +1598,10 @@ if ($generate_quote) if ($config['allow_bbcode']) { $message_parser->message = $phpbb_container->get('text_formatter.utils')->generate_quote( - censor_text(trim($message_parser->message)), + censor_text($message_parser->message), array('author' => $post_data['quote_username']) ); - $message_parser->message .= "\n"; + $message_parser->message .= "\n\n"; } else { -- cgit v1.2.1 From eb227977d27839bb0e2f1826084e00b667659e25 Mon Sep 17 00:00:00 2001 From: JoshyPHP Date: Mon, 1 Jun 2015 02:24:48 +0200 Subject: [ticket/13906] Fixed old signatures in post preview PHPBB3-13906 --- phpBB/posting.php | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 1c7b756fc2..5b0e3d1da6 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1487,14 +1487,11 @@ if (!sizeof($error) && $preview) // Signature if ($post_data['enable_sig'] && $config['allow_sig'] && $preview_signature && $auth->acl_get('f_sigs', $forum_id)) { - $parse_sig = new parse_message($preview_signature); - $parse_sig->bbcode_uid = $preview_signature_uid; - $parse_sig->bbcode_bitfield = $preview_signature_bitfield; - - // Not sure about parameters for bbcode/smilies/urls... in signatures - $parse_sig->format_display($config['allow_sig_bbcode'], $config['allow_sig_links'], $config['allow_sig_smilies']); - $preview_signature = $parse_sig->message; - unset($parse_sig); + $flags = ($config['allow_sig_bbcode']) ? OPTION_FLAG_BBCODE : 0; + $flags |= ($config['allow_sig_links']) ? OPTION_FLAG_LINKS : 0; + $flags |= ($config['allow_sig_smilies']) ? OPTION_FLAG_SMILIES : 0; + + $preview_signature = generate_text_for_display($preview_signature, $preview_signature_uid, $preview_signature_bitfield, $flags, false); } else { -- cgit v1.2.1 From f02cc27014c27acaf44b27066959426db27b3493 Mon Sep 17 00:00:00 2001 From: JoshyPHP Date: Tue, 16 Jun 2015 08:16:56 +0200 Subject: [ticket/10620] Implemented quote improvements PHPBB3-10620 --- phpBB/posting.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 2f9beefcf9..327004b1bf 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1605,7 +1605,12 @@ if ($generate_quote) { $message_parser->message = $phpbb_container->get('text_formatter.utils')->generate_quote( censor_text($message_parser->message), - array('author' => $post_data['quote_username']) + array( + 'author' => $post_data['quote_username'], + 'post_id' => $post_data['post_id'], + 'time' => $post_data['post_time'], + 'user_id' => $post_data['poster_id'], + ) ); $message_parser->message .= "\n\n"; } -- cgit v1.2.1 From 7d31232846e29311e5b76bf32f41f64da7985a79 Mon Sep 17 00:00:00 2001 From: Oliver Schramm Date: Wed, 16 Jul 2014 18:31:12 +0200 Subject: [ticket/8708] Apply permission 'f_announce_global' PHPBB3-8708 --- phpBB/posting.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 7f89bdbadf..52cd1093c0 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1202,6 +1202,9 @@ if ($submit || $preview || $refresh) switch ($post_data['topic_type']) { case POST_GLOBAL: + $auth_option = 'f_announce_global'; + break; + case POST_ANNOUNCE: $auth_option = 'f_announce'; break; -- cgit v1.2.1 From 16d5208d9aec0678b3295b0e14042991094197ba Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Sun, 20 Sep 2015 12:36:52 +0200 Subject: [ticket/14168] Use attachment upload class in message_parser PHPBB3-14168 --- phpBB/posting.php | 1 - 1 file changed, 1 deletion(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 47fdb2d378..05a078ea39 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -571,7 +571,6 @@ $plupload = $phpbb_container->get('plupload'); /* @var $mimetype_guesser \phpbb\mimetype\guesser */ $mimetype_guesser = $phpbb_container->get('mimetype.guesser'); $message_parser->set_plupload($plupload); -$message_parser->set_mimetype_guesser($mimetype_guesser); if (isset($post_data['post_text'])) { -- cgit v1.2.1 From 75e5e2471e7b6b9e1d605f0c3cce5f1fbd373ac0 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Mon, 12 Oct 2015 21:56:09 +0200 Subject: [ticket/14234] Get rid of undefined variables PHPBB3-14234 --- phpBB/posting.php | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 47fdb2d378..a8e4e4015e 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1256,7 +1256,6 @@ if ($submit || $preview || $refresh) * @var array poll Array with poll data from post (must be used instead of the post_data equivalent) * @var string mode What action to take if the form is submitted * post|reply|quote|edit|delete|bump|smilies|popup - * @var string page_title Title of the mode page * @var int post_id ID of the post * @var int topic_id ID of the topic * @var int forum_id ID of the forum @@ -1265,12 +1264,12 @@ if ($submit || $preview || $refresh) * NOTE: Should be actual language strings, NOT language keys. * @since 3.1.0-RC5 * @change 3.1.5-RC1 Added poll array to the event + * @change 3.2.0-a1 Removed undefined page_title */ $vars = array( 'post_data', 'poll', 'mode', - 'page_title', 'post_id', 'topic_id', 'forum_id', @@ -1383,7 +1382,6 @@ if ($submit || $preview || $refresh) * @var array data Array with post data going to be stored in the database * @var string mode What action to take if the form is submitted * post|reply|quote|edit|delete - * @var string page_title Title of the mode page * @var int post_id ID of the post * @var int topic_id ID of the topic * @var int forum_id ID of the forum @@ -1393,13 +1391,13 @@ if ($submit || $preview || $refresh) * NOTE: Should be actual language strings, NOT language keys. * @since 3.1.0-RC5 * @changed 3.1.6-RC1 remove submit and error from event Submit and Error are checked previously prior to running event + * @change 3.2.0-a1 Removed undefined page_title */ $vars = array( 'post_data', 'poll', 'data', 'mode', - 'page_title', 'post_id', 'topic_id', 'forum_id', @@ -1421,7 +1419,6 @@ if ($submit || $preview || $refresh) * @var array data Array with post data going to be stored in the database * @var string mode What action to take if the form is submitted * post|reply|quote|edit|delete - * @var string page_title Title of the mode page * @var int post_id ID of the post * @var int topic_id ID of the topic * @var int forum_id ID of the forum @@ -1432,13 +1429,13 @@ if ($submit || $preview || $refresh) * NOTE: Should be actual language strings, NOT language keys. * @since 3.1.0-RC5 * @changed 3.1.6-RC1 remove submit and error from event Submit and Error are checked previously prior to running event + * @change 3.2.0-a1 Removed undefined page_title */ $vars = array( 'post_data', 'poll', 'data', 'mode', - 'page_title', 'post_id', 'topic_id', 'forum_id', -- cgit v1.2.1 From b0bedce6621bdf0febdac5e267091fe7ebd88dab Mon Sep 17 00:00:00 2001 From: Richard McGirr Date: Thu, 10 Mar 2016 06:48:36 -0500 Subject: [ticket/13972] Remove hard coded flood check from posting PHPBB3-13972 --- phpBB/posting.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 6cfb877f75..692f3c8092 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -104,7 +104,7 @@ $vars = array( extract($phpbb_dispatcher->trigger_event('core.modify_posting_parameters', compact($vars))); // Was cancel pressed? If so then redirect to the appropriate page -if ($cancel || ($current_time - $lastclick < 2 && $submit)) +if ($cancel) { $f = ($forum_id) ? 'f=' . $forum_id . '&' : ''; $redirect = ($post_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 't=' . $topic_id) : (($forum_id) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}index.$phpEx"))); -- cgit v1.2.1 From f82299b8e445cccfc8bad8cbe6505f3fb50d0f8f Mon Sep 17 00:00:00 2001 From: Tristan Darricau Date: Fri, 6 Jan 2017 19:52:17 +0100 Subject: [ticket/14962] Introduces a new helper to check emptyness of bbcode texts PHPBB3-14962 --- phpBB/posting.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index b0aef2482a..aa10059796 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -816,6 +816,7 @@ if ($load && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_ load_drafts($topic_id, $forum_id); } +$bbcode_utils = $phpbb_container->get('text_formatter.utils'); if ($submit || $preview || $refresh) { @@ -1178,7 +1179,7 @@ if ($submit || $preview || $refresh) $post_data['poll_title'] = ''; $post_data['poll_start'] = $post_data['poll_length'] = $post_data['poll_max_options'] = $post_data['poll_last_vote'] = $post_data['poll_vote_change'] = 0; } - else if (!$auth->acl_get('f_poll', $forum_id) && ($mode == 'edit') && ($post_id == $post_data['topic_first_post_id']) && ($original_poll_data['poll_title'] != '')) + else if (!$auth->acl_get('f_poll', $forum_id) && ($mode == 'edit') && ($post_id == $post_data['topic_first_post_id']) && !$bbcode_utils->is_empty($original_poll_data['poll_title'])) { // We have a poll but the editing user is not permitted to create/edit it. // So we just keep the original poll-data. @@ -1601,7 +1602,7 @@ if ($generate_quote) if ($config['allow_bbcode']) { - $message_parser->message = $phpbb_container->get('text_formatter.utils')->generate_quote( + $message_parser->message = $bbcode_utils->generate_quote( censor_text($message_parser->message), array( 'author' => $post_data['quote_username'], @@ -1639,7 +1640,7 @@ $attachment_data = $message_parser->attachment_data; $filename_data = $message_parser->filename_data; $post_data['post_text'] = $message_parser->message; -if (sizeof($post_data['poll_options']) || !empty($post_data['poll_title'])) +if (sizeof($post_data['poll_options']) || (isset($post_data['poll_title']) && !$bbcode_utils->is_empty($post_data['poll_title']))) { $message_parser->message = $post_data['poll_title']; $message_parser->bbcode_uid = $post_data['bbcode_uid']; -- cgit v1.2.1 From b0abf6df883487ffbd12d5410cd03a23fc6bd66c Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Fri, 10 Feb 2017 23:29:11 +0100 Subject: [ticket/15079] Parse message before inserting it into drafts table PHPBB3-15079 --- phpBB/posting.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index aa10059796..0920f63888 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -694,13 +694,16 @@ if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ( { if (confirm_box(true)) { + $message_parser->message = $message; + $message_parser->parse($post_data['enable_bbcode'], ($config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']); + $sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array( 'user_id' => (int) $user->data['user_id'], 'topic_id' => (int) $topic_id, 'forum_id' => (int) $forum_id, 'save_time' => (int) $current_time, 'draft_subject' => (string) $subject, - 'draft_message' => (string) $message) + 'draft_message' => (string) $message_parser->message) ); $db->sql_query($sql); -- cgit v1.2.1 From 14cea02412c7b4f318c795a9dec4e7becba22a8b Mon Sep 17 00:00:00 2001 From: rxu Date: Wed, 21 Jun 2017 22:22:47 +0700 Subject: [ticket/15252] Fix editing a topic with poll by user not permitted to edit poll Basically, decoding the original poll title and options text was missing. PHPBB3-15252 --- phpBB/posting.php | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 0b6b9c5969..df2ef0d13c 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1192,6 +1192,11 @@ if ($submit || $preview || $refresh) { // We have a poll but the editing user is not permitted to create/edit it. // So we just keep the original poll-data. + // Decode the poll title and options text fisrt. + $original_poll_data['poll_title'] = $bbcode_utils->unparse($original_poll_data['poll_title']); + $original_poll_data['poll_option_text'] = $bbcode_utils->unparse($original_poll_data['poll_option_text']); + $original_poll_data['poll_options'] = explode("\n", $original_poll_data['poll_option_text']); + $poll = array_merge($original_poll_data, array( 'enable_bbcode' => $post_data['enable_bbcode'], 'enable_urls' => $post_data['enable_urls'], -- cgit v1.2.1 From 68c3a0307de19fdefd7ae716247fffea3ee30c0c Mon Sep 17 00:00:00 2001 From: rxu Date: Wed, 16 Aug 2017 21:57:11 +0700 Subject: [ticket/15324] Add more core and template events PHPBB3-15324 --- phpBB/posting.php | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 5dc59fea6d..02bf1c1d07 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -547,6 +547,27 @@ if ($post_data['poll_start']) $db->sql_freeresult($result); } +/** +* This event allows you to modify the post data before parsing +* +* @event core.posting_modify_post_data +* @var int forum_id ID of the forum +* @var string mode What action to take if the form has been submitted +* post|reply|quote|edit|delete|bump|smilies|popup +* @var array post_data Array with post data +* @var int post_id ID of the post +* @var int topic_id ID of the topic +* @since 3.2.2-RC1 +*/ +$vars = array( + 'forum_id', + 'mode', + 'post_data', + 'post_id', + 'topic_id', +); +extract($phpbb_dispatcher->trigger_event('core.posting_modify_post_data', compact($vars))); + if ($mode == 'edit') { $original_poll_data = array( -- cgit v1.2.1 From f8fbe3793680af1dae2db2829cfc84068831c52f Mon Sep 17 00:00:00 2001 From: rxu Date: Wed, 28 Jun 2017 00:58:03 +0700 Subject: [ticket/14972] replace all occurrences of sizeof() with the count() PHPBB3-14972 --- phpBB/posting.php | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 02bf1c1d07..3530bb5048 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -581,7 +581,7 @@ if ($mode == 'edit') ); } -$orig_poll_options_size = sizeof($post_data['poll_options']); +$orig_poll_options_size = count($post_data['poll_options']); $message_parser = new parse_message(); /* @var $plupload \phpbb\plupload\plupload */ @@ -884,7 +884,7 @@ if ($submit || $preview || $refresh) } // Delete Poll - if ($poll_delete && $mode == 'edit' && sizeof($post_data['poll_options']) && + if ($poll_delete && $mode == 'edit' && count($post_data['poll_options']) && ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))) { if ($submit && check_form_key('posting')) @@ -1034,7 +1034,7 @@ if ($submit || $preview || $refresh) // Parse message if ($update_message) { - if (sizeof($message_parser->warn_msg)) + if (count($message_parser->warn_msg)) { $error[] = implode('
', $message_parser->warn_msg); $message_parser->warn_msg = array(); @@ -1046,7 +1046,7 @@ if ($submit || $preview || $refresh) } // On a refresh we do not care about message parsing errors - if (sizeof($message_parser->warn_msg) && $refresh && !$preview) + if (count($message_parser->warn_msg) && $refresh && !$preview) { $message_parser->warn_msg = array(); } @@ -1268,7 +1268,7 @@ if ($submit || $preview || $refresh) } } - if (sizeof($message_parser->warn_msg)) + if (count($message_parser->warn_msg)) { $error[] = implode('
', $message_parser->warn_msg); } @@ -1313,7 +1313,7 @@ if ($submit || $preview || $refresh) extract($phpbb_dispatcher->trigger_event('core.posting_modify_submission_errors', compact($vars))); // Store message, sync counters - if (!sizeof($error) && $submit) + if (!count($error) && $submit) { if ($submit) { @@ -1510,7 +1510,7 @@ if ($submit || $preview || $refresh) } // Preview -if (!sizeof($error) && $preview) +if (!count($error) && $preview) { $post_data['post_time'] = ($mode == 'edit') ? $post_data['post_time'] : $current_time; @@ -1552,7 +1552,7 @@ if (!sizeof($error) && $preview) } $template->assign_vars(array( - 'S_HAS_POLL_OPTIONS' => (sizeof($post_data['poll_options'])), + 'S_HAS_POLL_OPTIONS' => (count($post_data['poll_options'])), 'S_IS_MULTI_CHOICE' => ($post_data['poll_max_options'] > 1) ? true : false, 'POLL_QUESTION' => $parse_poll->message, @@ -1581,7 +1581,7 @@ if (!sizeof($error) && $preview) } // Attachment Preview - if (sizeof($message_parser->attachment_data)) + if (count($message_parser->attachment_data)) { $template->assign_var('S_HAS_ATTACHMENTS', true); @@ -1599,7 +1599,7 @@ if (!sizeof($error) && $preview) unset($attachment_data); } - if (!sizeof($error)) + if (!count($error)) { $template->assign_vars(array( 'PREVIEW_SUBJECT' => $preview_subject, @@ -1622,7 +1622,7 @@ if ($generate_quote && $config['max_quote_depth'] > 0) } // Decode text for message display -$post_data['bbcode_uid'] = ($mode == 'quote' && !$preview && !$refresh && !sizeof($error)) ? $post_data['bbcode_uid'] : $message_parser->bbcode_uid; +$post_data['bbcode_uid'] = ($mode == 'quote' && !$preview && !$refresh && !count($error)) ? $post_data['bbcode_uid'] : $message_parser->bbcode_uid; $message_parser->decode_message($post_data['bbcode_uid']); if ($generate_quote) @@ -1670,7 +1670,7 @@ $attachment_data = $message_parser->attachment_data; $filename_data = $message_parser->filename_data; $post_data['post_text'] = $message_parser->message; -if (sizeof($post_data['poll_options']) || (isset($post_data['poll_title']) && !$bbcode_utils->is_empty($post_data['poll_title']))) +if (count($post_data['poll_options']) || (isset($post_data['poll_title']) && !$bbcode_utils->is_empty($post_data['poll_title']))) { $message_parser->message = $post_data['poll_title']; $message_parser->bbcode_uid = $post_data['bbcode_uid']; @@ -1795,7 +1795,7 @@ $page_data = array( 'FORUM_NAME' => $post_data['forum_name'], 'FORUM_DESC' => ($post_data['forum_desc']) ? generate_text_for_display($post_data['forum_desc'], $post_data['forum_desc_uid'], $post_data['forum_desc_bitfield'], $post_data['forum_desc_options']) : '', 'TOPIC_TITLE' => censor_text($post_data['topic_title']), - 'MODERATORS' => (sizeof($moderators)) ? implode($user->lang['COMMA_SEPARATOR'], $moderators[$forum_id]) : '', + 'MODERATORS' => (count($moderators)) ? implode($user->lang['COMMA_SEPARATOR'], $moderators[$forum_id]) : '', 'USERNAME' => ((!$preview && $mode != 'quote') || $preview) ? $post_data['username'] : '', 'SUBJECT' => $post_data['post_subject'], 'MESSAGE' => $post_data['post_text'], @@ -1807,7 +1807,7 @@ $page_data = array( 'MAX_FONT_SIZE' => (int) $config['max_post_font_size'], 'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['POST']), 'POST_DATE' => ($post_data['post_time']) ? $user->format_date($post_data['post_time']) : '', - 'ERROR' => (sizeof($error)) ? implode('
', $error) : '', + 'ERROR' => (count($error)) ? implode('
', $error) : '', 'TOPIC_TIME_LIMIT' => (int) $post_data['topic_time_limit'], 'EDIT_REASON' => $request->variable('edit_reason', '', true), 'SHOW_PANEL' => $request->variable('show_panel', ''), @@ -1867,7 +1867,7 @@ if (($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_ $page_data = array_merge($page_data, array( 'S_SHOW_POLL_BOX' => true, 'S_POLL_VOTE_CHANGE' => ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id)), - 'S_POLL_DELETE' => ($mode == 'edit' && sizeof($post_data['poll_options']) && ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))), + 'S_POLL_DELETE' => ($mode == 'edit' && count($post_data['poll_options']) && ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))), 'S_POLL_DELETE_CHECKED' => (!empty($poll_delete)) ? true : false, 'L_POLL_OPTIONS_EXPLAIN' => $user->lang('POLL_OPTIONS_' . (($mode == 'edit') ? 'EDIT_' : '') . 'EXPLAIN', (int) $config['max_poll_options']), -- cgit v1.2.1 From b2277e7bf688168acfa3097730f556b7218858ac Mon Sep 17 00:00:00 2001 From: MikelAlejoBR Date: Sat, 28 Jul 2018 14:29:37 +0200 Subject: [ticket/15733] Remove unused code related to deprecated flood control PHPBB3-15733 --- phpBB/posting.php | 6 ------ 1 file changed, 6 deletions(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 3530bb5048..bf0dfb9c6c 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -33,7 +33,6 @@ $post_id = $request->variable('p', 0); $topic_id = $request->variable('t', 0); $forum_id = $request->variable('f', 0); $draft_id = $request->variable('d', 0); -$lastclick = $request->variable('lastclick', 0); $preview = (isset($_POST['preview'])) ? true : false; $save = (isset($_POST['save'])) ? true : false; @@ -68,7 +67,6 @@ $current_time = time(); * @var int topic_id ID of the topic * @var int forum_id ID of the forum * @var int draft_id ID of the draft -* @var int lastclick Timestamp of when the form was last loaded * @var bool submit Whether or not the form has been submitted * @var bool preview Whether or not the post is being previewed * @var bool save Whether or not a draft is being saved @@ -91,7 +89,6 @@ $vars = array( 'topic_id', 'forum_id', 'draft_id', - 'lastclick', 'submit', 'preview', 'save', @@ -354,7 +351,6 @@ switch ($mode) * @var int topic_id ID of the topic * @var int forum_id ID of the forum * @var int draft_id ID of the draft -* @var int lastclick Timestamp of when the form was last loaded * @var bool submit Whether or not the form has been submitted * @var bool preview Whether or not the post is being previewed * @var bool save Whether or not a draft is being saved @@ -376,7 +372,6 @@ $vars = array( 'topic_id', 'forum_id', 'draft_id', - 'lastclick', 'submit', 'preview', 'save', @@ -1762,7 +1757,6 @@ if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($c } $s_hidden_fields = ($mode == 'reply' || $mode == 'quote') ? '' : ''; -$s_hidden_fields .= ''; $s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '' : ''; if ($mode == 'edit') -- cgit v1.2.1 From a7d7dfee9ce8ca070b8fda0df3069aa05fe12ceb Mon Sep 17 00:00:00 2001 From: MikelAlejoBR Date: Sat, 28 Jul 2018 22:22:38 +0200 Subject: [ticket/15733] Add "changed" tag to the corresponding comment blocks PHPBB3-15733 --- phpBB/posting.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index bf0dfb9c6c..d867c6d67e 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -83,6 +83,7 @@ $current_time = time(); * language keys. * @since 3.1.0-a1 * @changed 3.1.2-RC1 Removed 'delete' var as it does not exist +* @changed 3.2.4 Remove unused 'lastclick' var */ $vars = array( 'post_id', @@ -366,6 +367,7 @@ switch ($mode) * @var array post_data All post data from database * @since 3.1.3-RC1 * @changed 3.1.10-RC1 Added post_data +* @changed 3.2.4 Remove unused 'lastclick' var */ $vars = array( 'post_id', -- cgit v1.2.1 From e710304ef5cd4fb06d83ccb3213c8df7f8b04b36 Mon Sep 17 00:00:00 2001 From: MikelAlejoBR Date: Sun, 29 Jul 2018 11:59:46 +0200 Subject: [ticket/15733] Correct "changed" tag version to 3.2.4-RC1 PHPBB3-15733 --- phpBB/posting.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index d867c6d67e..d97a22209f 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -83,7 +83,7 @@ $current_time = time(); * language keys. * @since 3.1.0-a1 * @changed 3.1.2-RC1 Removed 'delete' var as it does not exist -* @changed 3.2.4 Remove unused 'lastclick' var +* @changed 3.2.4-RC1 Remove unused 'lastclick' var */ $vars = array( 'post_id', @@ -367,7 +367,7 @@ switch ($mode) * @var array post_data All post data from database * @since 3.1.3-RC1 * @changed 3.1.10-RC1 Added post_data -* @changed 3.2.4 Remove unused 'lastclick' var +* @changed 3.2.4-RC1 Remove unused 'lastclick' var */ $vars = array( 'post_id', -- cgit v1.2.1 From 184d24bb166b754b571bd7ef49b7cfacf1c8381d Mon Sep 17 00:00:00 2001 From: MikelAlejoBR Date: Tue, 31 Jul 2018 16:06:49 +0200 Subject: [ticket/15622] Extract duplicated code PHPBB3-15622 --- phpBB/posting.php | 35 +++++++---------------------------- 1 file changed, 7 insertions(+), 28 deletions(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 3530bb5048..de399068bc 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1630,35 +1630,14 @@ if ($generate_quote) // Remove attachment bbcode tags from the quoted message to avoid mixing with the new post attachments if any $message_parser->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#uis', '\\2', $message_parser->message); - if ($config['allow_bbcode']) - { - $message_parser->message = $bbcode_utils->generate_quote( - censor_text($message_parser->message), - array( - 'author' => $post_data['quote_username'], - 'post_id' => $post_data['post_id'], - 'time' => $post_data['post_time'], - 'user_id' => $post_data['poster_id'], - ) - ); - $message_parser->message .= "\n\n"; - } - else - { - $offset = 0; - $quote_string = "> "; - $message = censor_text(trim($message_parser->message)); - // see if we are nesting. It's easily tricked but should work for one level of nesting - if (strpos($message, ">") !== false) - { - $offset = 10; - } - $message = utf8_wordwrap($message, 75 + $offset, "\n"); + $quote_attributes = array( + 'author' => $post_data['quote_username'], + 'post_id' => $post_data['post_id'], + 'time' => $post_data['post_time'], + 'user_id' => $post_data['poster_id'], + ); - $message = $quote_string . $message; - $message = str_replace("\n", "\n" . $quote_string, $message); - $message_parser->message = $post_data['quote_username'] . " " . $user->lang['WROTE'] . ":\n" . $message . "\n"; - } + format_quote($config['allow_bbcode'], $quote_attributes, $bbcode_utils, $message_parser); } if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh) -- cgit v1.2.1 From 4396bfba65b0c69023b47b564f789700f892e05a Mon Sep 17 00:00:00 2001 From: MikelAlejoBR Date: Sun, 16 Sep 2018 19:00:51 +0200 Subject: [ticket/15622] Rename function to avoid potential future conflicts PHPBB3-15622 --- phpBB/posting.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index de399068bc..1fd1444eab 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1637,7 +1637,7 @@ if ($generate_quote) 'user_id' => $post_data['poster_id'], ); - format_quote($config['allow_bbcode'], $quote_attributes, $bbcode_utils, $message_parser); + phpbb_format_quote($config['allow_bbcode'], $quote_attributes, $bbcode_utils, $message_parser); } if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh) -- cgit v1.2.1 From d5147c2271671879de211ff85dbf07fcaef22017 Mon Sep 17 00:00:00 2001 From: Alec Date: Sat, 24 Nov 2018 12:56:33 -0500 Subject: [ticket/15879] Add core.posting_modify_default_variables Allows the modification of default variables put into post_data. Also allows you to unset variables in post_data to inherit the default ones. PHPBB3-15879 --- phpBB/posting.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 8d40652574..e2329d610d 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -597,6 +597,20 @@ if (isset($post_data['post_text'])) // Set some default variables $uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0); +/** +* This event allows you to modify the default variables for post_data, and unset them in post_data if needed +* +* @event core.posting_modify_default_variables +* @var array post_data Array with post data +* @var array uninit Array with default vars to put into post_data, if they aren't there +* @since 3.2.5-RC1 +*/ +$vars = array( + 'post_data', + 'uninit', +); +extract($phpbb_dispatcher->trigger_event('core.posting_modify_default_variables', compact($vars))); + foreach ($uninit as $var_name => $default_value) { if (!isset($post_data[$var_name])) -- cgit v1.2.1 From 087bf6fd35913152129eed97005953ac3979002a Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Sun, 2 Dec 2018 12:55:02 +0100 Subject: [ticket/15893] Pass needed language class directly to format quote PHPBB3-15893 --- phpBB/posting.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index e2329d610d..59be983987 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -846,6 +846,7 @@ if ($load && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_ load_drafts($topic_id, $forum_id); } +/** @var \phpbb\textformatter\utils_interface $bbcode_utils */ $bbcode_utils = $phpbb_container->get('text_formatter.utils'); if ($submit || $preview || $refresh) @@ -1648,7 +1649,9 @@ if ($generate_quote) 'user_id' => $post_data['poster_id'], ); - phpbb_format_quote($config['allow_bbcode'], $quote_attributes, $bbcode_utils, $message_parser); + /** @var \phpbb\language\language $language */ + $language = $phpbb_container->get('language'); + phpbb_format_quote($language, $message_parser, $bbcode_utils, $bbcode_status, $quote_attributes); } if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh) -- cgit v1.2.1 From 36083872e0e6fc7a9541e350067d5929566d76c3 Mon Sep 17 00:00:00 2001 From: Alec Date: Fri, 18 Jan 2019 22:14:51 -0500 Subject: [ticket/15944] Add core.posting_modify_quote_attributes Allow modification of the quote attributes of the current post being quoted Any information in there can be changed without affecting the rest of the page New attributes can also be added if an extension needed to as well PHPBB3-15944 --- phpBB/posting.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 59be983987..75085a5635 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1649,6 +1649,20 @@ if ($generate_quote) 'user_id' => $post_data['poster_id'], ); + /** + * This event allows you to modify the quote attributes of the post being quoted + * + * @event core.posting_modify_quote_attributes + * @var array quote_attributes Array with quote attributes + * @var array post_data Array with post data + * @since 3.2.6-RC1 + */ + $vars = array( + 'quote_attributes', + 'post_data', + ); + extract($phpbb_dispatcher->trigger_event('core.posting_modify_quote_attributes', compact($vars))); + /** @var \phpbb\language\language $language */ $language = $phpbb_container->get('language'); phpbb_format_quote($language, $message_parser, $bbcode_utils, $bbcode_status, $quote_attributes); -- cgit v1.2.1 From d0ef8695e4103178fd6ef106fa09b06c51ed85c5 Mon Sep 17 00:00:00 2001 From: Jakub Senko Date: Mon, 27 May 2019 16:26:23 +0200 Subject: [ticket/15946] Add core.posting_modify_row_data PHPBB3-15946 --- phpBB/posting.php | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 75085a5635..003d3af5c2 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -222,6 +222,25 @@ if (!$post_data) trigger_error(($mode == 'post' || $mode == 'bump' || $mode == 'reply') ? 'NO_TOPIC' : 'NO_POST'); } +/** +* This event allows you to bypass reply/quote test of an unapproved post. +* +* @event core.posting_modify_row_data +* @var array post_data All post data from database +* @var string mode What action to take if the form has been submitted +* post|reply|quote|edit|delete|bump|smilies|popup +* @var int topic_id ID of the topic +* @var int forum_id ID of the forum +* @since 3.2.8-RC1 +*/ +$vars = array( + 'post_data', + 'mode', + 'topic_id', + 'forum_id', +); +extract($phpbb_dispatcher->trigger_event('core.posting_modify_row_data', compact($vars))); + // Not able to reply to unapproved posts/topics // TODO: add more descriptive language key if ($auth->acl_get('m_approve', $forum_id) && ((($mode == 'reply' || $mode == 'bump') && $post_data['topic_visibility'] != ITEM_APPROVED) || ($mode == 'quote' && $post_data['post_visibility'] != ITEM_APPROVED))) -- cgit v1.2.1 From b9f78d64d7fe99b2a1614b43aebe50cd7a841609 Mon Sep 17 00:00:00 2001 From: 3D-I Date: Sat, 20 Jul 2019 20:23:22 +0200 Subject: [ticket/16102] Add core.posting_modify_post_subject PHPBB3-16102 --- phpBB/posting.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 75085a5635..ec047170b6 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1671,6 +1671,20 @@ if ($generate_quote) if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh) { $post_data['post_subject'] = ((strpos($post_data['post_subject'], 'Re: ') !== 0) ? 'Re: ' : '') . censor_text($post_data['post_subject']); + + $post_subject = $post_data['post_subject']; + + /** + * This event allows you to modify the post subject of the post being quoted + * + * @event core.posting_modify_post_subject + * @var string post_subject String with the post subject already censored. + * @since 3.2.8-RC1 + */ + $vars = array('post_subject'); + extract($phpbb_dispatcher->trigger_event('core.posting_modify_post_subject', compact($vars))); + + $post_data['post_subject'] = $post_subject; } $attachment_data = $message_parser->attachment_data; -- cgit v1.2.1 From 6c8d0063368a1815a270d97dc0defdee0f6bf027 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Mon, 1 Jul 2019 20:56:17 +0200 Subject: [ticket/security/244] Add parse_attachment form token check to posting.php SECURITY-244 --- phpBB/posting.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 5089448483..595d0f0c06 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -974,7 +974,10 @@ if ($submit || $preview || $refresh) } // Parse Attachments - before checksum is calculated - $message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh); + if ($message_parser->check_attachment_form_token($language, $request, 'posting')) + { + $message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh); + } /** * This event allows you to modify message text before parsing -- cgit v1.2.1 From 78c1957e48d58672690d67b4450ab32687242944 Mon Sep 17 00:00:00 2001 From: 3D-I <480857+3D-I@users.noreply.github.com> Date: Tue, 10 Sep 2019 05:59:08 +0200 Subject: [ticket/16153] Enable Emojis and rich text in Topic title PHPBB3-16153 --- phpBB/posting.php | 28 +++++++++++++++++++++++++--- 1 file changed, 25 insertions(+), 3 deletions(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 5089448483..11237bf050 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1178,11 +1178,33 @@ if ($submit || $preview || $refresh) $error[] = $user->lang['EMPTY_SUBJECT']; } - // Check for out-of-bounds characters that are currently - // not supported by utf8_bin in MySQL + /** + * Replace Emojis and other 4bit UTF-8 chars, not allowed by utf8_bin MySql, to NCR. + * Using their Numeric Character Reference's Hexadecimal notation. + * Doesn't interfere with Japanese or Cyrillic etc. + * + * @see https://www.w3.org/TR/xml11/ + * @see https://www.opentag.com/xfaq_charrep.htm + */ if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $post_data['post_subject'], $matches)) { - $character_list = implode('
', $matches[0]); + foreach ($matches as $key => $emoji) + { + $post_data['post_subject'] = str_replace($emoji, utf8_encode_ncr($emoji), $post_data['post_subject']); + } + } + + /** + * This should never happen again. + * Leaving the fallback here just in case there will be the need of it. + * + * Check for out-of-bounds characters that are currently + * not supported by utf8_bin in MySQL + */ + if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $post_data['post_subject'], $matches)) + { + $character_list = implode('
', $matches[0]); + $error[] = $user->lang('UNSUPPORTED_CHARACTERS_SUBJECT', $character_list); } -- cgit v1.2.1 From c569d0dabc0868356c2c2f6bdf796c6433756fa2 Mon Sep 17 00:00:00 2001 From: 3D-I <480857+3D-I@users.noreply.github.com> Date: Mon, 28 Oct 2019 21:14:57 +0100 Subject: [ticket/16153] Use new function PHPBB3-16153 --- phpBB/posting.php | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 5bba052a6a..9f3b26aa85 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1182,20 +1182,10 @@ if ($submit || $preview || $refresh) } /** - * Replace Emojis and other 4bit UTF-8 chars, not allowed by utf8_bin MySql, to NCR. + * Replace Emojis and other 4bit UTF-8 chars not allowed by MySql to UCR / NCR. * Using their Numeric Character Reference's Hexadecimal notation. - * Doesn't interfere with Japanese or Cyrillic etc. - * - * @see https://www.w3.org/TR/xml11/ - * @see https://www.opentag.com/xfaq_charrep.htm */ - if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $post_data['post_subject'], $matches)) - { - foreach ($matches as $key => $emoji) - { - $post_data['post_subject'] = str_replace($emoji, utf8_encode_ncr($emoji), $post_data['post_subject']); - } - } + $post_data['post_subject'] = utf8_encode_ucr($post_data['post_subject']); /** * This should never happen again. -- cgit v1.2.1 From ff25d0a5084e5e79bf7cc9faefd0dfdeb0ef5705 Mon Sep 17 00:00:00 2001 From: 3D-I <480857+3D-I@users.noreply.github.com> Date: Wed, 30 Oct 2019 14:47:05 +0100 Subject: [ticket/16153] Enable Emojis and rich text in Topic title PHPBB3-16153 --- phpBB/posting.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 9f3b26aa85..a0ddb9ff15 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1182,7 +1182,7 @@ if ($submit || $preview || $refresh) } /** - * Replace Emojis and other 4bit UTF-8 chars not allowed by MySql to UCR / NCR. + * Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL to UCR/NCR. * Using their Numeric Character Reference's Hexadecimal notation. */ $post_data['post_subject'] = utf8_encode_ucr($post_data['post_subject']); -- cgit v1.2.1 From 0a8b2eb58eb7cde26cfd53d1c5c3c3eade39d385 Mon Sep 17 00:00:00 2001 From: rxu Date: Tue, 5 Nov 2019 20:51:21 +0700 Subject: [ticket/16199] Init guest posting CAPTCHA only if guest posting is allowed PHPBB3-16199 --- phpBB/posting.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index a0ddb9ff15..59616a2858 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -256,12 +256,6 @@ if ($mode == 'popup') $user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']); -if ($config['enable_post_confirm'] && !$user->data['is_registered']) -{ - $captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']); - $captcha->init(CONFIRM_POST); -} - // Use post_row values in favor of submitted ones... $forum_id = (!empty($post_data['forum_id'])) ? (int) $post_data['forum_id'] : (int) $forum_id; $topic_id = (!empty($post_data['topic_id'])) ? (int) $post_data['topic_id'] : (int) $topic_id; @@ -427,6 +421,12 @@ if (!$is_authed || !empty($error)) login_box('', $message); } +if ($config['enable_post_confirm'] && !$user->data['is_registered']) +{ + $captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']); + $captcha->init(CONFIRM_POST); +} + // Is the user able to post within this forum? if ($post_data['forum_type'] != FORUM_POST && in_array($mode, array('post', 'bump', 'quote', 'reply'))) { -- cgit v1.2.1 From 48eb74cfcdad2aaa88cb6a1a50620ecf9180ac7d Mon Sep 17 00:00:00 2001 From: 3D-I <480857+3D-I@users.noreply.github.com> Date: Mon, 30 Dec 2019 02:25:26 +0100 Subject: [ticket/16279] Add permission for Emoji in topic title PHPBB3-16279 --- phpBB/posting.php | 27 +++++++++++++++------------ 1 file changed, 15 insertions(+), 12 deletions(-) (limited to 'phpBB/posting.php') diff --git a/phpBB/posting.php b/phpBB/posting.php index 59616a2858..57b52320a3 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -1184,21 +1184,24 @@ if ($submit || $preview || $refresh) /** * Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL to UCR/NCR. * Using their Numeric Character Reference's Hexadecimal notation. + * Check the permissions for posting Emojis first. */ - $post_data['post_subject'] = utf8_encode_ucr($post_data['post_subject']); - - /** - * This should never happen again. - * Leaving the fallback here just in case there will be the need of it. - * - * Check for out-of-bounds characters that are currently - * not supported by utf8_bin in MySQL - */ - if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $post_data['post_subject'], $matches)) + if ($auth->acl_get('u_emoji')) + { + $post_data['post_subject'] = utf8_encode_ucr($post_data['post_subject']); + } + else { - $character_list = implode('
', $matches[0]); + /** + * Check for out-of-bounds characters that are currently + * not supported by utf8_bin in MySQL + */ + if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $post_data['post_subject'], $matches)) + { + $character_list = implode('
', $matches[0]); - $error[] = $user->lang('UNSUPPORTED_CHARACTERS_SUBJECT', $character_list); + $error[] = $user->lang('UNSUPPORTED_CHARACTERS_SUBJECT', $character_list); + } } $post_data['poll_last_vote'] = (isset($post_data['poll_last_vote'])) ? $post_data['poll_last_vote'] : 0; -- cgit v1.2.1