Vergleich inc/datahandlers/post.php - 1.2.0 - 1.2.6

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 6Zeile 6
 * Website: http://www.mybboard.com
* License: http://www.mybboard.com/eula.html
*

 * Website: http://www.mybboard.com
* License: http://www.mybboard.com/eula.html
*

 * $Id: post.php 2180 2006-09-02 07:36:22Z chris $

 * $Id: post.php 2729 2007-02-07 23:02:29Z Tikitiki $

 */

/*

 */

/*

Zeile 125Zeile 125

// Sanitize the username
$post['username'] = htmlspecialchars_uni($post['username']);


// Sanitize the username
$post['username'] = htmlspecialchars_uni($post['username']);

 
		

		return true;
}


		return true;
}


Zeile 314Zeile 315
		// Check if this post contains more images than the forum allows
if($post['savedraft'] != 1 && $mybb->settings['maxpostimages'] != 0 && $permissions['cancp'] != "yes")
{

		// Check if this post contains more images than the forum allows
if($post['savedraft'] != 1 && $mybb->settings['maxpostimages'] != 0 && $permissions['cancp'] != "yes")
{

			if($post['options']['disablesmilies'] == "yes")
{
require_once MYBB_ROOT."inc/class_parser.php";
$parser = new postParser;

// Parse the message.
$parser_options = array(
"allow_html" => $forum['allowhtml'],
"allow_mycode" => $forum['allowmycode'],
"allow_smilies" => $forum['allowmilies'],
"allow_imgcode" => $forum['allowimgcode']
);

$image_check = $parser->parse_message($post['message'], $parser_options);

// And count the number of image tags in the message.
$image_count = substr_count($image_check, "<img");
if($image_count > $mybb->settings['maxpostimages'])
{
// Throw back a message if over the count with the number of images as well as the maximum number of images per post.
$this->set_error("too_many_images", array(1 => $image_count, 2 => $mybb->settings['maxpostimages']));
return false;
}

}
}
}






			require_once MYBB_ROOT."inc/class_parser.php";
$parser = new postParser;

// Parse the message.
$parser_options = array(
"allow_html" => $forum['allowhtml'],
"allow_mycode" => $forum['allowmycode'],
"allow_imgcode" => $forum['allowimgcode']
);

if($post['options']['disablesmilies'] != "yes")
{
$parser_options['allow_smilies'] = $forum['allowsmilies'];
}
else
{
$parser_options['allow_smilies'] = "no";
}

$image_check = $parser->parse_message($post['message'], $parser_options);

// And count the number of image tags in the message.
$image_count = substr_count($image_check, "<img");
if($image_count > $mybb->settings['maxpostimages'])
{
// Throw back a message if over the count with the number of images as well as the maximum number of images per post.
$this->set_error("too_many_images", array(1 => $image_count, 2 => $mybb->settings['maxpostimages']));
return false;
}
}
}


	/**
* Verify the reply-to post.
*

	/**
* Verify the reply-to post.
*

Zeile 386Zeile 391

/**
* Verify the post icon.


/**
* Verify the post icon.

	*

	*

	* @return boolean True when valid, false when not valid.
*/
function verify_post_icon()

	* @return boolean True when valid, false when not valid.
*/
function verify_post_icon()

Zeile 421Zeile 426

/**
* Validate a post.


/**
* Validate a post.

	 *
* @return boolean True when valid, false when invalid.
*/

	 *
* @return boolean True when valid, false when invalid.
*/

	function validate_post()
{
global $mybb, $db, $plugins;

	function validate_post()
{
global $mybb, $db, $plugins;





		$post = &$this->data;
$time = time();

		$post = &$this->data;
$time = time();





		// Verify all post assets.

if($this->method == "insert" || array_key_exists('uid', $post))
{
$this->verify_author();

		// Verify all post assets.

if($this->method == "insert" || array_key_exists('uid', $post))
{
$this->verify_author();

		}


		}


		if($this->method == "insert" || array_key_exists('subject', $post))
{
$this->verify_subject();

		if($this->method == "insert" || array_key_exists('subject', $post))
{
$this->verify_subject();

		}


		}


		if($this->method == "insert" || array_key_exists('message', $post))
{
$this->verify_message();
$this->verify_image_count();

		if($this->method == "insert" || array_key_exists('message', $post))
{
$this->verify_message();
$this->verify_image_count();

		}


		}


		if($this->method == "insert" || array_key_exists('dateline', $post))

		if($this->method == "insert" || array_key_exists('dateline', $post))

		{

		{

			$this->verify_dateline();

			$this->verify_dateline();

		}


		}


		if($this->method != "update" && !$post['savedraft'])
{
$this->verify_post_flooding();
}

if($this->method == "insert" || array_key_exists('replyto', $post))

		if($this->method != "update" && !$post['savedraft'])
{
$this->verify_post_flooding();
}

if($this->method == "insert" || array_key_exists('replyto', $post))

		{

		{

			$this->verify_reply_to();

			$this->verify_reply_to();

		}

		}


if($this->method == "insert" || array_key_exists('icon', $post))


if($this->method == "insert" || array_key_exists('icon', $post))

		{

		{

			$this->verify_post_icon();

			$this->verify_post_icon();

		}

		}


if($this->method == "insert" || array_key_exists('options', $post))
{
$this->verify_options();


if($this->method == "insert" || array_key_exists('options', $post))
{
$this->verify_options();

		}


		}


		$plugins->run_hooks_by_ref("datahandler_post_validate_post", $this);

// We are done validating, return.

		$plugins->run_hooks_by_ref("datahandler_post_validate_post", $this);

// We are done validating, return.

Zeile 481Zeile 486
		if(count($this->get_errors()) > 0)
{
return false;

		if(count($this->get_errors()) > 0)
{
return false;

		}

		}

		else
{
return true;

		else
{
return true;

		}

		}

	}


	}






	/**
* Insert a post into the database.
*

	/**
* Insert a post into the database.
*

Zeile 497Zeile 502
	function insert_post()
{
global $db, $mybb, $plugins, $cache, $lang;

	function insert_post()
{
global $db, $mybb, $plugins, $cache, $lang;





		$post = &$this->data;

		$post = &$this->data;





		// Yes, validating is required.
if(!$this->get_validated())

		// Yes, validating is required.
if(!$this->get_validated())

		{

		{

			die("The post needs to be validated before inserting it into the DB.");
}
if(count($this->get_errors()) > 0)
{
die("The post is not valid.");

			die("The post needs to be validated before inserting it into the DB.");
}
if(count($this->get_errors()) > 0)
{
die("The post is not valid.");

		}


		}


		// This post is being saved as a draft.
if($post['savedraft'])

		// This post is being saved as a draft.
if($post['savedraft'])

		{

		{

			$visible = -2;
}


			$visible = -2;
}


Zeile 521Zeile 526
		{
// Automatic subscription to the thread
if($post['options']['emailnotify'] != "no" && $post['uid'] > 0)

		{
// Automatic subscription to the thread
if($post['options']['emailnotify'] != "no" && $post['uid'] > 0)

			{
$query = $db->simple_select(TABLE_PREFIX."favorites", "fid", "tid='".intval($post['uid'])."' AND tid='".intval($post['tid'])."' AND type='s'", array("limit" => 1));

			{
$query = $db->simple_select(TABLE_PREFIX."favorites", "fid", "uid='".intval($post['uid'])."' AND tid='".intval($post['tid'])."' AND type='s'", array("limit" => 1));

				$already_subscribed = $db->fetch_field($query, "fid");
if(!$already_subscribed)
{

				$already_subscribed = $db->fetch_field($query, "fid");
if(!$already_subscribed)
{

Zeile 532Zeile 537
						"type" => "s"
);
$db->insert_query(TABLE_PREFIX."favorites", $favoriteadd);

						"type" => "s"
);
$db->insert_query(TABLE_PREFIX."favorites", $favoriteadd);

				}
}

				}
}


// Perform any selected moderation tools.


// Perform any selected moderation tools.

			if(is_moderator($post['fid'], "", $post['uid']) == "yes" && $post['modoptions'])

			if(is_moderator($post['fid'], "", $post['uid']) == "yes")

			{
// Fetch the thread
$thread = get_thread($post['tid']);

			{
// Fetch the thread
$thread = get_thread($post['tid']);

Zeile 557Zeile 562
				{
$newclosed = "closed='no'";
log_moderator_action($modlogdata, "Thread opened");

				{
$newclosed = "closed='no'";
log_moderator_action($modlogdata, "Thread opened");

				}


				}


				// Stick the thread.
if($modoptions['stickthread'] == "yes" && $thread['sticky'] != 1)
{

				// Stick the thread.
if($modoptions['stickthread'] == "yes" && $thread['sticky'] != 1)
{

Zeile 582Zeile 587
				{
$db->query("
UPDATE ".TABLE_PREFIX."threads

				{
$db->query("
UPDATE ".TABLE_PREFIX."threads

						SET $newclosed$sep$newstick

						SET {$newclosed}{$sep}{$newstick}

						WHERE tid='{$thread['tid']}'
");
}
}

						WHERE tid='{$thread['tid']}'
");
}
}





			// Fetch the forum this post is being made in
$forum = get_forum($post['fid']);

// Decide on the visibility of this post.
if($forum['modposts'] == "yes" && is_moderator($thread['fid'], "", $thread['uid']) != "yes")

			// Fetch the forum this post is being made in
$forum = get_forum($post['fid']);

// Decide on the visibility of this post.
if($forum['modposts'] == "yes" && is_moderator($thread['fid'], "", $thread['uid']) != "yes")

			{

			{

				$visible = 0;
}
else

				$visible = 0;
}
else

Zeile 617Zeile 622
				"uid" => $post['uid'],
"username" => $db->escape_string($post['username']),
"dateline" => intval($post['dateline']),

				"uid" => $post['uid'],
"username" => $db->escape_string($post['username']),
"dateline" => intval($post['dateline']),

				"message" => $db->escape_string($post['message']),
"ipaddress" => $db->escape_string($post['ipaddress']),
"includesig" => $post['options']['signature'],
"smilieoff" => $post['options']['disablesmilies'],
"visible" => $visible,
"posthash" => $db->escape_string($post['posthash'])

				"message" => $db->escape_string($post['message']),
"ipaddress" => $db->escape_string($post['ipaddress']),
"includesig" => $post['options']['signature'],
"smilieoff" => $post['options']['disablesmilies'],
"visible" => $visible,
"posthash" => $db->escape_string($post['posthash'])

			);

$plugins->run_hooks_by_ref("datahandler_post_insert_post", $this);

			);

$plugins->run_hooks_by_ref("datahandler_post_insert_post", $this);

Zeile 671Zeile 676
			$thread = get_thread($post['tid']);
require_once MYBB_ROOT.'inc/class_parser.php';
$parser = new Postparser();

			$thread = get_thread($post['tid']);
require_once MYBB_ROOT.'inc/class_parser.php';
$parser = new Postparser();





			$subject = $parser->parse_badwords($thread['subject']);
$excerpt = $parser->strip_mycode($post['message']);
$excerpt = my_substr($excerpt, 0, $mybb->settings['subscribeexcerpt']).$lang->emailbit_viewthread;

			$subject = $parser->parse_badwords($thread['subject']);
$excerpt = $parser->strip_mycode($post['message']);
$excerpt = my_substr($excerpt, 0, $mybb->settings['subscribeexcerpt']).$lang->emailbit_viewthread;

Zeile 720Zeile 725
						$userlang->load("messages");
$langcache[$uselang]['emailsubject_subscription'] = $userlang->emailsubject_subscription;
$langcache[$uselang]['email_subscription'] = $userlang->email_subscription;

						$userlang->load("messages");
$langcache[$uselang]['emailsubject_subscription'] = $userlang->emailsubject_subscription;
$langcache[$uselang]['email_subscription'] = $userlang->email_subscription;

						unset($userlang);

						unset($userlang);

					}
$emailsubject = $langcache[$uselang]['emailsubject_subscription'];
$emailmessage = $langcache[$uselang]['email_subscription'];

					}
$emailsubject = $langcache[$uselang]['emailsubject_subscription'];
$emailmessage = $langcache[$uselang]['email_subscription'];

Zeile 731Zeile 736
					"mailto" => $db->escape_string($subscribedmember['email']),
"mailfrom" => '',
"subject" => $db->escape_string($emailsubject),

					"mailto" => $db->escape_string($subscribedmember['email']),
"mailfrom" => '',
"subject" => $db->escape_string($emailsubject),

					"message" => $db->escape_string($emailmessage)


					"message" => $db->escape_string($emailmessage),
"headers" => ''

				);
$db->insert_query(TABLE_PREFIX."mailqueue", $new_email);
unset($userlang);

				);
$db->insert_query(TABLE_PREFIX."mailqueue", $new_email);
unset($userlang);

Zeile 744Zeile 750
			}

// Update forum count

			}

// Update forum count

			update_thread_count($post['tid']);
update_forum_count($post['fid']);

			update_thread_count($post['tid']);
update_forum_count($post['fid']);

			$cache->updatestats();
}
// Post is stuck in moderation queue

			$cache->updatestats();
}
// Post is stuck in moderation queue

Zeile 756Zeile 762
			update_forum_count($post['fid']);
}


			update_forum_count($post['fid']);
}


		if($visible != 2)

		if($visible != -2)

		{
$now = time();
if($forum['usepostcounts'] != "no")

		{
$now = time();
if($forum['usepostcounts'] != "no")

Zeile 793Zeile 799
		if($this->method == "insert" || array_key_exists('uid', $thread))
{
$this->verify_author();

		if($this->method == "insert" || array_key_exists('uid', $thread))
{
$this->verify_author();

		}


		}


		if($this->method == "insert" || array_key_exists('subject', $thread))
{
$this->verify_subject();

		if($this->method == "insert" || array_key_exists('subject', $thread))
{
$this->verify_subject();

Zeile 819Zeile 825
		if($this->method == "insert" || array_key_exists('options', $thread))
{
$this->verify_options();

		if($this->method == "insert" || array_key_exists('options', $thread))
{
$this->verify_options();

		}


		}


		if(!$thread['savedraft'])
{
$this->verify_post_flooding();
}

		if(!$thread['savedraft'])
{
$this->verify_post_flooding();
}





		$plugins->run_hooks_by_ref("datahandler_post_validate_thread", $this);

// We are done validating, return.
$this->set_validated(true);

		$plugins->run_hooks_by_ref("datahandler_post_validate_thread", $this);

// We are done validating, return.
$this->set_validated(true);

		if(count($this->get_errors()) > 0)

		if(count($this->get_errors()) > 0)

		{
return false;
}

		{
return false;
}

Zeile 853Zeile 859
		if(!$this->get_validated())
{
die("The thread needs to be validated before inserting it into the DB.");

		if(!$this->get_validated())
{
die("The thread needs to be validated before inserting it into the DB.");

		}

		}

		if(count($this->get_errors()) > 0)
{
die("The thread is not valid.");

		if(count($this->get_errors()) > 0)
{
die("The thread is not valid.");

Zeile 873Zeile 879
		// Thread is being made now and we have a bit to do.
else
{

		// Thread is being made now and we have a bit to do.
else
{


// Fetch the permissions for this user
$user_permisions = user_permissions($thread['uid']);

 

// Decide on the visibility of this post.


// Decide on the visibility of this post.

			if($forum['modposts'] == "yes" && is_moderator($thread['fid'], "", $thread['uid']) != "yes")

			if(($forum['modthreads'] == "yes" || $forum['modposts'] == "yes") && is_moderator($thread['fid'], "", $thread['uid']) != "yes")

			{
$visible = 0;
}

			{
$visible = 0;
}

Zeile 891Zeile 894
		// Have a post ID but not a thread ID - fetch thread ID
if($thread['pid'] && !$thread['tid'])
{

		// Have a post ID but not a thread ID - fetch thread ID
if($thread['pid'] && !$thread['tid'])
{

			$db->simple_select(TABLE_PREFIX."posts", "tid", "pid='{$thread['pid']}");

			$query = $db->simple_select(TABLE_PREFIX."posts", "tid", "pid='{$thread['pid']}");

			$thread['tid'] = $db->fetch_field($query, "tid");
}


			$thread['tid'] = $db->fetch_field($query, "tid");
}


Zeile 902Zeile 905
		if($draft_check)
{
$this->thread_insert_data = array(

		if($draft_check)
{
$this->thread_insert_data = array(

				"subject" => $db->escape_string($thread['subject']),
"icon" => intval($thread['icon']),
"username" => $db->escape_string($thread['username']),
"dateline" => intval($thread['dateline']),

				"subject" => $db->escape_string($thread['subject']),
"icon" => intval($thread['icon']),
"username" => $db->escape_string($thread['username']),
"dateline" => intval($thread['dateline']),

				"lastpost" => intval($thread['dateline']),
"lastposter" => $db->escape_string($thread['username']),
"visible" => $visible
);

$plugins->run_hooks_by_ref("datahandler_post_insert_thread", $this);

				"lastpost" => intval($thread['dateline']),
"lastposter" => $db->escape_string($thread['username']),
"visible" => $visible
);

$plugins->run_hooks_by_ref("datahandler_post_insert_thread", $this);





			$db->update_query(TABLE_PREFIX."threads", $this->thread_insert_data, "tid='{$thread['tid']}'");

			$db->update_query(TABLE_PREFIX."threads", $this->thread_insert_data, "tid='{$thread['tid']}'");


$this->post_insert_data = array(
"subject" => $db->escape_string($thread['subject']),
"icon" => intval($thread['icon']),
"username" => $db->escape_string($thread['username']),
"dateline" => intval($thread['dateline']),
"message" => $db->escape_string($thread['message']),
"ipaddress" => $db->escape_string(get_ip()),
"includesig" => $thread['options']['signature'],
"smilieoff" => $thread['options']['disablesmilies'],


$this->post_insert_data = array(
"subject" => $db->escape_string($thread['subject']),
"icon" => intval($thread['icon']),
"username" => $db->escape_string($thread['username']),
"dateline" => intval($thread['dateline']),
"message" => $db->escape_string($thread['message']),
"ipaddress" => $db->escape_string(get_ip()),
"includesig" => $thread['options']['signature'],
"smilieoff" => $thread['options']['disablesmilies'],

				"visible" => $visible,
"posthash" => $db->escape_string($thread['posthash'])
);
$plugins->run_hooks_by_ref("datahandler_post_insert_thread_post", $this);

				"visible" => $visible,
"posthash" => $db->escape_string($thread['posthash'])
);
$plugins->run_hooks_by_ref("datahandler_post_insert_thread_post", $this);





			$db->update_query(TABLE_PREFIX."posts", $this->post_insert_data, "pid='{$thread['pid']}'");
$this->tid = $thread['tid'];
$this->pid = $thread['pid'];

			$db->update_query(TABLE_PREFIX."posts", $this->post_insert_data, "pid='{$thread['pid']}'");
$this->tid = $thread['tid'];
$this->pid = $thread['pid'];

Zeile 936Zeile 939

// Inserting a new thread into the database.
else


// Inserting a new thread into the database.
else

		{

		{

			$this->thread_insert_data = array(
"fid" => $thread['fid'],
"subject" => $db->escape_string($thread['subject']),

			$this->thread_insert_data = array(
"fid" => $thread['fid'],
"subject" => $db->escape_string($thread['subject']),

Zeile 948Zeile 951
				"lastposter" => $db->escape_string($thread['username']),
"views" => 0,
"replies" => 0,

				"lastposter" => $db->escape_string($thread['username']),
"views" => 0,
"replies" => 0,

				"visible" => $visible


				"visible" => $visible,
"notes" => ''

			);

$plugins->run_hooks_by_ref("datahandler_post_insert_thread", $this);

			);

$plugins->run_hooks_by_ref("datahandler_post_insert_thread", $this);

Zeile 972Zeile 976
				"posthash" => $db->escape_string($thread['posthash'])
);
$plugins->run_hooks_by_ref("datahandler_post_insert_thread_post", $this);

				"posthash" => $db->escape_string($thread['posthash'])
);
$plugins->run_hooks_by_ref("datahandler_post_insert_thread_post", $this);





			$db->insert_query(TABLE_PREFIX."posts", $this->post_insert_data);
$this->pid = $db->insert_id();


			$db->insert_query(TABLE_PREFIX."posts", $this->post_insert_data);
$this->pid = $db->insert_id();


Zeile 980Zeile 984
			$firstpostup = array("firstpost" => $pid);
$db->update_query(TABLE_PREFIX."threads", $firstpostup, "tid='{$tid}'");
}

			$firstpostup = array("firstpost" => $pid);
$db->update_query(TABLE_PREFIX."threads", $firstpostup, "tid='{$tid}'");
}





		// If we're not saving a draft there are some things we need to check now
if(!$thread['savedraft'])
{

		// If we're not saving a draft there are some things we need to check now
if(!$thread['savedraft'])
{


// Automatic subscription to the thread


// Automatically subscribe the user to this thread if they've chosen to.

			if($thread['options']['emailnotify'] != "no" && $thread['uid'] > 0)
{

			if($thread['options']['emailnotify'] != "no" && $thread['uid'] > 0)
{

				$favoriteadd = array(
"uid" => intval($thread['uid']),
"tid" => intval($this->tid),
"type" => "s"

				$insert_favorite = array(
'uid' => intval($thread['uid']),
'tid' => $this->tid,
'type' => 's'

				);

				);

				$db->insert_query(TABLE_PREFIX."favorites", $favoriteadd);

				$db->insert_query(TABLE_PREFIX.'favorites', $insert_favorite);

			}

// Perform any selected moderation tools.

			}

// Perform any selected moderation tools.

Zeile 1008Zeile 1012
				{
$newclosed = "closed='yes'";
log_moderator_action($modlogdata, "Thread closed");

				{
$newclosed = "closed='yes'";
log_moderator_action($modlogdata, "Thread closed");

				}


				}


				// Stick the thread.
if($modoptions['stickthread'] == "yes")

				// Stick the thread.
if($modoptions['stickthread'] == "yes")

				{

				{

					$newstick = "sticky='1'";
log_moderator_action($modlogdata, "Thread stuck");
}

					$newstick = "sticky='1'";
log_moderator_action($modlogdata, "Thread stuck");
}

Zeile 1021Zeile 1025
				if($newstick && $newclosed)
{
$sep = ",";

				if($newstick && $newclosed)
{
$sep = ",";

				}

				}

				if($newstick || $newclosed)
{
$db->query("

				if($newstick || $newclosed)
{
$db->query("

Zeile 1045Zeile 1049
				if($forum['usepostcounts'] != "no")
{
$update_query[] = "postnum=postnum+1";

				if($forum['usepostcounts'] != "no")
{
$update_query[] = "postnum=postnum+1";

				}


				}


				// Only update the table if we need to.

				// Only update the table if we need to.

				if(is_array($update_query))

				if(!empty($update_query))

				{
$update_query = implode(", ", $update_query);
$db->query("UPDATE ".TABLE_PREFIX."users SET $update_query WHERE uid='".$thread['uid']."'");

				{
$update_query = implode(", ", $update_query);
$db->query("UPDATE ".TABLE_PREFIX."users SET $update_query WHERE uid='".$thread['uid']."'");

Zeile 1084Zeile 1088
				else
{
$uselang = "english";

				else
{
$uselang = "english";

				}

				}


if($uselang == $mybb->settings['bblanguage'])
{


if($uselang == $mybb->settings['bblanguage'])
{

Zeile 1112Zeile 1116
					"mailto" => $db->escape_string($subscribedmember['email']),
"mailfrom" => '',
"subject" => $db->escape_string($emailsubject),

					"mailto" => $db->escape_string($subscribedmember['email']),
"mailfrom" => '',
"subject" => $db->escape_string($emailsubject),

					"message" => $db->escape_string($emailmessage)


					"message" => $db->escape_string($emailmessage),
"headers" => ''

				);
$db->insert_query(TABLE_PREFIX."mailqueue", $new_email);
unset($userlang);

				);
$db->insert_query(TABLE_PREFIX."mailqueue", $new_email);
unset($userlang);

Zeile 1122Zeile 1127
			if($queued_email == 1)
{
$cache->updatemailqueue();

			if($queued_email == 1)
{
$cache->updatemailqueue();

			}
// Automatically subscribe the user to this thread if they've chosen to.
if($thread['options']['emailnotify'] != "no" && $thread['uid'] > 0)
{
$insert_favorite = array(
'uid' => intval($thread['uid']),
'tid' => $this->tid,
'type' => 's'
);
$db->insert_query(TABLE_PREFIX.'favorites', $insert_favorite);

 
			}
}


			}
}