Zeile 3 | Zeile 3 |
---|
* MyBB 1.2 * Copyright � 2006 MyBB Group, All Rights Reserved *
|
* MyBB 1.2 * Copyright � 2006 MyBB Group, All Rights Reserved *
|
* Website: http://www.mybboard.com * License: http://www.mybboard.com/eula.html
| * Website: http://www.mybboard.net * License: http://www.mybboard.net/eula.html
|
*
|
*
|
* $Id: post.php 2180 2006-09-02 07:36:22Z chris $
| * $Id: post.php 3006 2007-04-11 06:14:56Z Tikitiki $
|
*/
|
*/
|
| // Disallow direct access to this file for security reasons if(!defined("IN_MYBB")) { die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined."); }
|
/* EXAMPLE USE:
| /* EXAMPLE USE:
|
Zeile 125 | Zeile 131 |
---|
// Sanitize the username $post['username'] = htmlspecialchars_uni($post['username']);
|
// Sanitize the username $post['username'] = htmlspecialchars_uni($post['username']);
|
|
|
return true; }
| return true; }
|
Zeile 280 | Zeile 287 |
---|
// Oops, user has been flooding - throw back error message. $time_to_wait = ($mybb->settings['postfloodsecs'] - (time()-$user['lastpost'])) + 1; if($time_to_wait == 1)
|
// Oops, user has been flooding - throw back error message. $time_to_wait = ($mybb->settings['postfloodsecs'] - (time()-$user['lastpost'])) + 1; if($time_to_wait == 1)
|
{
| {
|
$this->set_error("post_flooding_one_second");
|
$this->set_error("post_flooding_one_second");
|
}
| }
|
else { $this->set_error("post_flooding", array($time_to_wait));
| else { $this->set_error("post_flooding", array($time_to_wait));
|
Zeile 296 | Zeile 303 |
---|
/** * Verifies the image count.
|
/** * Verifies the image count.
|
*
| *
|
* @return boolean True when valid, false when not valid. */ function verify_image_count()
| * @return boolean True when valid, false when not valid. */ function verify_image_count()
|
Zeile 314 | Zeile 321 |
---|
// Check if this post contains more images than the forum allows if($post['savedraft'] != 1 && $mybb->settings['maxpostimages'] != 0 && $permissions['cancp'] != "yes") {
|
// Check if this post contains more images than the forum allows if($post['savedraft'] != 1 && $mybb->settings['maxpostimages'] != 0 && $permissions['cancp'] != "yes") {
|
if($post['options']['disablesmilies'] == "yes") { require_once MYBB_ROOT."inc/class_parser.php"; $parser = new postParser;
// Parse the message. $parser_options = array( "allow_html" => $forum['allowhtml'], "allow_mycode" => $forum['allowmycode'], "allow_smilies" => $forum['allowmilies'], "allow_imgcode" => $forum['allowimgcode'] );
$image_check = $parser->parse_message($post['message'], $parser_options);
// And count the number of image tags in the message. $image_count = substr_count($image_check, "<img"); if($image_count > $mybb->settings['maxpostimages']) { // Throw back a message if over the count with the number of images as well as the maximum number of images per post. $this->set_error("too_many_images", array(1 => $image_count, 2 => $mybb->settings['maxpostimages'])); return false; }
| require_once MYBB_ROOT."inc/class_parser.php"; $parser = new postParser;
|
|
|
| // Parse the message. $parser_options = array( "allow_html" => $forum['allowhtml'], "allow_mycode" => $forum['allowmycode'], "allow_imgcode" => $forum['allowimgcode'] );
if($post['options']['disablesmilies'] != "yes") { $parser_options['allow_smilies'] = $forum['allowsmilies']; } else { $parser_options['allow_smilies'] = "no"; }
$image_check = $parser->parse_message($post['message'], $parser_options);
// And count the number of image tags in the message. $image_count = substr_count($image_check, "<img"); if($image_count > $mybb->settings['maxpostimages']) { // Throw back a message if over the count with the number of images as well as the maximum number of images per post. $this->set_error("too_many_images", array(1 => $image_count, 2 => $mybb->settings['maxpostimages'])); return false;
|
} } }
/** * Verify the reply-to post.
|
} } }
/** * Verify the reply-to post.
|
*
| *
|
* @return boolean True when valid, false when not valid. */ function verify_reply_to()
| * @return boolean True when valid, false when not valid. */ function verify_reply_to()
|
Zeile 360 | Zeile 371 |
---|
if(!$valid_post['pid']) { $post['replyto'] = 0;
|
if(!$valid_post['pid']) { $post['replyto'] = 0;
|
}
| }
|
else { return true;
| else { return true;
|
Zeile 392 | Zeile 403 |
---|
function verify_post_icon() { global $cache;
|
function verify_post_icon() { global $cache;
|
|
|
$post = &$this->data;
// If we don't assign it as 0.
| $post = &$this->data;
// If we don't assign it as 0.
|
Zeile 425 | Zeile 436 |
---|
* @return boolean True when valid, false when invalid. */ function validate_post()
|
* @return boolean True when valid, false when invalid. */ function validate_post()
|
{ global $mybb, $db, $plugins;
$post = &$this->data; $time = time();
| { global $mybb, $db, $plugins;
$post = &$this->data; $time = time();
|
// Verify all post assets.
|
// Verify all post assets.
|
| if($this->method != "update" && !$post['savedraft']) { $this->verify_post_flooding(); }
|
if($this->method == "insert" || array_key_exists('uid', $post)) { $this->verify_author();
|
if($this->method == "insert" || array_key_exists('uid', $post)) { $this->verify_author();
|
}
| }
|
if($this->method == "insert" || array_key_exists('subject', $post))
|
if($this->method == "insert" || array_key_exists('subject', $post))
|
{
| {
|
$this->verify_subject();
|
$this->verify_subject();
|
}
| }
|
if($this->method == "insert" || array_key_exists('message', $post)) { $this->verify_message(); $this->verify_image_count(); }
|
if($this->method == "insert" || array_key_exists('message', $post)) { $this->verify_message(); $this->verify_image_count(); }
|
if($this->method == "insert" || array_key_exists('dateline', $post)) { $this->verify_dateline(); }
if($this->method != "update" && !$post['savedraft'])
| if($this->method == "insert" || array_key_exists('dateline', $post))
|
{
|
{
|
$this->verify_post_flooding();
| $this->verify_dateline();
|
}
if($this->method == "insert" || array_key_exists('replyto', $post))
| }
if($this->method == "insert" || array_key_exists('replyto', $post))
|
Zeile 522 | Zeile 533 |
---|
// Automatic subscription to the thread if($post['options']['emailnotify'] != "no" && $post['uid'] > 0) {
|
// Automatic subscription to the thread if($post['options']['emailnotify'] != "no" && $post['uid'] > 0) {
|
$query = $db->simple_select(TABLE_PREFIX."favorites", "fid", "tid='".intval($post['uid'])."' AND tid='".intval($post['tid'])."' AND type='s'", array("limit" => 1));
| $query = $db->simple_select(TABLE_PREFIX."favorites", "fid", "uid='".intval($post['uid'])."' AND tid='".intval($post['tid'])."' AND type='s'", array("limit" => 1));
|
$already_subscribed = $db->fetch_field($query, "fid"); if(!$already_subscribed) {
| $already_subscribed = $db->fetch_field($query, "fid"); if(!$already_subscribed) {
|
Zeile 536 | Zeile 547 |
---|
}
// Perform any selected moderation tools.
|
}
// Perform any selected moderation tools.
|
if(is_moderator($post['fid'], "", $post['uid']) == "yes" && $post['modoptions'])
| if(is_moderator($post['fid'], "", $post['uid']) == "yes")
|
{ // Fetch the thread $thread = get_thread($post['tid']);
| { // Fetch the thread $thread = get_thread($post['tid']);
|
Zeile 582 | Zeile 593 |
---|
{ $db->query(" UPDATE ".TABLE_PREFIX."threads
|
{ $db->query(" UPDATE ".TABLE_PREFIX."threads
|
SET $newclosed$sep$newstick
| SET {$newclosed}{$sep}{$newstick}
|
WHERE tid='{$thread['tid']}' "); }
|
WHERE tid='{$thread['tid']}' "); }
|
}
| }
|
// Fetch the forum this post is being made in $forum = get_forum($post['fid']);
// Decide on the visibility of this post. if($forum['modposts'] == "yes" && is_moderator($thread['fid'], "", $thread['uid']) != "yes")
|
// Fetch the forum this post is being made in $forum = get_forum($post['fid']);
// Decide on the visibility of this post. if($forum['modposts'] == "yes" && is_moderator($thread['fid'], "", $thread['uid']) != "yes")
|
{
| {
|
$visible = 0; } else {
|
$visible = 0; } else {
|
$visible = 1;
| $visible = 1; } } if($visible != -2) { $now = time(); if($forum['usepostcounts'] != "no") { $queryadd = ",postnum=postnum+1"; } else { $queryadd = '';
|
}
|
}
|
| $db->query("UPDATE ".TABLE_PREFIX."users SET lastpost='{$now}' {$queryadd} WHERE uid='{$post['uid']}'");
|
}
|
}
|
|
|
$post['pid'] = intval($post['pid']); $post['uid'] = intval($post['uid']);
| $post['pid'] = intval($post['pid']); $post['uid'] = intval($post['uid']);
|
Zeile 731 | Zeile 757 |
---|
"mailto" => $db->escape_string($subscribedmember['email']), "mailfrom" => '', "subject" => $db->escape_string($emailsubject),
|
"mailto" => $db->escape_string($subscribedmember['email']), "mailfrom" => '', "subject" => $db->escape_string($emailsubject),
|
"message" => $db->escape_string($emailmessage)
| "message" => $db->escape_string($emailmessage), "headers" => ''
|
); $db->insert_query(TABLE_PREFIX."mailqueue", $new_email); unset($userlang);
| ); $db->insert_query(TABLE_PREFIX."mailqueue", $new_email); unset($userlang);
|
Zeile 742 | Zeile 769 |
---|
{ $cache->updatemailqueue(); }
|
{ $cache->updatemailqueue(); }
|
| $thread_update = array("replies" => "+1"); $query = $db->simple_select(TABLE_PREFIX."attachments", "COUNT(aid) AS attachmentcount", "pid='{$this->pid}' AND visible='1'"); $attachmentcount = $db->fetch_field($query, "attachmentcount");
$thread_update['attachmentcount'] = "+{$attachmentcount}";
|
// Update forum count
|
// Update forum count
|
update_thread_count($post['tid']); update_forum_count($post['fid']); $cache->updatestats(); }
| update_thread_counters($post['tid'], $thread_update); update_forum_counters($post['fid'], array("posts" => "+1")); }
|
// Post is stuck in moderation queue else if($visible == 0)
|
// Post is stuck in moderation queue else if($visible == 0)
|
{
| {
|
// Update the unapproved posts count for the current thread and current forum
|
// Update the unapproved posts count for the current thread and current forum
|
update_thread_count($post['tid']); update_forum_count($post['fid']); }
if($visible != 2) { $now = time(); if($forum['usepostcounts'] != "no") { $queryadd = ",postnum=postnum+1"; } else { $queryadd = ''; } $db->query("UPDATE ".TABLE_PREFIX."users SET lastpost='{$now}' {$queryadd} WHERE uid='{$post['uid']}'");
| update_thread_counters($post['tid'], array("unapprovedposts" => "+1")); update_forum_counters($post['fid'], array("unapprovedposts" => "+1"));
|
}
// Return the post's pid and whether or not it is visible.
| }
// Return the post's pid and whether or not it is visible.
|
Zeile 783 | Zeile 801 |
---|
* @return boolean True when valid, false when invalid. */ function validate_thread()
|
* @return boolean True when valid, false when invalid. */ function validate_thread()
|
{
| {
|
global $mybb, $db, $plugins;
|
global $mybb, $db, $plugins;
|
|
|
$thread = &$this->data;
|
$thread = &$this->data;
|
|
|
// Validate all thread assets.
|
// Validate all thread assets.
|
| if(!$thread['savedraft']) { $this->verify_post_flooding(); }
|
if($this->method == "insert" || array_key_exists('uid', $thread))
|
if($this->method == "insert" || array_key_exists('uid', $thread))
|
{
| {
|
$this->verify_author(); }
| $this->verify_author(); }
|
Zeile 814 | Zeile 837 |
---|
if($this->method == "insert" || array_key_exists('icon', $thread)) { $this->verify_post_icon();
|
if($this->method == "insert" || array_key_exists('icon', $thread)) { $this->verify_post_icon();
|
}
| }
|
if($this->method == "insert" || array_key_exists('options', $thread))
|
if($this->method == "insert" || array_key_exists('options', $thread))
|
{
| {
|
$this->verify_options();
|
$this->verify_options();
|
}
if(!$thread['savedraft']) { $this->verify_post_flooding();
| |
}
$plugins->run_hooks_by_ref("datahandler_post_validate_thread", $this);
| }
$plugins->run_hooks_by_ref("datahandler_post_validate_thread", $this);
|
Zeile 853 | Zeile 871 |
---|
if(!$this->get_validated()) { die("The thread needs to be validated before inserting it into the DB.");
|
if(!$this->get_validated()) { die("The thread needs to be validated before inserting it into the DB.");
|
}
| }
|
if(count($this->get_errors()) > 0) { die("The thread is not valid.");
| if(count($this->get_errors()) > 0) { die("The thread is not valid.");
|
Zeile 873 | Zeile 891 |
---|
// Thread is being made now and we have a bit to do. else {
|
// Thread is being made now and we have a bit to do. else {
|
// Fetch the permissions for this user $user_permisions = user_permissions($thread['uid']);
| |
// Decide on the visibility of this post.
|
// Decide on the visibility of this post.
|
if($forum['modposts'] == "yes" && is_moderator($thread['fid'], "", $thread['uid']) != "yes")
| if(($forum['modthreads'] == "yes" || $forum['modposts'] == "yes") && is_moderator($thread['fid'], "", $thread['uid']) != "yes")
|
{ $visible = 0; }
| { $visible = 0; }
|
Zeile 891 | Zeile 906 |
---|
// Have a post ID but not a thread ID - fetch thread ID if($thread['pid'] && !$thread['tid']) {
|
// Have a post ID but not a thread ID - fetch thread ID if($thread['pid'] && !$thread['tid']) {
|
$db->simple_select(TABLE_PREFIX."posts", "tid", "pid='{$thread['pid']}");
| $query = $db->simple_select(TABLE_PREFIX."posts", "tid", "pid='{$thread['pid']}");
|
$thread['tid'] = $db->fetch_field($query, "tid"); }
| $thread['tid'] = $db->fetch_field($query, "tid"); }
|
Zeile 900 | Zeile 915 |
---|
// Are we updating a post which is already a draft? Perhaps changing it into a visible post? if($draft_check)
|
// Are we updating a post which is already a draft? Perhaps changing it into a visible post? if($draft_check)
|
{ $this->thread_insert_data = array(
| { $this->thread_insert_data = array( "subject" => $db->escape_string($thread['subject']), "icon" => intval($thread['icon']), "username" => $db->escape_string($thread['username']), "dateline" => intval($thread['dateline']), "lastpost" => intval($thread['dateline']), "lastposter" => $db->escape_string($thread['username']), "visible" => $visible );
$plugins->run_hooks_by_ref("datahandler_post_insert_thread", $this);
$db->update_query(TABLE_PREFIX."threads", $this->thread_insert_data, "tid='{$thread['tid']}'");
$this->post_insert_data = array(
|
"subject" => $db->escape_string($thread['subject']), "icon" => intval($thread['icon']), "username" => $db->escape_string($thread['username']), "dateline" => intval($thread['dateline']),
|
"subject" => $db->escape_string($thread['subject']), "icon" => intval($thread['icon']), "username" => $db->escape_string($thread['username']), "dateline" => intval($thread['dateline']),
|
"lastpost" => intval($thread['dateline']), "lastposter" => $db->escape_string($thread['username']), "visible" => $visible );
$plugins->run_hooks_by_ref("datahandler_post_insert_thread", $this);
$db->update_query(TABLE_PREFIX."threads", $this->thread_insert_data, "tid='{$thread['tid']}'");
$this->post_insert_data = array( "subject" => $db->escape_string($thread['subject']), "icon" => intval($thread['icon']), "username" => $db->escape_string($thread['username']), "dateline" => intval($thread['dateline']), "message" => $db->escape_string($thread['message']), "ipaddress" => $db->escape_string(get_ip()), "includesig" => $thread['options']['signature'], "smilieoff" => $thread['options']['disablesmilies'], "visible" => $visible, "posthash" => $db->escape_string($thread['posthash'])
| "message" => $db->escape_string($thread['message']), "ipaddress" => $db->escape_string(get_ip()), "includesig" => $thread['options']['signature'], "smilieoff" => $thread['options']['disablesmilies'], "visible" => $visible, "posthash" => $db->escape_string($thread['posthash'])
|
); $plugins->run_hooks_by_ref("datahandler_post_insert_thread_post", $this);
| ); $plugins->run_hooks_by_ref("datahandler_post_insert_thread_post", $this);
|
Zeile 938 | Zeile 953 |
---|
else { $this->thread_insert_data = array(
|
else { $this->thread_insert_data = array(
|
"fid" => $thread['fid'], "subject" => $db->escape_string($thread['subject']), "icon" => intval($thread['icon']), "uid" => $thread['uid'], "username" => $db->escape_string($thread['username']), "dateline" => intval($thread['dateline']),
| "fid" => $thread['fid'], "subject" => $db->escape_string($thread['subject']), "icon" => intval($thread['icon']), "uid" => $thread['uid'], "username" => $db->escape_string($thread['username']), "dateline" => intval($thread['dateline']),
|
"lastpost" => intval($thread['dateline']), "lastposter" => $db->escape_string($thread['username']), "views" => 0, "replies" => 0,
|
"lastpost" => intval($thread['dateline']), "lastposter" => $db->escape_string($thread['username']), "views" => 0, "replies" => 0,
|
"visible" => $visible
| "visible" => $visible, "notes" => ''
|
);
$plugins->run_hooks_by_ref("datahandler_post_insert_thread", $this);
| );
$plugins->run_hooks_by_ref("datahandler_post_insert_thread", $this);
|
Zeile 985 | Zeile 1001 |
---|
if(!$thread['savedraft']) {
|
if(!$thread['savedraft']) {
|
// Automatic subscription to the thread
| // Automatically subscribe the user to this thread if they've chosen to.
|
if($thread['options']['emailnotify'] != "no" && $thread['uid'] > 0) {
|
if($thread['options']['emailnotify'] != "no" && $thread['uid'] > 0) {
|
$favoriteadd = array( "uid" => intval($thread['uid']), "tid" => intval($this->tid), "type" => "s"
| $insert_favorite = array( 'uid' => intval($thread['uid']), 'tid' => $this->tid, 'type' => 's'
|
);
|
);
|
$db->insert_query(TABLE_PREFIX."favorites", $favoriteadd);
| $db->insert_query(TABLE_PREFIX.'favorites', $insert_favorite);
|
}
// Perform any selected moderation tools.
| }
// Perform any selected moderation tools.
|
Zeile 1048 | Zeile 1064 |
---|
}
// Only update the table if we need to.
|
}
// Only update the table if we need to.
|
if(is_array($update_query))
| if(!empty($update_query))
|
{ $update_query = implode(", ", $update_query); $db->query("UPDATE ".TABLE_PREFIX."users SET $update_query WHERE uid='".$thread['uid']."'");
| { $update_query = implode(", ", $update_query); $db->query("UPDATE ".TABLE_PREFIX."users SET $update_query WHERE uid='".$thread['uid']."'");
|
Zeile 1112 | Zeile 1128 |
---|
"mailto" => $db->escape_string($subscribedmember['email']), "mailfrom" => '', "subject" => $db->escape_string($emailsubject),
|
"mailto" => $db->escape_string($subscribedmember['email']), "mailfrom" => '', "subject" => $db->escape_string($emailsubject),
|
"message" => $db->escape_string($emailmessage)
| "message" => $db->escape_string($emailmessage), "headers" => ''
|
); $db->insert_query(TABLE_PREFIX."mailqueue", $new_email); unset($userlang);
| ); $db->insert_query(TABLE_PREFIX."mailqueue", $new_email); unset($userlang);
|
Zeile 1123 | Zeile 1140 |
---|
{ $cache->updatemailqueue(); }
|
{ $cache->updatemailqueue(); }
|
// Automatically subscribe the user to this thread if they've chosen to. if($thread['options']['emailnotify'] != "no" && $thread['uid'] > 0) { $insert_favorite = array( 'uid' => intval($thread['uid']), 'tid' => $this->tid, 'type' => 's' ); $db->insert_query(TABLE_PREFIX.'favorites', $insert_favorite); } }
| }
|
// Assign any uploaded attachments with the specific posthash to the newly created post. if($thread['posthash'])
|
// Assign any uploaded attachments with the specific posthash to the newly created post. if($thread['posthash'])
|
{
| {
|
$thread['posthash'] = $db->escape_string($thread['posthash']); $attachmentassign = array( "pid" => $this->pid
| $thread['posthash'] = $db->escape_string($thread['posthash']); $attachmentassign = array( "pid" => $this->pid
|
Zeile 1145 | Zeile 1152 |
---|
$db->update_query(TABLE_PREFIX."attachments", $attachmentassign, "posthash='{$thread['posthash']}'"); }
|
$db->update_query(TABLE_PREFIX."attachments", $attachmentassign, "posthash='{$thread['posthash']}'"); }
|
// Thread is public - update the forum counts. if($visible == 1 || $visible == 0) { $cache->updatestats(); update_thread_count($this->tid); update_forum_count($thread['fid']);
| $query = $db->simple_select(TABLE_PREFIX."attachments", "COUNT(aid) AS attachmentcount", "pid='{$this->pid}' AND visible='1'"); $attachmentcount = $db->fetch_field($query, "attachmentcount"); if($attachmentcount > 0) { update_thread_counters($this->tid, array("attachmentcount" => "+{$attachmentcount}")); }
if($visible == 1) { update_thread_data($this->tid); update_forum_counters($thread['fid'], array("threads" => "+1", "posts" => "+1")); } else if($visible == 0) { update_thread_data($this->tid); update_thread_counters($thread['tid'], array("replies" => 0, "unapprovedposts" => 1)); update_forum_counters($thread['fid'], array("unapprovedthreads" => "+1", "unapprovedposts" => "+1"));
|
}
// Return the post's pid and whether or not it is visible.
| }
// Return the post's pid and whether or not it is visible.
|
Zeile 1291 | Zeile 1309 |
---|
{ $db->delete_query(TABLE_PREFIX."favorites", "type='s' AND uid='{$post['uid']}' AND tid='{$post['tid']}'"); }
|
{ $db->delete_query(TABLE_PREFIX."favorites", "type='s' AND uid='{$post['uid']}' AND tid='{$post['tid']}'"); }
|
update_thread_attachment_count($post['tid']);
| |
|
|
update_forum_count($post['fid']);
| update_forum_lastpost($post['fid']);
|
} } ?>
| } } ?>
|