Vergleich inc/datahandlers/post.php - 1.4.2 - 1.4.14

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 6Zeile 6
 * Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*

 * Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*

 * $Id: post.php 4176 2008-09-03 13:50:09Z Tikitiki $

 * $Id: post.php 4867 2010-04-11 03:37:10Z RyanGordon $

 */

// Disallow direct access to this file for security reasons

 */

// Disallow direct access to this file for security reasons

Zeile 404Zeile 404
		$permissions = user_permissions($post['uid']);

// Fetch the forum this post is being made in

		$permissions = user_permissions($post['uid']);

// Fetch the forum this post is being made in

 
		if(!$post['fid'])
{
$query = $db->simple_select('posts', 'fid', "pid = '{$post['pid']}'");
$post['fid'] = $db->fetch_field($query, 'fid');
}

		$forum = get_forum($post['fid']);

// Check if this post contains more images than the forum allows

		$forum = get_forum($post['fid']);

// Check if this post contains more images than the forum allows

Zeile 448Zeile 453
	* @return boolean True when valid, false when not valid.
*/
function verify_reply_to()

	* @return boolean True when valid, false when not valid.
*/
function verify_reply_to()

	{

	{

		global $db;
$post = &$this->data;


		global $db;
$post = &$this->data;


Zeile 492Zeile 497
	function verify_post_icon()
{
global $cache;

	function verify_post_icon()
{
global $cache;


$post = &$this->data;



$post = &$this->data;


		// If we don't assign it as 0.
if(!$post['icon'] || $post['icon'] < 0)
{

		// If we don't assign it as 0.
if(!$post['icon'] || $post['icon'] < 0)
{

Zeile 509Zeile 514
	* @return boolean True when valid, false when not valid.
*/
function verify_dateline()

	* @return boolean True when valid, false when not valid.
*/
function verify_dateline()

	{

	{

		$dateline = &$this->data['dateline'];

		$dateline = &$this->data['dateline'];





		// The date has to be numeric and > 0.
if($dateline < 0 || is_numeric($dateline) == false)
{

		// The date has to be numeric and > 0.
if($dateline < 0 || is_numeric($dateline) == false)
{

Zeile 525Zeile 530
	 * @return boolean True when valid, false when invalid.
*/
function validate_post()

	 * @return boolean True when valid, false when invalid.
*/
function validate_post()

	{
global $mybb, $db, $plugins;

$post = &$this->data;

	{
global $mybb, $db, $plugins;

$post = &$this->data;

		$time = TIME_NOW;

		$time = TIME_NOW;

		

		

		$this->action = "post";

if($this->method != "update" && !$post['savedraft'])

		$this->action = "post";

if($this->method != "update" && !$post['savedraft'])

		{

		{

			$this->verify_post_flooding();
}


			$this->verify_post_flooding();
}


Zeile 543Zeile 548
		if($this->method == "insert" || array_key_exists('uid', $post))
{
$this->verify_author();

		if($this->method == "insert" || array_key_exists('uid', $post))
{
$this->verify_author();

		}


		}


		if($this->method == "insert" || array_key_exists('subject', $post))

		if($this->method == "insert" || array_key_exists('subject', $post))

		{

		{

			$this->verify_subject();

			$this->verify_subject();

		}

		}


if($this->method == "insert" || array_key_exists('message', $post))
{


if($this->method == "insert" || array_key_exists('message', $post))
{

Zeile 559Zeile 564
		if($this->method == "insert" || array_key_exists('dateline', $post))
{
$this->verify_dateline();

		if($this->method == "insert" || array_key_exists('dateline', $post))
{
$this->verify_dateline();

		}


		}


		if($this->method == "insert" || array_key_exists('replyto', $post))

		if($this->method == "insert" || array_key_exists('replyto', $post))

		{

		{

			$this->verify_reply_to();

			$this->verify_reply_to();

		}

		}


if($this->method == "insert" || array_key_exists('icon', $post))
{
$this->verify_post_icon();


if($this->method == "insert" || array_key_exists('icon', $post))
{
$this->verify_post_icon();

		}


		}


		if($this->method == "insert" || array_key_exists('options', $post))
{
$this->verify_options();

		if($this->method == "insert" || array_key_exists('options', $post))
{
$this->verify_options();

		}


		}


		$plugins->run_hooks_by_ref("datahandler_post_validate_post", $this);

// We are done validating, return.
$this->set_validated(true);
if(count($this->get_errors()) > 0)

		$plugins->run_hooks_by_ref("datahandler_post_validate_post", $this);

// We are done validating, return.
$this->set_validated(true);
if(count($this->get_errors()) > 0)

		{

		{

			return false;

			return false;

		}

		}

		else
{
return true;
}
}

		else
{
return true;
}
}







	/**
* Insert a post into the database.
*

	/**
* Insert a post into the database.
*

Zeile 606Zeile 611
		if(!$this->get_validated())
{
die("The post needs to be validated before inserting it into the DB.");

		if(!$this->get_validated())
{
die("The post needs to be validated before inserting it into the DB.");

		}

		}

		if(count($this->get_errors()) > 0)
{
die("The post is not valid.");

		if(count($this->get_errors()) > 0)
{
die("The post is not valid.");

Zeile 651Zeile 656

// Close the thread.
if($modoptions['closethread'] == 1 && $thread['closed'] != 1)


// Close the thread.
if($modoptions['closethread'] == 1 && $thread['closed'] != 1)

				{
$newclosed = "closed=1";

				{
$newclosed = "closed=1";

					log_moderator_action($modlogdata, $lang->thread_closed);

					log_moderator_action($modlogdata, $lang->thread_closed);

				}

				}


// Open the thread.
if($modoptions['closethread'] != 1 && $thread['closed'] == 1)


// Open the thread.
if($modoptions['closethread'] != 1 && $thread['closed'] == 1)

				{

				{

					$newclosed = "closed=0";
log_moderator_action($modlogdata, $lang->thread_opened);
}

					$newclosed = "closed=0";
log_moderator_action($modlogdata, $lang->thread_opened);
}

Zeile 668Zeile 673
				{
$newstick = "sticky='1'";
log_moderator_action($modlogdata, $lang->thread_stuck);

				{
$newstick = "sticky='1'";
log_moderator_action($modlogdata, $lang->thread_stuck);

				}

				}


// Unstick the thread.
if($modoptions['stickthread'] != 1 && $thread['sticky'])


// Unstick the thread.
if($modoptions['stickthread'] != 1 && $thread['sticky'])

Zeile 698Zeile 703
			// Decide on the visibility of this post.
if($forum['modposts'] == 1 && !is_moderator($thread['fid'], "", $post['uid']))
{

			// Decide on the visibility of this post.
if($forum['modposts'] == 1 && !is_moderator($thread['fid'], "", $post['uid']))
{

				$visible = 0;
}
else
{

				$visible = 0;
}
else
{

				$visible = 1;

				$visible = 1;

			}

			}


// Are posts from this user being moderated? Change visibility
if($mybb->user['uid'] == $post['uid'] && $mybb->user['moderateposts'] == 1)


// Are posts from this user being moderated? Change visibility
if($mybb->user['uid'] == $post['uid'] && $mybb->user['moderateposts'] == 1)

Zeile 715Zeile 720
		if($this->method != "update" && $visible == 1)
{
$double_post = $this->verify_post_merge();

		if($this->method != "update" && $visible == 1)
{
$double_post = $this->verify_post_merge();





// Only combine if they are both invisible (mod queue'd forum) or both visible

			if($double_post !== true && $double_post['visible'] == $visible)
{

			if($double_post !== true && $double_post['visible'] == $visible)
{

				// Only combine if they are both invisible (mod queue'd forum) or both visible
$double_post['message'] .= $mybb->settings['postmergesep']."\n".$post['message'];


				$this->pid = $double_post['pid'];

$post['message'] = $double_post['message'] .= $mybb->settings['postmergesep']."\n".$post['message'];

				$update_query = array(
"message" => $db->escape_string($double_post['message'])
);

				$update_query = array(
"message" => $db->escape_string($double_post['message'])
);

Zeile 747Zeile 754
						"posthash" => $double_post['posthash'],
);
$db->update_query("attachments", $attachmentassign, "posthash='{$post['posthash']}'");

						"posthash" => $double_post['posthash'],
);
$db->update_query("attachments", $attachmentassign, "posthash='{$post['posthash']}'");

 
				
$post['posthash'] = $double_post['posthash'];

				}

// Return the post's pid and whether or not it is visible.

				}

// Return the post's pid and whether or not it is visible.

Zeile 778Zeile 787
		{
$query = $db->simple_select("posts", "tid", "pid='{$post['pid']}' AND uid='{$post['uid']}' AND visible='-2'");
$draft_check = $db->fetch_field($query, "tid");

		{
$query = $db->simple_select("posts", "tid", "pid='{$post['pid']}' AND uid='{$post['uid']}' AND visible='-2'");
$draft_check = $db->fetch_field($query, "tid");

		}
else
{

		}
else
{

			$draft_check = false;
}


			$draft_check = false;
}


Zeile 789Zeile 798
		{
// Update a post that is a draft
$this->post_update_data = array(

		{
// Update a post that is a draft
$this->post_update_data = array(

				"subject" => $db->escape_string($post['subject']),
"icon" => intval($post['icon']),
"uid" => $post['uid'],

				"subject" => $db->escape_string($post['subject']),
"icon" => intval($post['icon']),
"uid" => $post['uid'],

				"username" => $db->escape_string($post['username']),
"dateline" => intval($post['dateline']),

				"username" => $db->escape_string($post['username']),
"dateline" => intval($post['dateline']),

				"message" => $db->escape_string($post['message']),
"ipaddress" => $db->escape_string($post['ipaddress']),
"longipaddress" => intval(ip2long($post['ipaddress'])),
"includesig" => $post['options']['signature'],
"smilieoff" => $post['options']['disablesmilies'],
"visible" => $visible,
"posthash" => $db->escape_string($post['posthash'])
);


				"message" => $db->escape_string($post['message']),
"ipaddress" => $db->escape_string($post['ipaddress']),
"longipaddress" => intval(ip2long($post['ipaddress'])),
"includesig" => $post['options']['signature'],
"smilieoff" => $post['options']['disablesmilies'],
"visible" => $visible,
"posthash" => $db->escape_string($post['posthash'])
);


			$plugins->run_hooks_by_ref("datahandler_post_insert_post", $this);

$db->update_query("posts", $this->post_update_data, "pid='{$post['pid']}'");

			$plugins->run_hooks_by_ref("datahandler_post_insert_post", $this);

$db->update_query("posts", $this->post_update_data, "pid='{$post['pid']}'");

Zeile 837Zeile 846

// Assign any uploaded attachments with the specific posthash to the newly created post.
if($post['posthash'])


// Assign any uploaded attachments with the specific posthash to the newly created post.
if($post['posthash'])

		{

		{

			$post['posthash'] = $db->escape_string($post['posthash']);
$attachmentassign = array(
"pid" => $this->pid

			$post['posthash'] = $db->escape_string($post['posthash']);
$attachmentassign = array(
"pid" => $this->pid

Zeile 859Zeile 868

// Fetch any users subscribed to this thread receiving instant notification and queue up their subscription notices
$query = $db->query("


// Fetch any users subscribed to this thread receiving instant notification and queue up their subscription notices
$query = $db->query("

				SELECT u.username, u.email, u.uid, u.language, s.subscriptionkey

				SELECT u.username, u.email, u.uid, u.language, u.loginkey, u.salt, u.regdate, s.subscriptionkey

				FROM ".TABLE_PREFIX."threadsubscriptions s
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=s.uid)
WHERE s.notification='1' AND s.tid='{$post['tid']}'

				FROM ".TABLE_PREFIX."threadsubscriptions s
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=s.uid)
WHERE s.notification='1' AND s.tid='{$post['tid']}'

Zeile 873Zeile 882
					continue;
}
$done_users[$subscribedmember['uid']] = 1;

					continue;
}
$done_users[$subscribedmember['uid']] = 1;

 
				
$forumpermissions = forum_permissions($thread['fid'], $subscribedmember['uid']);
if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0)
{
continue;
}


				if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language']))
{
$uselang = $subscribedmember['language'];

				if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language']))
{
$uselang = $subscribedmember['language'];

Zeile 907Zeile 923
					$emailmessage = $langcache[$uselang]['email_subscription'];
}
$emailsubject = $lang->sprintf($emailsubject, $subject);

					$emailmessage = $langcache[$uselang]['email_subscription'];
}
$emailsubject = $lang->sprintf($emailsubject, $subject);

				$emailmessage = $lang->sprintf($emailmessage, $subscribedmember['username'], $post['username'], $mybb->settings['bbname'], $subject, $excerpt, $mybb->settings['bburl'], str_replace("&amp;", "&", get_thread_link($thread['tid'], 0, "newpost")), $thread['tid'], $subscribedmember['subscriptionkey']);



				
$post_code = md5($subscribedmember['loginkey'].$subscribedmember['salt'].$subscribedmember['regdate']);
$emailmessage = $lang->sprintf($emailmessage, $subscribedmember['username'], $post['username'], $mybb->settings['bbname'], $subject, $excerpt, $mybb->settings['bburl'], str_replace("&amp;", "&", get_thread_link($thread['tid'], 0, "newpost")), $thread['tid'], $subscribedmember['subscriptionkey'], $post_code);

				$new_email = array(
"mailto" => $db->escape_string($subscribedmember['email']),
"mailfrom" => '',

				$new_email = array(
"mailto" => $db->escape_string($subscribedmember['email']),
"mailfrom" => '',

Zeile 1244Zeile 1262
				{
$forum['lastpost'] = 0;
}

				{
$forum['lastpost'] = 0;
}





				
$done_users = array();


				// Queue up any forum subscription notices to users who are subscribed to this forum.
$excerpt = my_substr($thread['message'], 0, $mybb->settings['subscribeexcerpt']).$lang->emailbit_viewthread;


				// Queue up any forum subscription notices to users who are subscribed to this forum.
$excerpt = my_substr($thread['message'], 0, $mybb->settings['subscribeexcerpt']).$lang->emailbit_viewthread;


Zeile 1254Zeile 1274
				$excerpt = $parser->parse_badwords($excerpt);

$query = $db->query("

				$excerpt = $parser->parse_badwords($excerpt);

$query = $db->query("

					SELECT u.username, u.email, u.uid, u.language

					SELECT u.username, u.email, u.uid, u.language, u.loginkey, u.salt, u.regdate

					FROM ".TABLE_PREFIX."forumsubscriptions fs
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=fs.uid)
LEFT JOIN ".TABLE_PREFIX."usergroups g ON (g.gid=u.usergroup)

					FROM ".TABLE_PREFIX."forumsubscriptions fs
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=fs.uid)
LEFT JOIN ".TABLE_PREFIX."usergroups g ON (g.gid=u.usergroup)

Zeile 1270Zeile 1290
						continue;
}
$done_users[$subscribedmember['uid']] = 1;

						continue;
}
$done_users[$subscribedmember['uid']] = 1;

 
					
$forumpermissions = forum_permissions($thread['fid'], $subscribedmember['uid']);
if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0)
{
continue;
}


					// Determine the language pack we'll be using to send this email in and load it if it isn't already.
if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language']))
{

					// Determine the language pack we'll be using to send this email in and load it if it isn't already.
if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language']))
{

Zeile 1278Zeile 1305
					else if($mybb->settings['bblanguage'])
{
$uselang = $mybb->settings['bblanguage'];

					else if($mybb->settings['bblanguage'])
{
$uselang = $mybb->settings['bblanguage'];

					}
else
{

					}
else
{

						$uselang = "english";
}


						$uselang = "english";
}


Zeile 1305Zeile 1332
						$emailmessage = $langcache[$uselang]['email_forumsubscription'];
}
$emailsubject = $lang->sprintf($emailsubject, $forum['name']);

						$emailmessage = $langcache[$uselang]['email_forumsubscription'];
}
$emailsubject = $lang->sprintf($emailsubject, $forum['name']);

					$emailmessage = $lang->sprintf($emailmessage, $subscribedmember['username'], $thread['username'], $forum['name'], $mybb->settings['bbname'], $thread['subject'], $excerpt, $mybb->settings['bburl'], get_thread_link($this->tid), $thread['fid']);



					
$post_code = md5($subscribedmember['loginkey'].$subscribedmember['salt'].$subscribedmember['regdate']);
$emailmessage = $lang->sprintf($emailmessage, $subscribedmember['username'], $thread['username'], $forum['name'], $mybb->settings['bbname'], $thread['subject'], $excerpt, $mybb->settings['bburl'], get_thread_link($this->tid), $thread['fid'], $post_code);

					$new_email = array(
"mailto" => $db->escape_string($subscribedmember['email']),
"mailfrom" => '',

					$new_email = array(
"mailto" => $db->escape_string($subscribedmember['email']),
"mailfrom" => '',

Zeile 1321Zeile 1350
				if($queued_email == 1)
{
$cache->update_mailqueue();

				if($queued_email == 1)
{
$cache->update_mailqueue();

				}

				}

			}
}


			}
}


Zeile 1343Zeile 1372
		else if($visible == 0)
{
update_thread_data($this->tid);

		else if($visible == 0)
{
update_thread_data($this->tid);

			update_thread_counters($thread['tid'], array("replies" => 0, "unapprovedposts" => 1));

			update_thread_counters($this->tid, array("replies" => 0, "unapprovedposts" => 1));

			update_forum_counters($thread['fid'], array("unapprovedthreads" => "+1", "unapprovedposts" => "+1"));
}


			update_forum_counters($thread['fid'], array("unapprovedthreads" => "+1", "unapprovedposts" => "+1"));
}


Zeile 1391Zeile 1420
		$forum = get_forum($post['fid']);

// Decide on the visibility of this post.

		$forum = get_forum($post['fid']);

// Decide on the visibility of this post.

		if($forum['mod_edit_posts'] == 1 && !is_moderator($post['fid'], "", $post['uid']))
{
if($existing_post['visible'] == 1)
{
update_thread_data($existing_post['tid']);
update_thread_counters($existing_post['tid'], array('replies' => '-1', 'unapprovedposts' => '+1'));
update_forum_counters($existing_post['fid'], array('unapprovedthreads' => '+1', 'unapprovedposts' => '+1'));

// Subtract from the users post count
// Update the post count if this forum allows post counts to be tracked
if($forum['usepostcounts'] != 0)
{
$db->write_query("UPDATE ".TABLE_PREFIX."users SET postnum=postnum-1 WHERE uid='{$existing_post['uid']}'");
}
}
























		if(isset($post['visible']) && $post['visible'] != $existing_post['visible'])
{
if($forum['mod_edit_posts'] == 1 && !is_moderator($post['fid'], "", $post['uid']))
{
if($existing_post['visible'] == 1)
{
update_thread_data($existing_post['tid']);
update_thread_counters($existing_post['tid'], array('replies' => '-1', 'unapprovedposts' => '+1'));
update_forum_counters($existing_post['fid'], array('unapprovedthreads' => '+1', 'unapprovedposts' => '+1'));

// Subtract from the users post count
// Update the post count if this forum allows post counts to be tracked
if($forum['usepostcounts'] != 0)
{
$db->write_query("UPDATE ".TABLE_PREFIX."users SET postnum=postnum-1 WHERE uid='{$existing_post['uid']}'");
}
}
$visible = 0;
}
else
{
if($existing_post['visible'] == 0)
{
update_thread_data($existing_post['tid']);
update_thread_counters($existing_post['tid'], array('replies' => '+1', 'unapprovedposts' => '-1'));
update_forum_counters($existing_post['fid'], array('unapprovedthreads' => '-1', 'unapprovedposts' => '-1'));

// Update the post count if this forum allows post counts to be tracked
if($forum['usepostcounts'] != 0)
{
$db->write_query("UPDATE ".TABLE_PREFIX."users SET postnum=postnum+1 WHERE uid='{$existing_post['uid']}'");
}
}
$visible = 1;
}
}
else
{

			$visible = 0;

			$visible = 0;

		}
else
{
if($existing_post['visible'] == 0)

			if($forum['mod_edit_posts'] != 1 || is_moderator($post['fid'], "", $post['uid']))




			{

			{

				update_thread_data($existing_post['tid']);
update_thread_counters($existing_post['tid'], array('replies' => '+1', 'unapprovedposts' => '-1'));
update_forum_counters($existing_post['fid'], array('unapprovedthreads' => '-1', 'unapprovedposts' => '-1'));

// Update the post count if this forum allows post counts to be tracked
if($forum['usepostcounts'] != 0)
{
$db->write_query("UPDATE ".TABLE_PREFIX."users SET postnum=postnum+1 WHERE uid='{$existing_post['uid']}'");
}

				$visible = 1;









			}

			}

			$visible = 1;
}

        }



// Check if this is the first post in a thread.
$options = array(


// Check if this is the first post in a thread.
$options = array(

Zeile 1532Zeile 1572
		}
else
{

		}
else
{

			$db->delete_query("threadsubscriptions", "uid='{$post['uid']}' AND tid='{$post['tid']}'");

			$db->delete_query("threadsubscriptions", "uid='".intval($post['uid'])."' AND tid='".intval($post['tid'])."'");

		}

update_forum_lastpost($post['fid']);

		}

update_forum_lastpost($post['fid']);