| Zeile 6 | Zeile 6 |
|---|
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*
|
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*
|
* $Id: post.php 4276 2008-11-23 03:01:33Z Tikitiki $
| * $Id: post.php 5379 2011-02-21 11:06:42Z Tomm $
|
*/
// Disallow direct access to this file for security reasons
| */
// Disallow direct access to this file for security reasons
|
| Zeile 404 | Zeile 404 |
|---|
$permissions = user_permissions($post['uid']);
// Fetch the forum this post is being made in
|
$permissions = user_permissions($post['uid']);
// Fetch the forum this post is being made in
|
| | if(!$post['fid'])
{
$query = $db->simple_select('posts', 'fid', "pid = '{$post['pid']}'");
$post['fid'] = $db->fetch_field($query, 'fid');
}
|
$forum = get_forum($post['fid']);
// Check if this post contains more images than the forum allows
| $forum = get_forum($post['fid']);
// Check if this post contains more images than the forum allows
|
| Zeile 448 | Zeile 453 |
|---|
* @return boolean True when valid, false when not valid.
*/
function verify_reply_to()
|
* @return boolean True when valid, false when not valid.
*/
function verify_reply_to()
|
{
| {
|
global $db;
$post = &$this->data;
| global $db;
$post = &$this->data;
|
| Zeile 492 | Zeile 497 |
|---|
function verify_post_icon()
{
global $cache;
|
function verify_post_icon()
{
global $cache;
|
$post = &$this->data;
|
$post = &$this->data;
|
// If we don't assign it as 0.
if(!$post['icon'] || $post['icon'] < 0)
{
| // If we don't assign it as 0.
if(!$post['icon'] || $post['icon'] < 0)
{
|
| Zeile 509 | Zeile 514 |
|---|
* @return boolean True when valid, false when not valid.
*/
function verify_dateline()
|
* @return boolean True when valid, false when not valid.
*/
function verify_dateline()
|
{
| {
|
$dateline = &$this->data['dateline'];
|
$dateline = &$this->data['dateline'];
|
|
|
// The date has to be numeric and > 0.
if($dateline < 0 || is_numeric($dateline) == false)
{
| // The date has to be numeric and > 0.
if($dateline < 0 || is_numeric($dateline) == false)
{
|
| Zeile 525 | Zeile 530 |
|---|
* @return boolean True when valid, false when invalid.
*/
function validate_post()
|
* @return boolean True when valid, false when invalid.
*/
function validate_post()
|
{
global $mybb, $db, $plugins;
$post = &$this->data;
| {
global $mybb, $db, $plugins;
$post = &$this->data;
|
$time = TIME_NOW;
|
$time = TIME_NOW;
|
|
|
$this->action = "post";
if($this->method != "update" && !$post['savedraft'])
|
$this->action = "post";
if($this->method != "update" && !$post['savedraft'])
|
{
| {
|
$this->verify_post_flooding();
}
| $this->verify_post_flooding();
}
|
| Zeile 543 | Zeile 548 |
|---|
if($this->method == "insert" || array_key_exists('uid', $post))
{
$this->verify_author();
|
if($this->method == "insert" || array_key_exists('uid', $post))
{
$this->verify_author();
|
}
| }
|
if($this->method == "insert" || array_key_exists('subject', $post))
|
if($this->method == "insert" || array_key_exists('subject', $post))
|
{
| {
|
$this->verify_subject();
|
$this->verify_subject();
|
}
| }
|
if($this->method == "insert" || array_key_exists('message', $post))
{
|
if($this->method == "insert" || array_key_exists('message', $post))
{
|
| Zeile 559 | Zeile 564 |
|---|
if($this->method == "insert" || array_key_exists('dateline', $post))
{
$this->verify_dateline();
|
if($this->method == "insert" || array_key_exists('dateline', $post))
{
$this->verify_dateline();
|
}
| }
|
if($this->method == "insert" || array_key_exists('replyto', $post))
|
if($this->method == "insert" || array_key_exists('replyto', $post))
|
{
| {
|
$this->verify_reply_to();
|
$this->verify_reply_to();
|
}
| }
|
if($this->method == "insert" || array_key_exists('icon', $post))
{
$this->verify_post_icon();
|
if($this->method == "insert" || array_key_exists('icon', $post))
{
$this->verify_post_icon();
|
}
| }
|
if($this->method == "insert" || array_key_exists('options', $post))
{
$this->verify_options();
|
if($this->method == "insert" || array_key_exists('options', $post))
{
$this->verify_options();
|
}
| }
|
$plugins->run_hooks_by_ref("datahandler_post_validate_post", $this);
// We are done validating, return.
$this->set_validated(true);
if(count($this->get_errors()) > 0)
|
$plugins->run_hooks_by_ref("datahandler_post_validate_post", $this);
// We are done validating, return.
$this->set_validated(true);
if(count($this->get_errors()) > 0)
|
{
| {
|
return false;
|
return false;
|
}
| }
|
else
{
return true;
}
}
|
else
{
return true;
}
}
|
|
|
/**
* Insert a post into the database.
*
| /**
* Insert a post into the database.
*
|
| Zeile 606 | Zeile 611 |
|---|
if(!$this->get_validated())
{
die("The post needs to be validated before inserting it into the DB.");
|
if(!$this->get_validated())
{
die("The post needs to be validated before inserting it into the DB.");
|
}
| }
|
if(count($this->get_errors()) > 0)
{
die("The post is not valid.");
| if(count($this->get_errors()) > 0)
{
die("The post is not valid.");
|
| Zeile 651 | Zeile 656 |
|---|
// Close the thread.
if($modoptions['closethread'] == 1 && $thread['closed'] != 1)
|
// Close the thread.
if($modoptions['closethread'] == 1 && $thread['closed'] != 1)
|
{
$newclosed = "closed=1";
| {
$newclosed = "closed=1";
|
log_moderator_action($modlogdata, $lang->thread_closed);
|
log_moderator_action($modlogdata, $lang->thread_closed);
|
}
| }
|
// Open the thread.
if($modoptions['closethread'] != 1 && $thread['closed'] == 1)
|
// Open the thread.
if($modoptions['closethread'] != 1 && $thread['closed'] == 1)
|
{
| {
|
$newclosed = "closed=0";
log_moderator_action($modlogdata, $lang->thread_opened);
}
| $newclosed = "closed=0";
log_moderator_action($modlogdata, $lang->thread_opened);
}
|
| Zeile 668 | Zeile 673 |
|---|
{
$newstick = "sticky='1'";
log_moderator_action($modlogdata, $lang->thread_stuck);
|
{
$newstick = "sticky='1'";
log_moderator_action($modlogdata, $lang->thread_stuck);
|
}
| }
|
// Unstick the thread.
if($modoptions['stickthread'] != 1 && $thread['sticky'])
|
// Unstick the thread.
if($modoptions['stickthread'] != 1 && $thread['sticky'])
|
| Zeile 698 | Zeile 703 |
|---|
// Decide on the visibility of this post.
if($forum['modposts'] == 1 && !is_moderator($thread['fid'], "", $post['uid']))
{
|
// Decide on the visibility of this post.
if($forum['modposts'] == 1 && !is_moderator($thread['fid'], "", $post['uid']))
{
|
$visible = 0;
}
else
{
| $visible = 0;
}
else
{
|
$visible = 1;
|
$visible = 1;
|
}
| }
|
// Are posts from this user being moderated? Change visibility
if($mybb->user['uid'] == $post['uid'] && $mybb->user['moderateposts'] == 1)
|
// Are posts from this user being moderated? Change visibility
if($mybb->user['uid'] == $post['uid'] && $mybb->user['moderateposts'] == 1)
|
| Zeile 715 | Zeile 720 |
|---|
if($this->method != "update" && $visible == 1)
{
$double_post = $this->verify_post_merge();
|
if($this->method != "update" && $visible == 1)
{
$double_post = $this->verify_post_merge();
|
|
// Only combine if they are both invisible (mod queue'd forum) or both visible
|
if($double_post !== true && $double_post['visible'] == $visible)
{
|
if($double_post !== true && $double_post['visible'] == $visible)
{
|
// Only combine if they are both invisible (mod queue'd forum) or both visible
$double_post['message'] .= $mybb->settings['postmergesep']."\n".$post['message'];
| $this->pid = $double_post['pid'];
$post['message'] = $double_post['message'] .= $mybb->settings['postmergesep']."\n".$post['message'];
|
$update_query = array(
"message" => $db->escape_string($double_post['message'])
);
| $update_query = array(
"message" => $db->escape_string($double_post['message'])
);
|
| Zeile 747 | Zeile 754 |
|---|
"posthash" => $double_post['posthash'],
);
$db->update_query("attachments", $attachmentassign, "posthash='{$post['posthash']}'");
|
"posthash" => $double_post['posthash'],
);
$db->update_query("attachments", $attachmentassign, "posthash='{$post['posthash']}'");
|
| |
$post['posthash'] = $double_post['posthash'];
|
}
// Return the post's pid and whether or not it is visible.
| }
// Return the post's pid and whether or not it is visible.
|
| Zeile 778 | Zeile 787 |
|---|
{
$query = $db->simple_select("posts", "tid", "pid='{$post['pid']}' AND uid='{$post['uid']}' AND visible='-2'");
$draft_check = $db->fetch_field($query, "tid");
|
{
$query = $db->simple_select("posts", "tid", "pid='{$post['pid']}' AND uid='{$post['uid']}' AND visible='-2'");
$draft_check = $db->fetch_field($query, "tid");
|
}
else
{
| }
else
{
|
$draft_check = false;
}
| $draft_check = false;
}
|
| Zeile 789 | Zeile 798 |
|---|
{
// Update a post that is a draft
$this->post_update_data = array(
|
{
// Update a post that is a draft
$this->post_update_data = array(
|
"subject" => $db->escape_string($post['subject']),
"icon" => intval($post['icon']),
"uid" => $post['uid'],
| "subject" => $db->escape_string($post['subject']),
"icon" => intval($post['icon']),
"uid" => $post['uid'],
|
"username" => $db->escape_string($post['username']),
"dateline" => intval($post['dateline']),
|
"username" => $db->escape_string($post['username']),
"dateline" => intval($post['dateline']),
|
"message" => $db->escape_string($post['message']),
"ipaddress" => $db->escape_string($post['ipaddress']),
"longipaddress" => intval(ip2long($post['ipaddress'])),
"includesig" => $post['options']['signature'],
"smilieoff" => $post['options']['disablesmilies'],
"visible" => $visible,
"posthash" => $db->escape_string($post['posthash'])
);
| "message" => $db->escape_string($post['message']),
"ipaddress" => $db->escape_string($post['ipaddress']),
"longipaddress" => intval(ip2long($post['ipaddress'])),
"includesig" => $post['options']['signature'],
"smilieoff" => $post['options']['disablesmilies'],
"visible" => $visible,
"posthash" => $db->escape_string($post['posthash'])
);
|
$plugins->run_hooks_by_ref("datahandler_post_insert_post", $this);
$db->update_query("posts", $this->post_update_data, "pid='{$post['pid']}'");
| $plugins->run_hooks_by_ref("datahandler_post_insert_post", $this);
$db->update_query("posts", $this->post_update_data, "pid='{$post['pid']}'");
|
| Zeile 837 | Zeile 846 |
|---|
// Assign any uploaded attachments with the specific posthash to the newly created post.
if($post['posthash'])
|
// Assign any uploaded attachments with the specific posthash to the newly created post.
if($post['posthash'])
|
{
| {
|
$post['posthash'] = $db->escape_string($post['posthash']);
$attachmentassign = array(
"pid" => $this->pid
| $post['posthash'] = $db->escape_string($post['posthash']);
$attachmentassign = array(
"pid" => $this->pid
|
| Zeile 859 | Zeile 868 |
|---|
// Fetch any users subscribed to this thread receiving instant notification and queue up their subscription notices
$query = $db->query("
|
// Fetch any users subscribed to this thread receiving instant notification and queue up their subscription notices
$query = $db->query("
|
SELECT u.username, u.email, u.uid, u.language, s.subscriptionkey
| SELECT u.username, u.email, u.uid, u.language, u.loginkey, u.salt, u.regdate, s.subscriptionkey
|
FROM ".TABLE_PREFIX."threadsubscriptions s
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=s.uid)
WHERE s.notification='1' AND s.tid='{$post['tid']}'
| FROM ".TABLE_PREFIX."threadsubscriptions s
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=s.uid)
WHERE s.notification='1' AND s.tid='{$post['tid']}'
|
| Zeile 873 | Zeile 882 |
|---|
continue;
}
$done_users[$subscribedmember['uid']] = 1;
|
continue;
}
$done_users[$subscribedmember['uid']] = 1;
|
| |
$forumpermissions = forum_permissions($thread['fid'], $subscribedmember['uid']);
if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0)
{
continue;
}
|
if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language']))
{
$uselang = $subscribedmember['language'];
| if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language']))
{
$uselang = $subscribedmember['language'];
|
| Zeile 907 | Zeile 923 |
|---|
$emailmessage = $langcache[$uselang]['email_subscription'];
}
$emailsubject = $lang->sprintf($emailsubject, $subject);
|
$emailmessage = $langcache[$uselang]['email_subscription'];
}
$emailsubject = $lang->sprintf($emailsubject, $subject);
|
$emailmessage = $lang->sprintf($emailmessage, $subscribedmember['username'], $post['username'], $mybb->settings['bbname'], $subject, $excerpt, $mybb->settings['bburl'], str_replace("&", "&", get_thread_link($thread['tid'], 0, "newpost")), $thread['tid'], $subscribedmember['subscriptionkey']);
|
$post_code = md5($subscribedmember['loginkey'].$subscribedmember['salt'].$subscribedmember['regdate']);
$emailmessage = $lang->sprintf($emailmessage, $subscribedmember['username'], $post['username'], $mybb->settings['bbname'], $subject, $excerpt, $mybb->settings['bburl'], str_replace("&", "&", get_thread_link($thread['tid'], 0, "newpost")), $thread['tid'], $subscribedmember['subscriptionkey'], $post_code);
|
$new_email = array(
"mailto" => $db->escape_string($subscribedmember['email']),
"mailfrom" => '',
| $new_email = array(
"mailto" => $db->escape_string($subscribedmember['email']),
"mailfrom" => '',
|
| Zeile 1244 | Zeile 1262 |
|---|
{
$forum['lastpost'] = 0;
}
|
{
$forum['lastpost'] = 0;
}
|
|
$done_users = array();
|
// Queue up any forum subscription notices to users who are subscribed to this forum.
$excerpt = my_substr($thread['message'], 0, $mybb->settings['subscribeexcerpt']).$lang->emailbit_viewthread;
| // Queue up any forum subscription notices to users who are subscribed to this forum.
$excerpt = my_substr($thread['message'], 0, $mybb->settings['subscribeexcerpt']).$lang->emailbit_viewthread;
|
| Zeile 1254 | Zeile 1274 |
|---|
$excerpt = $parser->parse_badwords($excerpt);
$query = $db->query("
|
$excerpt = $parser->parse_badwords($excerpt);
$query = $db->query("
|
SELECT u.username, u.email, u.uid, u.language
| SELECT u.username, u.email, u.uid, u.language, u.loginkey, u.salt, u.regdate
|
FROM ".TABLE_PREFIX."forumsubscriptions fs
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=fs.uid)
LEFT JOIN ".TABLE_PREFIX."usergroups g ON (g.gid=u.usergroup)
| FROM ".TABLE_PREFIX."forumsubscriptions fs
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=fs.uid)
LEFT JOIN ".TABLE_PREFIX."usergroups g ON (g.gid=u.usergroup)
|
| Zeile 1270 | Zeile 1290 |
|---|
continue;
}
$done_users[$subscribedmember['uid']] = 1;
|
continue;
}
$done_users[$subscribedmember['uid']] = 1;
|
| |
$forumpermissions = forum_permissions($thread['fid'], $subscribedmember['uid']);
if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0)
{
continue;
}
|
// Determine the language pack we'll be using to send this email in and load it if it isn't already.
if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language']))
{
| // Determine the language pack we'll be using to send this email in and load it if it isn't already.
if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language']))
{
|
| Zeile 1278 | Zeile 1305 |
|---|
else if($mybb->settings['bblanguage'])
{
$uselang = $mybb->settings['bblanguage'];
|
else if($mybb->settings['bblanguage'])
{
$uselang = $mybb->settings['bblanguage'];
|
}
else
{
| }
else
{
|
$uselang = "english";
}
| $uselang = "english";
}
|
| Zeile 1305 | Zeile 1332 |
|---|
$emailmessage = $langcache[$uselang]['email_forumsubscription'];
}
$emailsubject = $lang->sprintf($emailsubject, $forum['name']);
|
$emailmessage = $langcache[$uselang]['email_forumsubscription'];
}
$emailsubject = $lang->sprintf($emailsubject, $forum['name']);
|
$emailmessage = $lang->sprintf($emailmessage, $subscribedmember['username'], $thread['username'], $forum['name'], $mybb->settings['bbname'], $thread['subject'], $excerpt, $mybb->settings['bburl'], get_thread_link($this->tid), $thread['fid']);
|
$post_code = md5($subscribedmember['loginkey'].$subscribedmember['salt'].$subscribedmember['regdate']);
$emailmessage = $lang->sprintf($emailmessage, $subscribedmember['username'], $thread['username'], $forum['name'], $mybb->settings['bbname'], $thread['subject'], $excerpt, $mybb->settings['bburl'], get_thread_link($this->tid), $thread['fid'], $post_code);
|
$new_email = array(
"mailto" => $db->escape_string($subscribedmember['email']),
"mailfrom" => '',
| $new_email = array(
"mailto" => $db->escape_string($subscribedmember['email']),
"mailfrom" => '',
|
| Zeile 1321 | Zeile 1350 |
|---|
if($queued_email == 1)
{
$cache->update_mailqueue();
|
if($queued_email == 1)
{
$cache->update_mailqueue();
|
}
| }
|
}
}
| }
}
|
| Zeile 1343 | Zeile 1372 |
|---|
else if($visible == 0)
{
update_thread_data($this->tid);
|
else if($visible == 0)
{
update_thread_data($this->tid);
|
update_thread_counters($thread['tid'], array("replies" => 0, "unapprovedposts" => 1));
| update_thread_counters($this->tid, array("replies" => 0, "unapprovedposts" => 1));
|
update_forum_counters($thread['fid'], array("unapprovedthreads" => "+1", "unapprovedposts" => "+1"));
}
| update_forum_counters($thread['fid'], array("unapprovedthreads" => "+1", "unapprovedposts" => "+1"));
}
|
| Zeile 1391 | Zeile 1420 |
|---|
$forum = get_forum($post['fid']);
// Decide on the visibility of this post.
|
$forum = get_forum($post['fid']);
// Decide on the visibility of this post.
|
if($forum['mod_edit_posts'] == 1 && !is_moderator($post['fid'], "", $post['uid']))
{
if($existing_post['visible'] == 1)
{
update_thread_data($existing_post['tid']);
update_thread_counters($existing_post['tid'], array('replies' => '-1', 'unapprovedposts' => '+1'));
update_forum_counters($existing_post['fid'], array('unapprovedthreads' => '+1', 'unapprovedposts' => '+1'));
// Subtract from the users post count
// Update the post count if this forum allows post counts to be tracked
if($forum['usepostcounts'] != 0)
{
$db->write_query("UPDATE ".TABLE_PREFIX."users SET postnum=postnum-1 WHERE uid='{$existing_post['uid']}'");
}
}
| if(isset($post['visible']) && $post['visible'] != $existing_post['visible'])
{
if($forum['mod_edit_posts'] == 1 && !is_moderator($post['fid'], "", $post['uid']))
{
if($existing_post['visible'] == 1)
{
update_thread_data($existing_post['tid']);
update_thread_counters($existing_post['tid'], array('replies' => '-1', 'unapprovedposts' => '+1'));
update_forum_counters($existing_post['fid'], array('unapprovedthreads' => '+1', 'unapprovedposts' => '+1'));
// Subtract from the users post count
// Update the post count if this forum allows post counts to be tracked
if($forum['usepostcounts'] != 0)
{
$db->write_query("UPDATE ".TABLE_PREFIX."users SET postnum=postnum-1 WHERE uid='{$existing_post['uid']}'");
}
}
$visible = 0;
}
else
{
if($existing_post['visible'] == 0)
{
update_thread_data($existing_post['tid']);
update_thread_counters($existing_post['tid'], array('replies' => '+1', 'unapprovedposts' => '-1'));
update_forum_counters($existing_post['fid'], array('unapprovedthreads' => '-1', 'unapprovedposts' => '-1'));
// Update the post count if this forum allows post counts to be tracked
if($forum['usepostcounts'] != 0)
{
$db->write_query("UPDATE ".TABLE_PREFIX."users SET postnum=postnum+1 WHERE uid='{$existing_post['uid']}'");
}
}
$visible = 1;
}
}
else
{
|
$visible = 0;
|
$visible = 0;
|
}
else
{
if($existing_post['visible'] == 0)
| if($forum['mod_edit_posts'] != 1 || is_moderator($post['fid'], "", $post['uid']))
|
{
|
{
|
update_thread_data($existing_post['tid']);
update_thread_counters($existing_post['tid'], array('replies' => '+1', 'unapprovedposts' => '-1'));
update_forum_counters($existing_post['fid'], array('unapprovedthreads' => '-1', 'unapprovedposts' => '-1'));
// Update the post count if this forum allows post counts to be tracked
if($forum['usepostcounts'] != 0)
{
$db->write_query("UPDATE ".TABLE_PREFIX."users SET postnum=postnum+1 WHERE uid='{$existing_post['uid']}'");
}
| $visible = 1;
|
}
|
}
|
$visible = 1;
}
| }
|
// Check if this is the first post in a thread.
$options = array(
|
// Check if this is the first post in a thread.
$options = array(
|