Zeile 6 | Zeile 6 |
---|
* Website: http://mybb.com * License: http://mybb.com/about/license *
|
* Website: http://mybb.com * License: http://mybb.com/about/license *
|
* $Id: post.php 5171 2010-08-02 21:13:47Z RyanGordon $
| * $Id: post.php 5828 2012-05-08 16:06:16Z Tomm $
|
*/
// Disallow direct access to this file for security reasons
| */
// Disallow direct access to this file for security reasons
|
Zeile 145 | Zeile 145 |
---|
global $db; $post = &$this->data; $subject = &$post['subject'];
|
global $db; $post = &$this->data; $subject = &$post['subject'];
|
| $subject = trim_blank_chrs($subject);
|
// Are we editing an existing thread or post? if($this->method == "update" && $post['pid'])
| // Are we editing an existing thread or post? if($this->method == "update" && $post['pid'])
|
Zeile 173 | Zeile 174 |
---|
}
// If this is the first post there needs to be a subject, else make it the default one.
|
}
// If this is the first post there needs to be a subject, else make it the default one.
|
if(my_strlen(trim_blank_chrs($subject)) == 0 && $first_post)
| if(my_strlen($subject) == 0 && $first_post)
|
{ $this->set_error("firstpost_no_subject"); return false;
| { $this->set_error("firstpost_no_subject"); return false;
|
Zeile 188 | Zeile 189 |
---|
// This is a new post else if($this->action == "post") {
|
// This is a new post else if($this->action == "post") {
|
if(my_strlen(trim_blank_chrs($subject)) == 0)
| if(my_strlen($subject) == 0)
|
{ $thread = get_thread($post['tid']); $subject = "RE: ".$thread['subject'];
| { $thread = get_thread($post['tid']); $subject = "RE: ".$thread['subject'];
|
Zeile 198 | Zeile 199 |
---|
// This is a new thread and we require that a subject is present. else {
|
// This is a new thread and we require that a subject is present. else {
|
if(my_strlen(trim_blank_chrs($subject)) == 0)
| if(my_strlen($subject) == 0)
|
{ $this->set_error("missing_subject"); return false; }
|
{ $this->set_error("missing_subject"); return false; }
|
| }
if(my_strlen($subject) > 85) { // Subject is too long $this->set_error('subject_too_long', my_strlen($subject)); return false;
|
}
// Subject is valid - return true. return true; }
|
}
// Subject is valid - return true. return true; }
|
|
|
/** * Verifies a post message. *
| /** * Verifies a post message. *
|
Zeile 219 | Zeile 227 |
---|
global $mybb;
$post = &$this->data;
|
global $mybb;
$post = &$this->data;
|
| $post['message'] = trim_blank_chrs($post['message']);
|
// Do we even have a message at all?
|
// Do we even have a message at all?
|
if(my_strlen(trim_blank_chrs($post['message'])) == 0)
| if(my_strlen($post['message']) == 0)
|
{ $this->set_error("missing_message"); return false;
| { $this->set_error("missing_message"); return false;
|
Zeile 239 | Zeile 248 |
---|
{ $this->set_error("message_too_short", array($mybb->settings['minmessagelength'])); return false;
|
{ $this->set_error("message_too_short", array($mybb->settings['minmessagelength'])); return false;
|
} return true; }
| } return true; }
|
/** * Verifies the specified post options are correct.
| /** * Verifies the specified post options are correct.
|
Zeile 274 | Zeile 283 |
---|
if($mybb->settings['postfloodcheck'] == 1 && $post['uid'] != 0 && $this->admin_override == false) { if($this->verify_post_merge(true) !== true)
|
if($mybb->settings['postfloodcheck'] == 1 && $post['uid'] != 0 && $this->admin_override == false) { if($this->verify_post_merge(true) !== true)
|
{ return true; }
| { return true; }
|
// Fetch the user information for this post - used to check their last post date. $user = get_user($post['uid']);
| // Fetch the user information for this post - used to check their last post date. $user = get_user($post['uid']);
|
Zeile 331 | Zeile 340 |
---|
$gids = explode(',', $mybb->settings['postmergeuignore']); $gids = array_map('intval', $gids);
|
$gids = explode(',', $mybb->settings['postmergeuignore']); $gids = array_map('intval', $gids);
|
|
|
$user_usergroups = explode(',', $mybb->user['usergroup'].",".$mybb->user['additionalgroups']); if(count(array_intersect($user_usergroups, $gids)) > 0) { return true; }
|
$user_usergroups = explode(',', $mybb->user['usergroup'].",".$mybb->user['additionalgroups']); if(count(array_intersect($user_usergroups, $gids)) > 0) { return true; }
|
}
| }
|
// Select the lastpost and fid information for this thread $query = $db->simple_select("threads", "lastpost,fid", "lastposteruid='".$post['uid']."' AND tid='".$post['tid']."'", array('limit' => '1'));
| // Select the lastpost and fid information for this thread $query = $db->simple_select("threads", "lastpost,fid", "lastposteruid='".$post['uid']."' AND tid='".$post['tid']."'", array('limit' => '1'));
|
Zeile 345 | Zeile 354 |
---|
// Check to see if the same author has posted within the merge post time limit if((intval($mybb->settings['postmergemins']) != 0 && trim($mybb->settings['postmergemins']) != "") && (TIME_NOW-$thread['lastpost']) > (intval($mybb->settings['postmergemins'])*60))
|
// Check to see if the same author has posted within the merge post time limit if((intval($mybb->settings['postmergemins']) != 0 && trim($mybb->settings['postmergemins']) != "") && (TIME_NOW-$thread['lastpost']) > (intval($mybb->settings['postmergemins'])*60))
|
{ return true; }
| { return true; }
|
if(strstr($mybb->settings['postmergefignore'], ',')) { $fids = explode(',', $mybb->settings['postmergefignore']); foreach($fids as $key => $forumid)
|
if(strstr($mybb->settings['postmergefignore'], ',')) { $fids = explode(',', $mybb->settings['postmergefignore']); foreach($fids as $key => $forumid)
|
{
| {
|
$fid[] = intval($forumid);
|
$fid[] = intval($forumid);
|
}
| }
|
if(in_array($thread['fid'], $fid)) {
| if(in_array($thread['fid'], $fid)) {
|
Zeile 366 | Zeile 375 |
---|
else if(trim($mybb->settings['postmergefignore']) != "" && $thread['fid'] == intval($mybb->settings['postmergefignore'])) { return true;
|
else if(trim($mybb->settings['postmergefignore']) != "" && $thread['fid'] == intval($mybb->settings['postmergefignore'])) { return true;
|
}
| }
|
if($simple_mode == true)
|
if($simple_mode == true)
|
{
| {
|
return false;
|
return false;
|
}
| }
|
if($post['uid']) {
| if($post['uid']) {
|
Zeile 384 | Zeile 393 |
---|
$query = $db->simple_select("posts", "pid,message,visible,posthash", "{$user_check} AND tid='".$post['tid']."' AND dateline='".$thread['lastpost']."'", array('order_by' => 'pid', 'order_dir' => 'DESC', 'limit' => 1)); return $db->fetch_array($query);
|
$query = $db->simple_select("posts", "pid,message,visible,posthash", "{$user_check} AND tid='".$post['tid']."' AND dateline='".$thread['lastpost']."'", array('order_by' => 'pid', 'order_dir' => 'DESC', 'limit' => 1)); return $db->fetch_array($query);
|
}
| }
|
/** * Verifies the image count.
| /** * Verifies the image count.
|
Zeile 396 | Zeile 405 |
---|
global $mybb, $db;
$post = &$this->data;
|
global $mybb, $db;
$post = &$this->data;
|
|
|
// Get the permissions of the user who is making this post or thread $permissions = user_permissions($post['uid']);
// Fetch the forum this post is being made in if(!$post['fid'])
|
// Get the permissions of the user who is making this post or thread $permissions = user_permissions($post['uid']);
// Fetch the forum this post is being made in if(!$post['fid'])
|
{
| {
|
$query = $db->simple_select('posts', 'fid', "pid = '{$post['pid']}'"); $post['fid'] = $db->fetch_field($query, 'fid'); }
| $query = $db->simple_select('posts', 'fid', "pid = '{$post['pid']}'"); $post['fid'] = $db->fetch_field($query, 'fid'); }
|
Zeile 437 | Zeile 446 |
---|
// And count the number of image tags in the message. $image_count = substr_count($image_check, "<img"); if($image_count > $mybb->settings['maxpostimages'])
|
// And count the number of image tags in the message. $image_count = substr_count($image_check, "<img"); if($image_count > $mybb->settings['maxpostimages'])
|
{ // Throw back a message if over the count with the number of images as well as the maximum number of images per post.
| { // Throw back a message if over the count with the number of images as well as the maximum number of images per post.
|
$this->set_error("too_many_images", array(1 => $image_count, 2 => $mybb->settings['maxpostimages'])); return false; }
| $this->set_error("too_many_images", array(1 => $image_count, 2 => $mybb->settings['maxpostimages'])); return false; }
|
Zeile 491 | Zeile 500 |
---|
if(!$valid_post['pid']) { $post['replyto'] = 0;
|
if(!$valid_post['pid']) { $post['replyto'] = 0;
|
}
| }
|
else { return true;
| else { return true;
|
Zeile 523 | Zeile 532 |
---|
function verify_post_icon() { global $cache;
|
function verify_post_icon() { global $cache;
|
|
|
$post = &$this->data;
|
$post = &$this->data;
|
|
|
// If we don't assign it as 0. if(!$post['icon'] || $post['icon'] < 0) {
| // If we don't assign it as 0. if(!$post['icon'] || $post['icon'] < 0) {
|
Zeile 540 | Zeile 549 |
---|
* @return boolean True when valid, false when not valid. */ function verify_dateline()
|
* @return boolean True when valid, false when not valid. */ function verify_dateline()
|
{
| {
|
$dateline = &$this->data['dateline'];
// The date has to be numeric and > 0.
| $dateline = &$this->data['dateline'];
// The date has to be numeric and > 0.
|
Zeile 556 | Zeile 565 |
---|
* @return boolean True when valid, false when not valid. */ function verify_prefix()
|
* @return boolean True when valid, false when not valid. */ function verify_prefix()
|
{
| {
|
$prefix = &$this->data['prefix']; // If a valid prefix isn't supplied, don't assign one.
| $prefix = &$this->data['prefix']; // If a valid prefix isn't supplied, don't assign one.
|
Zeile 604 | Zeile 613 |
---|
$this->verify_message(); $this->verify_image_count(); $this->verify_video_count();
|
$this->verify_message(); $this->verify_image_count(); $this->verify_video_count();
|
}
| }
|
if($this->method == "insert" || array_key_exists('dateline', $post))
|
if($this->method == "insert" || array_key_exists('dateline', $post))
|
{
| {
|
$this->verify_dateline();
|
$this->verify_dateline();
|
}
| }
|
if($this->method == "insert" || array_key_exists('replyto', $post)) { $this->verify_reply_to();
|
if($this->method == "insert" || array_key_exists('replyto', $post)) { $this->verify_reply_to();
|
}
| }
|
if($this->method == "insert" || array_key_exists('icon', $post))
|
if($this->method == "insert" || array_key_exists('icon', $post))
|
{
| {
|
$this->verify_post_icon();
|
$this->verify_post_icon();
|
}
| }
|
if($this->method == "insert" || array_key_exists('options', $post)) {
|
if($this->method == "insert" || array_key_exists('options', $post)) {
|
$this->verify_options(); }
$plugins->run_hooks_by_ref("datahandler_post_validate_post", $this);
// We are done validating, return. $this->set_validated(true); if(count($this->get_errors()) > 0) { return false; } else {
| $this->verify_options(); }
$plugins->run_hooks("datahandler_post_validate_post", $this);
// We are done validating, return. $this->set_validated(true); if(count($this->get_errors()) > 0) { return false; } else {
|
return true; } }
| return true; } }
|
Zeile 688 | Zeile 697 |
---|
require_once MYBB_ROOT."inc/functions_user.php"; add_subscribed_thread($post['tid'], $notification, $post['uid']);
|
require_once MYBB_ROOT."inc/functions_user.php"; add_subscribed_thread($post['tid'], $notification, $post['uid']);
|
}
| }
|
// Perform any selected moderation tools. if(is_moderator($post['fid'], "", $post['uid'])) {
| // Perform any selected moderation tools. if(is_moderator($post['fid'], "", $post['uid'])) {
|
Zeile 760 | Zeile 769 |
---|
{ $visible = 0; }
|
{ $visible = 0; }
|
| } $post['pid'] = intval($post['pid']); $post['uid'] = intval($post['uid']);
if($post['pid'] > 0) { $query = $db->simple_select("posts", "tid", "pid='{$post['pid']}' AND uid='{$post['uid']}' AND visible='-2'"); $draft_check = $db->fetch_field($query, "tid"); } else { $draft_check = false;
|
} if($this->method != "update" && $visible == 1)
| } if($this->method != "update" && $visible == 1)
|
Zeile 771 | Zeile 793 |
---|
{ $this->pid = $double_post['pid'];
|
{ $this->pid = $double_post['pid'];
|
$post['message'] = $double_post['message'] .= $mybb->settings['postmergesep']."\n".$post['message'];
| $post['message'] = $double_post['message'] .= "\n".$mybb->settings['postmergesep']."\n".$post['message'];
|
$update_query = array( "message" => $db->escape_string($double_post['message']) ); $update_query['edituid'] = intval($post['uid']); $update_query['edittime'] = TIME_NOW;
|
$update_query = array( "message" => $db->escape_string($double_post['message']) ); $update_query['edituid'] = intval($post['uid']); $update_query['edittime'] = TIME_NOW;
|
$query = $db->update_query("posts", $update_query, "pid='".$double_post['pid']."'");
| $query = $db->update_query("posts", $update_query, "pid='".$double_post['pid']."'"); if($draft_check) { $db->delete_query("posts", "pid='".$post['pid']."'"); }
|
// Assign any uploaded attachments with the specific posthash to the merged post. if($double_post['posthash']) {
| // Assign any uploaded attachments with the specific posthash to the merged post. if($double_post['posthash']) {
|
Zeile 793 | Zeile 820 |
---|
// Update forum count update_thread_counters($post['tid'], array('attachmentcount' => "+{$attachmentcount}")); }
|
// Update forum count update_thread_counters($post['tid'], array('attachmentcount' => "+{$attachmentcount}")); }
|
|
|
$attachmentassign = array( "pid" => $double_post['pid'], "posthash" => $double_post['posthash'],
| $attachmentassign = array( "pid" => $double_post['pid'], "posthash" => $double_post['posthash'],
|
Zeile 812 | Zeile 839 |
---|
} if($visible == 1 && $thread['visible'] == 1)
|
} if($visible == 1 && $thread['visible'] == 1)
|
{
| {
|
$now = TIME_NOW;
// Yes, the value to the lastpost key in this array has single quotes within double quotes. It's not a bug.
| $now = TIME_NOW;
// Yes, the value to the lastpost key in this array has single quotes within double quotes. It's not a bug.
|
Zeile 825 | Zeile 852 |
---|
} $db->update_query("users", $update_array, "uid='{$post['uid']}'", 1, true);
|
} $db->update_query("users", $update_array, "uid='{$post['uid']}'", 1, true);
|
}
$post['pid'] = intval($post['pid']); $post['uid'] = intval($post['uid']);
if($post['pid'] > 0) { $query = $db->simple_select("posts", "tid", "pid='{$post['pid']}' AND uid='{$post['uid']}' AND visible='-2'"); $draft_check = $db->fetch_field($query, "tid"); } else { $draft_check = false;
| |
}
// Are we updating a post which is already a draft? Perhaps changing it into a visible post?
| }
// Are we updating a post which is already a draft? Perhaps changing it into a visible post?
|
Zeile 859 | Zeile 873 |
---|
"posthash" => $db->escape_string($post['posthash']) );
|
"posthash" => $db->escape_string($post['posthash']) );
|
$plugins->run_hooks_by_ref("datahandler_post_insert_post", $this);
| $plugins->run_hooks("datahandler_post_insert_post", $this);
|
$db->update_query("posts", $this->post_update_data, "pid='{$post['pid']}'"); $this->pid = $post['pid'];
| $db->update_query("posts", $this->post_update_data, "pid='{$post['pid']}'"); $this->pid = $post['pid'];
|
Zeile 885 | Zeile 899 |
---|
"posthash" => $db->escape_string($post['posthash']) );
|
"posthash" => $db->escape_string($post['posthash']) );
|
$plugins->run_hooks_by_ref("datahandler_post_insert_post", $this);
| $plugins->run_hooks("datahandler_post_insert_post", $this);
|
$this->pid = $db->insert_query("posts", $this->post_insert_data); }
| $this->pid = $db->insert_query("posts", $this->post_insert_data); }
|
Zeile 933 | Zeile 947 |
---|
if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) { continue;
|
if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) { continue;
|
| }
if($thread['uid'] != $subscribedmember['uid'] && $forumpermissions['canonlyviewownthread'] == 1 && !is_moderator($thread['fid'], "", $subscribedmember['uid'])) { // User isn't a moderator or the author of the thread... continue;
|
} if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language']))
| } if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language']))
|
Zeile 1070 | Zeile 1090 |
---|
$this->verify_options(); }
|
$this->verify_options(); }
|
$plugins->run_hooks_by_ref("datahandler_post_validate_thread", $this);
| $plugins->run_hooks("datahandler_post_validate_thread", $this);
|
// We are done validating, return. $this->set_validated(true);
| // We are done validating, return. $this->set_validated(true);
|
Zeile 1165 | Zeile 1185 |
---|
"visible" => $visible );
|
"visible" => $visible );
|
$plugins->run_hooks_by_ref("datahandler_post_insert_thread", $this);
| $plugins->run_hooks("datahandler_post_insert_thread", $this);
|
$db->update_query("threads", $this->thread_insert_data, "tid='{$thread['tid']}'");
| $db->update_query("threads", $this->thread_insert_data, "tid='{$thread['tid']}'");
|
Zeile 1181 | Zeile 1201 |
---|
"visible" => $visible, "posthash" => $db->escape_string($thread['posthash']) );
|
"visible" => $visible, "posthash" => $db->escape_string($thread['posthash']) );
|
$plugins->run_hooks_by_ref("datahandler_post_insert_thread_post", $this);
| $plugins->run_hooks("datahandler_post_insert_thread_post", $this);
|
$db->update_query("posts", $this->post_insert_data, "pid='{$thread['pid']}'"); $this->tid = $thread['tid'];
| $db->update_query("posts", $this->post_insert_data, "pid='{$thread['pid']}'"); $this->tid = $thread['tid'];
|
Zeile 1207 | Zeile 1227 |
---|
"notes" => '' );
|
"notes" => '' );
|
$plugins->run_hooks_by_ref("datahandler_post_insert_thread", $this);
| $plugins->run_hooks("datahandler_post_insert_thread", $this);
|
$this->tid = $db->insert_query("threads", $this->thread_insert_data);
| $this->tid = $db->insert_query("threads", $this->thread_insert_data);
|
Zeile 1227 | Zeile 1247 |
---|
"visible" => $visible, "posthash" => $db->escape_string($thread['posthash']) );
|
"visible" => $visible, "posthash" => $db->escape_string($thread['posthash']) );
|
$plugins->run_hooks_by_ref("datahandler_post_insert_thread_post", $this);
| $plugins->run_hooks("datahandler_post_insert_thread_post", $this);
|
$this->pid = $db->insert_query("posts", $this->post_insert_data);
| $this->pid = $db->insert_query("posts", $this->post_insert_data);
|
Zeile 1355 | Zeile 1375 |
---|
{ continue; }
|
{ continue; }
|
| if(!is_moderator($thread['fid'], "", $subscribedmember['uid']) && $forumpermissions['canonlyviewownthreads'] == 1) { // In a 'view own only' forum and not a moderator continue; }
|
// Determine the language pack we'll be using to send this email in and load it if it isn't already. if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language'])) {
| // Determine the language pack we'll be using to send this email in and load it if it isn't already. if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language'])) {
|
Zeile 1570 | Zeile 1596 |
---|
} if(count($this->thread_update_data) > 0) {
|
} if(count($this->thread_update_data) > 0) {
|
$plugins->run_hooks_by_ref("datahandler_post_update_thread", $this);
| $plugins->run_hooks("datahandler_post_update_thread", $this);
|
$db->update_query("threads", $this->thread_update_data, "tid='".intval($post['tid'])."'"); }
| $db->update_query("threads", $this->thread_update_data, "tid='".intval($post['tid'])."'"); }
|
Zeile 1616 | Zeile 1642 |
---|
$this->post_update_data['visible'] = $visible;
|
$this->post_update_data['visible'] = $visible;
|
$plugins->run_hooks_by_ref("datahandler_post_update", $this);
| $plugins->run_hooks("datahandler_post_update", $this);
|
$db->update_query("posts", $this->post_update_data, "pid='".intval($post['pid'])."'");
| $db->update_query("posts", $this->post_update_data, "pid='".intval($post['pid'])."'");
|