Vergleich inc/datahandlers/post.php - 1.6.0 - 1.6.8

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 6Zeile 6
 * Website: http://mybb.com
* License: http://mybb.com/about/license
*

 * Website: http://mybb.com
* License: http://mybb.com/about/license
*

 * $Id: post.php 5171 2010-08-02 21:13:47Z RyanGordon $

 * $Id: post.php 5828 2012-05-08 16:06:16Z Tomm $

 */

// Disallow direct access to this file for security reasons

 */

// Disallow direct access to this file for security reasons

Zeile 145Zeile 145
		global $db;
$post = &$this->data;
$subject = &$post['subject'];

		global $db;
$post = &$this->data;
$subject = &$post['subject'];

 
		$subject = trim_blank_chrs($subject);


// Are we editing an existing thread or post?
if($this->method == "update" && $post['pid'])


// Are we editing an existing thread or post?
if($this->method == "update" && $post['pid'])

Zeile 173Zeile 174
			}

// If this is the first post there needs to be a subject, else make it the default one.

			}

// If this is the first post there needs to be a subject, else make it the default one.

			if(my_strlen(trim_blank_chrs($subject)) == 0 && $first_post)

			if(my_strlen($subject) == 0 && $first_post)

			{
$this->set_error("firstpost_no_subject");
return false;

			{
$this->set_error("firstpost_no_subject");
return false;

Zeile 188Zeile 189
		// This is a new post
else if($this->action == "post")
{

		// This is a new post
else if($this->action == "post")
{

			if(my_strlen(trim_blank_chrs($subject)) == 0)

			if(my_strlen($subject) == 0)

			{
$thread = get_thread($post['tid']);
$subject = "RE: ".$thread['subject'];

			{
$thread = get_thread($post['tid']);
$subject = "RE: ".$thread['subject'];

Zeile 198Zeile 199
		// This is a new thread and we require that a subject is present.
else
{

		// This is a new thread and we require that a subject is present.
else
{

			if(my_strlen(trim_blank_chrs($subject)) == 0)

			if(my_strlen($subject) == 0)

			{
$this->set_error("missing_subject");
return false;
}

			{
$this->set_error("missing_subject");
return false;
}

 
		}

if(my_strlen($subject) > 85)
{
// Subject is too long
$this->set_error('subject_too_long', my_strlen($subject));
return false;

		}

// Subject is valid - return true.
return true;
}

		}

// Subject is valid - return true.
return true;
}





	/**
* Verifies a post message.
*

	/**
* Verifies a post message.
*

Zeile 219Zeile 227
		global $mybb;

$post = &$this->data;

		global $mybb;

$post = &$this->data;

		


		$post['message'] = trim_blank_chrs($post['message']);


		// Do we even have a message at all?

		// Do we even have a message at all?

		if(my_strlen(trim_blank_chrs($post['message'])) == 0)

		if(my_strlen($post['message']) == 0)

		{
$this->set_error("missing_message");
return false;

		{
$this->set_error("missing_message");
return false;

Zeile 239Zeile 248
		{
$this->set_error("message_too_short", array($mybb->settings['minmessagelength']));
return false;

		{
$this->set_error("message_too_short", array($mybb->settings['minmessagelength']));
return false;

		}
return true;
}

		}
return true;
}


/**
* Verifies the specified post options are correct.


/**
* Verifies the specified post options are correct.

Zeile 274Zeile 283
		if($mybb->settings['postfloodcheck'] == 1 && $post['uid'] != 0 && $this->admin_override == false)
{
if($this->verify_post_merge(true) !== true)

		if($mybb->settings['postfloodcheck'] == 1 && $post['uid'] != 0 && $this->admin_override == false)
{
if($this->verify_post_merge(true) !== true)

			{
return true;
}


			{
return true;
}


			// Fetch the user information for this post - used to check their last post date.
$user = get_user($post['uid']);


			// Fetch the user information for this post - used to check their last post date.
$user = get_user($post['uid']);


Zeile 331Zeile 340
			$gids = explode(',', $mybb->settings['postmergeuignore']);
$gids = array_map('intval', $gids);


			$gids = explode(',', $mybb->settings['postmergeuignore']);
$gids = array_map('intval', $gids);


			

			

			$user_usergroups = explode(',', $mybb->user['usergroup'].",".$mybb->user['additionalgroups']);
if(count(array_intersect($user_usergroups, $gids)) > 0)
{
return true;
}

			$user_usergroups = explode(',', $mybb->user['usergroup'].",".$mybb->user['additionalgroups']);
if(count(array_intersect($user_usergroups, $gids)) > 0)
{
return true;
}

		}

		}

		
// Select the lastpost and fid information for this thread
$query = $db->simple_select("threads", "lastpost,fid", "lastposteruid='".$post['uid']."' AND tid='".$post['tid']."'", array('limit' => '1'));

		
// Select the lastpost and fid information for this thread
$query = $db->simple_select("threads", "lastpost,fid", "lastposteruid='".$post['uid']."' AND tid='".$post['tid']."'", array('limit' => '1'));

Zeile 345Zeile 354
		
// Check to see if the same author has posted within the merge post time limit
if((intval($mybb->settings['postmergemins']) != 0 && trim($mybb->settings['postmergemins']) != "") && (TIME_NOW-$thread['lastpost']) > (intval($mybb->settings['postmergemins'])*60))

		
// Check to see if the same author has posted within the merge post time limit
if((intval($mybb->settings['postmergemins']) != 0 && trim($mybb->settings['postmergemins']) != "") && (TIME_NOW-$thread['lastpost']) > (intval($mybb->settings['postmergemins'])*60))

		{
return true;
}


		{
return true;
}


		if(strstr($mybb->settings['postmergefignore'], ','))
{
$fids = explode(',', $mybb->settings['postmergefignore']);
foreach($fids as $key => $forumid)

		if(strstr($mybb->settings['postmergefignore'], ','))
{
$fids = explode(',', $mybb->settings['postmergefignore']);
foreach($fids as $key => $forumid)

			{

			{

				$fid[] = intval($forumid);

				$fid[] = intval($forumid);

			}

			}

			
if(in_array($thread['fid'], $fid))
{

			
if(in_array($thread['fid'], $fid))
{

Zeile 366Zeile 375
		else if(trim($mybb->settings['postmergefignore']) != "" && $thread['fid'] == intval($mybb->settings['postmergefignore']))
{
return true;

		else if(trim($mybb->settings['postmergefignore']) != "" && $thread['fid'] == intval($mybb->settings['postmergefignore']))
{
return true;

		}

		}

		
if($simple_mode == true)

		
if($simple_mode == true)

		{

		{

			return false;

			return false;

		}

		}

		
if($post['uid'])
{

		
if($post['uid'])
{

Zeile 384Zeile 393
		
$query = $db->simple_select("posts", "pid,message,visible,posthash", "{$user_check} AND tid='".$post['tid']."' AND dateline='".$thread['lastpost']."'", array('order_by' => 'pid', 'order_dir' => 'DESC', 'limit' => 1));
return $db->fetch_array($query);

		
$query = $db->simple_select("posts", "pid,message,visible,posthash", "{$user_check} AND tid='".$post['tid']."' AND dateline='".$thread['lastpost']."'", array('order_by' => 'pid', 'order_dir' => 'DESC', 'limit' => 1));
return $db->fetch_array($query);

	}

	}


/**
* Verifies the image count.


/**
* Verifies the image count.

Zeile 396Zeile 405
		global $mybb, $db;

$post = &$this->data;

		global $mybb, $db;

$post = &$this->data;





		// Get the permissions of the user who is making this post or thread
$permissions = user_permissions($post['uid']);

// Fetch the forum this post is being made in
if(!$post['fid'])

		// Get the permissions of the user who is making this post or thread
$permissions = user_permissions($post['uid']);

// Fetch the forum this post is being made in
if(!$post['fid'])

		{

		{

			$query = $db->simple_select('posts', 'fid', "pid = '{$post['pid']}'");
$post['fid'] = $db->fetch_field($query, 'fid');
}

			$query = $db->simple_select('posts', 'fid', "pid = '{$post['pid']}'");
$post['fid'] = $db->fetch_field($query, 'fid');
}

Zeile 437Zeile 446
			// And count the number of image tags in the message.
$image_count = substr_count($image_check, "<img");
if($image_count > $mybb->settings['maxpostimages'])

			// And count the number of image tags in the message.
$image_count = substr_count($image_check, "<img");
if($image_count > $mybb->settings['maxpostimages'])

			{
// Throw back a message if over the count with the number of images as well as the maximum number of images per post.

			{
// Throw back a message if over the count with the number of images as well as the maximum number of images per post.

				$this->set_error("too_many_images", array(1 => $image_count, 2 => $mybb->settings['maxpostimages']));
return false;
}

				$this->set_error("too_many_images", array(1 => $image_count, 2 => $mybb->settings['maxpostimages']));
return false;
}

Zeile 491Zeile 500
			if(!$valid_post['pid'])
{
$post['replyto'] = 0;

			if(!$valid_post['pid'])
{
$post['replyto'] = 0;

			}

			}

			else
{
return true;

			else
{
return true;

Zeile 523Zeile 532
	function verify_post_icon()
{
global $cache;

	function verify_post_icon()
{
global $cache;





		$post = &$this->data;

		$post = &$this->data;





		// If we don't assign it as 0.
if(!$post['icon'] || $post['icon'] < 0)
{

		// If we don't assign it as 0.
if(!$post['icon'] || $post['icon'] < 0)
{

Zeile 540Zeile 549
	* @return boolean True when valid, false when not valid.
*/
function verify_dateline()

	* @return boolean True when valid, false when not valid.
*/
function verify_dateline()

	{

	{

		$dateline = &$this->data['dateline'];

// The date has to be numeric and > 0.

		$dateline = &$this->data['dateline'];

// The date has to be numeric and > 0.

Zeile 556Zeile 565
	 * @return boolean True when valid, false when not valid.
*/
function verify_prefix()

	 * @return boolean True when valid, false when not valid.
*/
function verify_prefix()

	{

	{

		$prefix = &$this->data['prefix'];

// If a valid prefix isn't supplied, don't assign one.

		$prefix = &$this->data['prefix'];

// If a valid prefix isn't supplied, don't assign one.

Zeile 604Zeile 613
			$this->verify_message();
$this->verify_image_count();
$this->verify_video_count();

			$this->verify_message();
$this->verify_image_count();
$this->verify_video_count();

		}


		}


		if($this->method == "insert" || array_key_exists('dateline', $post))

		if($this->method == "insert" || array_key_exists('dateline', $post))

		{

		{

			$this->verify_dateline();

			$this->verify_dateline();

		}

		}


if($this->method == "insert" || array_key_exists('replyto', $post))
{
$this->verify_reply_to();


if($this->method == "insert" || array_key_exists('replyto', $post))
{
$this->verify_reply_to();

		}


		}


		if($this->method == "insert" || array_key_exists('icon', $post))

		if($this->method == "insert" || array_key_exists('icon', $post))

		{

		{

			$this->verify_post_icon();

			$this->verify_post_icon();

		}


		}


		if($this->method == "insert" || array_key_exists('options', $post))
{

		if($this->method == "insert" || array_key_exists('options', $post))
{

			$this->verify_options();
}

$plugins->run_hooks_by_ref("datahandler_post_validate_post", $this);

// We are done validating, return.
$this->set_validated(true);
if(count($this->get_errors()) > 0)
{
return false;
}
else
{

			$this->verify_options();
}

$plugins->run_hooks("datahandler_post_validate_post", $this);

// We are done validating, return.
$this->set_validated(true);
if(count($this->get_errors()) > 0)
{
return false;
}
else
{

			return true;
}
}

			return true;
}
}

Zeile 688Zeile 697

require_once MYBB_ROOT."inc/functions_user.php";
add_subscribed_thread($post['tid'], $notification, $post['uid']);


require_once MYBB_ROOT."inc/functions_user.php";
add_subscribed_thread($post['tid'], $notification, $post['uid']);

			}


			}


			// Perform any selected moderation tools.
if(is_moderator($post['fid'], "", $post['uid']))
{

			// Perform any selected moderation tools.
if(is_moderator($post['fid'], "", $post['uid']))
{

Zeile 760Zeile 769
			{
$visible = 0;
}

			{
$visible = 0;
}

 
		}

$post['pid'] = intval($post['pid']);
$post['uid'] = intval($post['uid']);

if($post['pid'] > 0)
{
$query = $db->simple_select("posts", "tid", "pid='{$post['pid']}' AND uid='{$post['uid']}' AND visible='-2'");
$draft_check = $db->fetch_field($query, "tid");
}
else
{
$draft_check = false;

		}

if($this->method != "update" && $visible == 1)

		}

if($this->method != "update" && $visible == 1)

Zeile 771Zeile 793
			{
$this->pid = $double_post['pid'];


			{
$this->pid = $double_post['pid'];


				$post['message'] = $double_post['message'] .= $mybb->settings['postmergesep']."\n".$post['message'];

				$post['message'] = $double_post['message'] .= "\n".$mybb->settings['postmergesep']."\n".$post['message'];

				$update_query = array(
"message" => $db->escape_string($double_post['message'])
);
$update_query['edituid'] = intval($post['uid']);
$update_query['edittime'] = TIME_NOW;

				$update_query = array(
"message" => $db->escape_string($double_post['message'])
);
$update_query['edituid'] = intval($post['uid']);
$update_query['edittime'] = TIME_NOW;

				$query = $db->update_query("posts", $update_query, "pid='".$double_post['pid']."'");







				$query = $db->update_query("posts", $update_query, "pid='".$double_post['pid']."'");

if($draft_check)
{
$db->delete_query("posts", "pid='".$post['pid']."'");
}


				// Assign any uploaded attachments with the specific posthash to the merged post.
if($double_post['posthash'])
{

				// Assign any uploaded attachments with the specific posthash to the merged post.
if($double_post['posthash'])
{

Zeile 793Zeile 820
						// Update forum count
update_thread_counters($post['tid'], array('attachmentcount' => "+{$attachmentcount}"));
}

						// Update forum count
update_thread_counters($post['tid'], array('attachmentcount' => "+{$attachmentcount}"));
}

					

					

					$attachmentassign = array(
"pid" => $double_post['pid'],
"posthash" => $double_post['posthash'],

					$attachmentassign = array(
"pid" => $double_post['pid'],
"posthash" => $double_post['posthash'],

Zeile 812Zeile 839
		}

if($visible == 1 && $thread['visible'] == 1)

		}

if($visible == 1 && $thread['visible'] == 1)

		{

		{

			$now = TIME_NOW;

// Yes, the value to the lastpost key in this array has single quotes within double quotes. It's not a bug.

			$now = TIME_NOW;

// Yes, the value to the lastpost key in this array has single quotes within double quotes. It's not a bug.

Zeile 825Zeile 852
			}

$db->update_query("users", $update_array, "uid='{$post['uid']}'", 1, true);

			}

$db->update_query("users", $update_array, "uid='{$post['uid']}'", 1, true);

		}

$post['pid'] = intval($post['pid']);
$post['uid'] = intval($post['uid']);

if($post['pid'] > 0)
{
$query = $db->simple_select("posts", "tid", "pid='{$post['pid']}' AND uid='{$post['uid']}' AND visible='-2'");
$draft_check = $db->fetch_field($query, "tid");
}
else
{
$draft_check = false;

 
		}

// Are we updating a post which is already a draft? Perhaps changing it into a visible post?

		}

// Are we updating a post which is already a draft? Perhaps changing it into a visible post?

Zeile 859Zeile 873
				"posthash" => $db->escape_string($post['posthash'])
);


				"posthash" => $db->escape_string($post['posthash'])
);


			$plugins->run_hooks_by_ref("datahandler_post_insert_post", $this);

			$plugins->run_hooks("datahandler_post_insert_post", $this);


$db->update_query("posts", $this->post_update_data, "pid='{$post['pid']}'");
$this->pid = $post['pid'];


$db->update_query("posts", $this->post_update_data, "pid='{$post['pid']}'");
$this->pid = $post['pid'];

Zeile 885Zeile 899
				"posthash" => $db->escape_string($post['posthash'])
);


				"posthash" => $db->escape_string($post['posthash'])
);


			$plugins->run_hooks_by_ref("datahandler_post_insert_post", $this);

			$plugins->run_hooks("datahandler_post_insert_post", $this);


$this->pid = $db->insert_query("posts", $this->post_insert_data);
}


$this->pid = $db->insert_query("posts", $this->post_insert_data);
}

Zeile 933Zeile 947
				if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0)
{
continue;

				if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0)
{
continue;

 
				}

if($thread['uid'] != $subscribedmember['uid'] && $forumpermissions['canonlyviewownthread'] == 1 && !is_moderator($thread['fid'], "", $subscribedmember['uid']))
{
// User isn't a moderator or the author of the thread...
continue;

				}

if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language']))

				}

if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language']))

Zeile 1070Zeile 1090
			$this->verify_options();
}


			$this->verify_options();
}


		$plugins->run_hooks_by_ref("datahandler_post_validate_thread", $this);

		$plugins->run_hooks("datahandler_post_validate_thread", $this);


// We are done validating, return.
$this->set_validated(true);


// We are done validating, return.
$this->set_validated(true);

Zeile 1165Zeile 1185
				"visible" => $visible
);


				"visible" => $visible
);


			$plugins->run_hooks_by_ref("datahandler_post_insert_thread", $this);

			$plugins->run_hooks("datahandler_post_insert_thread", $this);


$db->update_query("threads", $this->thread_insert_data, "tid='{$thread['tid']}'");



$db->update_query("threads", $this->thread_insert_data, "tid='{$thread['tid']}'");


Zeile 1181Zeile 1201
				"visible" => $visible,
"posthash" => $db->escape_string($thread['posthash'])
);

				"visible" => $visible,
"posthash" => $db->escape_string($thread['posthash'])
);

			$plugins->run_hooks_by_ref("datahandler_post_insert_thread_post", $this);

			$plugins->run_hooks("datahandler_post_insert_thread_post", $this);


$db->update_query("posts", $this->post_insert_data, "pid='{$thread['pid']}'");
$this->tid = $thread['tid'];


$db->update_query("posts", $this->post_insert_data, "pid='{$thread['pid']}'");
$this->tid = $thread['tid'];

Zeile 1207Zeile 1227
				"notes" => ''
);


				"notes" => ''
);


			$plugins->run_hooks_by_ref("datahandler_post_insert_thread", $this);

			$plugins->run_hooks("datahandler_post_insert_thread", $this);


$this->tid = $db->insert_query("threads", $this->thread_insert_data);



$this->tid = $db->insert_query("threads", $this->thread_insert_data);


Zeile 1227Zeile 1247
				"visible" => $visible,
"posthash" => $db->escape_string($thread['posthash'])
);

				"visible" => $visible,
"posthash" => $db->escape_string($thread['posthash'])
);

			$plugins->run_hooks_by_ref("datahandler_post_insert_thread_post", $this);

			$plugins->run_hooks("datahandler_post_insert_thread_post", $this);


$this->pid = $db->insert_query("posts", $this->post_insert_data);



$this->pid = $db->insert_query("posts", $this->post_insert_data);


Zeile 1355Zeile 1375
					{
continue;
}

					{
continue;
}

					








if(!is_moderator($thread['fid'], "", $subscribedmember['uid']) && $forumpermissions['canonlyviewownthreads'] == 1)
{
// In a 'view own only' forum and not a moderator
continue;
}


					// Determine the language pack we'll be using to send this email in and load it if it isn't already.
if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language']))
{

					// Determine the language pack we'll be using to send this email in and load it if it isn't already.
if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language']))
{

Zeile 1570Zeile 1596
			}
if(count($this->thread_update_data) > 0)
{

			}
if(count($this->thread_update_data) > 0)
{

				$plugins->run_hooks_by_ref("datahandler_post_update_thread", $this);

				$plugins->run_hooks("datahandler_post_update_thread", $this);


$db->update_query("threads", $this->thread_update_data, "tid='".intval($post['tid'])."'");
}


$db->update_query("threads", $this->thread_update_data, "tid='".intval($post['tid'])."'");
}

Zeile 1616Zeile 1642

$this->post_update_data['visible'] = $visible;



$this->post_update_data['visible'] = $visible;


		$plugins->run_hooks_by_ref("datahandler_post_update", $this);

		$plugins->run_hooks("datahandler_post_update", $this);


$db->update_query("posts", $this->post_update_data, "pid='".intval($post['pid'])."'");



$db->update_query("posts", $this->post_update_data, "pid='".intval($post['pid'])."'");