| Zeile 6 | Zeile 6 |
|---|
* Website: http://mybb.com
* License: http://mybb.com/about/license
*
|
* Website: http://mybb.com
* License: http://mybb.com/about/license
*
|
* $Id: post.php 5171 2010-08-02 21:13:47Z RyanGordon $
| * $Id$
|
*/
// Disallow direct access to this file for security reasons
| */
// Disallow direct access to this file for security reasons
|
| Zeile 145 | Zeile 145 |
|---|
global $db;
$post = &$this->data;
$subject = &$post['subject'];
|
global $db;
$post = &$this->data;
$subject = &$post['subject'];
|
| | $subject = trim_blank_chrs($subject);
|
// Are we editing an existing thread or post?
if($this->method == "update" && $post['pid'])
|
// Are we editing an existing thread or post?
if($this->method == "update" && $post['pid'])
|
| Zeile 173 | Zeile 174 |
|---|
}
// If this is the first post there needs to be a subject, else make it the default one.
|
}
// If this is the first post there needs to be a subject, else make it the default one.
|
if(my_strlen(trim_blank_chrs($subject)) == 0 && $first_post)
| if(my_strlen($subject) == 0 && $first_post)
|
{
$this->set_error("firstpost_no_subject");
return false;
| {
$this->set_error("firstpost_no_subject");
return false;
|
| Zeile 188 | Zeile 189 |
|---|
// This is a new post
else if($this->action == "post")
{
|
// This is a new post
else if($this->action == "post")
{
|
if(my_strlen(trim_blank_chrs($subject)) == 0)
| if(my_strlen($subject) == 0)
|
{
$thread = get_thread($post['tid']);
$subject = "RE: ".$thread['subject'];
| {
$thread = get_thread($post['tid']);
$subject = "RE: ".$thread['subject'];
|
| Zeile 198 | Zeile 199 |
|---|
// This is a new thread and we require that a subject is present.
else
{
|
// This is a new thread and we require that a subject is present.
else
{
|
if(my_strlen(trim_blank_chrs($subject)) == 0)
| if(my_strlen($subject) == 0)
|
{
$this->set_error("missing_subject");
return false;
}
|
{
$this->set_error("missing_subject");
return false;
}
|
| | }
if(my_strlen($subject) > 85)
{
// Subject is too long
$this->set_error('subject_too_long', my_strlen($subject));
return false;
|
}
// Subject is valid - return true.
return true;
}
|
}
// Subject is valid - return true.
return true;
}
|
|
|
/**
* Verifies a post message.
*
| /**
* Verifies a post message.
*
|
| Zeile 219 | Zeile 227 |
|---|
global $mybb;
$post = &$this->data;
|
global $mybb;
$post = &$this->data;
|
| $post['message'] = trim_blank_chrs($post['message']);
|
// Do we even have a message at all?
|
// Do we even have a message at all?
|
if(my_strlen(trim_blank_chrs($post['message'])) == 0)
| if(my_strlen($post['message']) == 0)
|
{
$this->set_error("missing_message");
return false;
| {
$this->set_error("missing_message");
return false;
|
| Zeile 239 | Zeile 248 |
|---|
{
$this->set_error("message_too_short", array($mybb->settings['minmessagelength']));
return false;
|
{
$this->set_error("message_too_short", array($mybb->settings['minmessagelength']));
return false;
|
}
return true;
}
| }
return true;
}
|
/**
* Verifies the specified post options are correct.
|
/**
* Verifies the specified post options are correct.
|
| Zeile 274 | Zeile 283 |
|---|
if($mybb->settings['postfloodcheck'] == 1 && $post['uid'] != 0 && $this->admin_override == false)
{
if($this->verify_post_merge(true) !== true)
|
if($mybb->settings['postfloodcheck'] == 1 && $post['uid'] != 0 && $this->admin_override == false)
{
if($this->verify_post_merge(true) !== true)
|
{
return true;
}
| {
return true;
}
|
// Fetch the user information for this post - used to check their last post date.
$user = get_user($post['uid']);
| // Fetch the user information for this post - used to check their last post date.
$user = get_user($post['uid']);
|
| Zeile 331 | Zeile 340 |
|---|
$gids = explode(',', $mybb->settings['postmergeuignore']);
$gids = array_map('intval', $gids);
|
$gids = explode(',', $mybb->settings['postmergeuignore']);
$gids = array_map('intval', $gids);
|
|
|
$user_usergroups = explode(',', $mybb->user['usergroup'].",".$mybb->user['additionalgroups']);
if(count(array_intersect($user_usergroups, $gids)) > 0)
{
return true;
}
|
$user_usergroups = explode(',', $mybb->user['usergroup'].",".$mybb->user['additionalgroups']);
if(count(array_intersect($user_usergroups, $gids)) > 0)
{
return true;
}
|
}
| }
|
// Select the lastpost and fid information for this thread
$query = $db->simple_select("threads", "lastpost,fid", "lastposteruid='".$post['uid']."' AND tid='".$post['tid']."'", array('limit' => '1'));
|
// Select the lastpost and fid information for this thread
$query = $db->simple_select("threads", "lastpost,fid", "lastposteruid='".$post['uid']."' AND tid='".$post['tid']."'", array('limit' => '1'));
|
| Zeile 345 | Zeile 354 |
|---|
// Check to see if the same author has posted within the merge post time limit
if((intval($mybb->settings['postmergemins']) != 0 && trim($mybb->settings['postmergemins']) != "") && (TIME_NOW-$thread['lastpost']) > (intval($mybb->settings['postmergemins'])*60))
|
// Check to see if the same author has posted within the merge post time limit
if((intval($mybb->settings['postmergemins']) != 0 && trim($mybb->settings['postmergemins']) != "") && (TIME_NOW-$thread['lastpost']) > (intval($mybb->settings['postmergemins'])*60))
|
{
return true;
}
| {
return true;
}
|
if(strstr($mybb->settings['postmergefignore'], ','))
{
$fids = explode(',', $mybb->settings['postmergefignore']);
foreach($fids as $key => $forumid)
|
if(strstr($mybb->settings['postmergefignore'], ','))
{
$fids = explode(',', $mybb->settings['postmergefignore']);
foreach($fids as $key => $forumid)
|
{
| {
|
$fid[] = intval($forumid);
|
$fid[] = intval($forumid);
|
}
| }
|
if(in_array($thread['fid'], $fid))
{
|
if(in_array($thread['fid'], $fid))
{
|
| Zeile 366 | Zeile 375 |
|---|
else if(trim($mybb->settings['postmergefignore']) != "" && $thread['fid'] == intval($mybb->settings['postmergefignore']))
{
return true;
|
else if(trim($mybb->settings['postmergefignore']) != "" && $thread['fid'] == intval($mybb->settings['postmergefignore']))
{
return true;
|
}
| }
|
if($simple_mode == true)
|
if($simple_mode == true)
|
{
| {
|
return false;
|
return false;
|
}
| }
|
if($post['uid'])
{
|
if($post['uid'])
{
|
| Zeile 384 | Zeile 393 |
|---|
$query = $db->simple_select("posts", "pid,message,visible,posthash", "{$user_check} AND tid='".$post['tid']."' AND dateline='".$thread['lastpost']."'", array('order_by' => 'pid', 'order_dir' => 'DESC', 'limit' => 1));
return $db->fetch_array($query);
|
$query = $db->simple_select("posts", "pid,message,visible,posthash", "{$user_check} AND tid='".$post['tid']."' AND dateline='".$thread['lastpost']."'", array('order_by' => 'pid', 'order_dir' => 'DESC', 'limit' => 1));
return $db->fetch_array($query);
|
}
| }
|
/**
* Verifies the image count.
|
/**
* Verifies the image count.
|
| Zeile 396 | Zeile 405 |
|---|
global $mybb, $db;
$post = &$this->data;
|
global $mybb, $db;
$post = &$this->data;
|
|
|
// Get the permissions of the user who is making this post or thread
$permissions = user_permissions($post['uid']);
// Fetch the forum this post is being made in
if(!$post['fid'])
|
// Get the permissions of the user who is making this post or thread
$permissions = user_permissions($post['uid']);
// Fetch the forum this post is being made in
if(!$post['fid'])
|
{
| {
|
$query = $db->simple_select('posts', 'fid', "pid = '{$post['pid']}'");
$post['fid'] = $db->fetch_field($query, 'fid');
}
| $query = $db->simple_select('posts', 'fid', "pid = '{$post['pid']}'");
$post['fid'] = $db->fetch_field($query, 'fid');
}
|
| Zeile 437 | Zeile 446 |
|---|
// And count the number of image tags in the message.
$image_count = substr_count($image_check, "<img");
if($image_count > $mybb->settings['maxpostimages'])
|
// And count the number of image tags in the message.
$image_count = substr_count($image_check, "<img");
if($image_count > $mybb->settings['maxpostimages'])
|
{
// Throw back a message if over the count with the number of images as well as the maximum number of images per post.
| {
// Throw back a message if over the count with the number of images as well as the maximum number of images per post.
|
$this->set_error("too_many_images", array(1 => $image_count, 2 => $mybb->settings['maxpostimages']));
return false;
}
| $this->set_error("too_many_images", array(1 => $image_count, 2 => $mybb->settings['maxpostimages']));
return false;
}
|
| Zeile 491 | Zeile 500 |
|---|
if(!$valid_post['pid'])
{
$post['replyto'] = 0;
|
if(!$valid_post['pid'])
{
$post['replyto'] = 0;
|
}
| }
|
else
{
return true;
| else
{
return true;
|
| Zeile 523 | Zeile 532 |
|---|
function verify_post_icon()
{
global $cache;
|
function verify_post_icon()
{
global $cache;
|
|
|
$post = &$this->data;
|
$post = &$this->data;
|
|
|
// If we don't assign it as 0.
if(!$post['icon'] || $post['icon'] < 0)
{
| // If we don't assign it as 0.
if(!$post['icon'] || $post['icon'] < 0)
{
|
| Zeile 540 | Zeile 549 |
|---|
* @return boolean True when valid, false when not valid.
*/
function verify_dateline()
|
* @return boolean True when valid, false when not valid.
*/
function verify_dateline()
|
{
| {
|
$dateline = &$this->data['dateline'];
// The date has to be numeric and > 0.
| $dateline = &$this->data['dateline'];
// The date has to be numeric and > 0.
|
| Zeile 556 | Zeile 565 |
|---|
* @return boolean True when valid, false when not valid.
*/
function verify_prefix()
|
* @return boolean True when valid, false when not valid.
*/
function verify_prefix()
|
{
| {
|
$prefix = &$this->data['prefix'];
// If a valid prefix isn't supplied, don't assign one.
| $prefix = &$this->data['prefix'];
// If a valid prefix isn't supplied, don't assign one.
|
| Zeile 604 | Zeile 613 |
|---|
$this->verify_message();
$this->verify_image_count();
$this->verify_video_count();
|
$this->verify_message();
$this->verify_image_count();
$this->verify_video_count();
|
}
| }
|
if($this->method == "insert" || array_key_exists('dateline', $post))
|
if($this->method == "insert" || array_key_exists('dateline', $post))
|
{
| {
|
$this->verify_dateline();
|
$this->verify_dateline();
|
}
| }
|
if($this->method == "insert" || array_key_exists('replyto', $post))
{
$this->verify_reply_to();
|
if($this->method == "insert" || array_key_exists('replyto', $post))
{
$this->verify_reply_to();
|
}
| }
|
if($this->method == "insert" || array_key_exists('icon', $post))
|
if($this->method == "insert" || array_key_exists('icon', $post))
|
{
| {
|
$this->verify_post_icon();
|
$this->verify_post_icon();
|
}
| }
|
if($this->method == "insert" || array_key_exists('options', $post))
{
|
if($this->method == "insert" || array_key_exists('options', $post))
{
|
$this->verify_options();
}
$plugins->run_hooks_by_ref("datahandler_post_validate_post", $this);
// We are done validating, return.
$this->set_validated(true);
if(count($this->get_errors()) > 0)
{
return false;
}
else
{
| $this->verify_options();
}
$plugins->run_hooks("datahandler_post_validate_post", $this);
// We are done validating, return.
$this->set_validated(true);
if(count($this->get_errors()) > 0)
{
return false;
}
else
{
|
return true;
}
}
| return true;
}
}
|
| Zeile 688 | Zeile 697 |
|---|
require_once MYBB_ROOT."inc/functions_user.php";
add_subscribed_thread($post['tid'], $notification, $post['uid']);
|
require_once MYBB_ROOT."inc/functions_user.php";
add_subscribed_thread($post['tid'], $notification, $post['uid']);
|
}
| }
|
// Perform any selected moderation tools.
if(is_moderator($post['fid'], "", $post['uid']))
{
| // Perform any selected moderation tools.
if(is_moderator($post['fid'], "", $post['uid']))
{
|
| Zeile 760 | Zeile 769 |
|---|
{
$visible = 0;
}
|
{
$visible = 0;
}
|
| | }
$post['pid'] = intval($post['pid']);
$post['uid'] = intval($post['uid']);
if($post['pid'] > 0)
{
$query = $db->simple_select("posts", "tid", "pid='{$post['pid']}' AND uid='{$post['uid']}' AND visible='-2'");
$draft_check = $db->fetch_field($query, "tid");
}
else
{
$draft_check = false;
|
}
if($this->method != "update" && $visible == 1)
| }
if($this->method != "update" && $visible == 1)
|
| Zeile 771 | Zeile 793 |
|---|
{
$this->pid = $double_post['pid'];
|
{
$this->pid = $double_post['pid'];
|
$post['message'] = $double_post['message'] .= $mybb->settings['postmergesep']."\n".$post['message'];
| $post['message'] = $double_post['message'] .= "\n".$mybb->settings['postmergesep']."\n".$post['message'];
|
$update_query = array(
"message" => $db->escape_string($double_post['message'])
);
$update_query['edituid'] = intval($post['uid']);
$update_query['edittime'] = TIME_NOW;
|
$update_query = array(
"message" => $db->escape_string($double_post['message'])
);
$update_query['edituid'] = intval($post['uid']);
$update_query['edittime'] = TIME_NOW;
|
$query = $db->update_query("posts", $update_query, "pid='".$double_post['pid']."'");
| $query = $db->update_query("posts", $update_query, "pid='".$double_post['pid']."'");
if($draft_check)
{
$db->delete_query("posts", "pid='".$post['pid']."'");
}
|
// Assign any uploaded attachments with the specific posthash to the merged post.
if($double_post['posthash'])
{
| // Assign any uploaded attachments with the specific posthash to the merged post.
if($double_post['posthash'])
{
|
| Zeile 793 | Zeile 820 |
|---|
// Update forum count
update_thread_counters($post['tid'], array('attachmentcount' => "+{$attachmentcount}"));
}
|
// Update forum count
update_thread_counters($post['tid'], array('attachmentcount' => "+{$attachmentcount}"));
}
|
|
|
$attachmentassign = array(
"pid" => $double_post['pid'],
"posthash" => $double_post['posthash'],
| $attachmentassign = array(
"pid" => $double_post['pid'],
"posthash" => $double_post['posthash'],
|
| Zeile 812 | Zeile 839 |
|---|
}
if($visible == 1 && $thread['visible'] == 1)
|
}
if($visible == 1 && $thread['visible'] == 1)
|
{
| {
|
$now = TIME_NOW;
// Yes, the value to the lastpost key in this array has single quotes within double quotes. It's not a bug.
| $now = TIME_NOW;
// Yes, the value to the lastpost key in this array has single quotes within double quotes. It's not a bug.
|
| Zeile 825 | Zeile 852 |
|---|
}
$db->update_query("users", $update_array, "uid='{$post['uid']}'", 1, true);
|
}
$db->update_query("users", $update_array, "uid='{$post['uid']}'", 1, true);
|
}
$post['pid'] = intval($post['pid']);
$post['uid'] = intval($post['uid']);
if($post['pid'] > 0)
{
$query = $db->simple_select("posts", "tid", "pid='{$post['pid']}' AND uid='{$post['uid']}' AND visible='-2'");
$draft_check = $db->fetch_field($query, "tid");
}
else
{
$draft_check = false;
| |
}
// Are we updating a post which is already a draft? Perhaps changing it into a visible post?
| }
// Are we updating a post which is already a draft? Perhaps changing it into a visible post?
|
| Zeile 859 | Zeile 873 |
|---|
"posthash" => $db->escape_string($post['posthash'])
);
|
"posthash" => $db->escape_string($post['posthash'])
);
|
$plugins->run_hooks_by_ref("datahandler_post_insert_post", $this);
| $plugins->run_hooks("datahandler_post_insert_post", $this);
|
$db->update_query("posts", $this->post_update_data, "pid='{$post['pid']}'");
$this->pid = $post['pid'];
|
$db->update_query("posts", $this->post_update_data, "pid='{$post['pid']}'");
$this->pid = $post['pid'];
|
| Zeile 885 | Zeile 899 |
|---|
"posthash" => $db->escape_string($post['posthash'])
);
|
"posthash" => $db->escape_string($post['posthash'])
);
|
$plugins->run_hooks_by_ref("datahandler_post_insert_post", $this);
| $plugins->run_hooks("datahandler_post_insert_post", $this);
|
$this->pid = $db->insert_query("posts", $this->post_insert_data);
}
|
$this->pid = $db->insert_query("posts", $this->post_insert_data);
}
|
| Zeile 933 | Zeile 947 |
|---|
if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0)
{
continue;
|
if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0)
{
continue;
|
| | }
if($thread['uid'] != $subscribedmember['uid'] && $forumpermissions['canonlyviewownthread'] == 1 && !is_moderator($thread['fid'], "", $subscribedmember['uid']))
{
// User isn't a moderator or the author of the thread...
continue;
|
}
if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language']))
| }
if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language']))
|
| Zeile 1070 | Zeile 1090 |
|---|
$this->verify_options();
}
|
$this->verify_options();
}
|
$plugins->run_hooks_by_ref("datahandler_post_validate_thread", $this);
| $plugins->run_hooks("datahandler_post_validate_thread", $this);
|
// We are done validating, return.
$this->set_validated(true);
|
// We are done validating, return.
$this->set_validated(true);
|
| Zeile 1165 | Zeile 1185 |
|---|
"visible" => $visible
);
|
"visible" => $visible
);
|
$plugins->run_hooks_by_ref("datahandler_post_insert_thread", $this);
| $plugins->run_hooks("datahandler_post_insert_thread", $this);
|
$db->update_query("threads", $this->thread_insert_data, "tid='{$thread['tid']}'");
|
$db->update_query("threads", $this->thread_insert_data, "tid='{$thread['tid']}'");
|
| Zeile 1181 | Zeile 1201 |
|---|
"visible" => $visible,
"posthash" => $db->escape_string($thread['posthash'])
);
|
"visible" => $visible,
"posthash" => $db->escape_string($thread['posthash'])
);
|
$plugins->run_hooks_by_ref("datahandler_post_insert_thread_post", $this);
| $plugins->run_hooks("datahandler_post_insert_thread_post", $this);
|
$db->update_query("posts", $this->post_insert_data, "pid='{$thread['pid']}'");
$this->tid = $thread['tid'];
|
$db->update_query("posts", $this->post_insert_data, "pid='{$thread['pid']}'");
$this->tid = $thread['tid'];
|
| Zeile 1207 | Zeile 1227 |
|---|
"notes" => ''
);
|
"notes" => ''
);
|
$plugins->run_hooks_by_ref("datahandler_post_insert_thread", $this);
| $plugins->run_hooks("datahandler_post_insert_thread", $this);
|
$this->tid = $db->insert_query("threads", $this->thread_insert_data);
|
$this->tid = $db->insert_query("threads", $this->thread_insert_data);
|
| Zeile 1227 | Zeile 1247 |
|---|
"visible" => $visible,
"posthash" => $db->escape_string($thread['posthash'])
);
|
"visible" => $visible,
"posthash" => $db->escape_string($thread['posthash'])
);
|
$plugins->run_hooks_by_ref("datahandler_post_insert_thread_post", $this);
| $plugins->run_hooks("datahandler_post_insert_thread_post", $this);
|
$this->pid = $db->insert_query("posts", $this->post_insert_data);
|
$this->pid = $db->insert_query("posts", $this->post_insert_data);
|
| Zeile 1355 | Zeile 1375 |
|---|
{
continue;
}
|
{
continue;
}
|
|
if(!is_moderator($thread['fid'], "", $subscribedmember['uid']) && $forumpermissions['canonlyviewownthreads'] == 1)
{
// In a 'view own only' forum and not a moderator
continue;
}
|
// Determine the language pack we'll be using to send this email in and load it if it isn't already.
if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language']))
{
| // Determine the language pack we'll be using to send this email in and load it if it isn't already.
if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language']))
{
|
| Zeile 1570 | Zeile 1596 |
|---|
}
if(count($this->thread_update_data) > 0)
{
|
}
if(count($this->thread_update_data) > 0)
{
|
$plugins->run_hooks_by_ref("datahandler_post_update_thread", $this);
| $plugins->run_hooks("datahandler_post_update_thread", $this);
|
$db->update_query("threads", $this->thread_update_data, "tid='".intval($post['tid'])."'");
}
|
$db->update_query("threads", $this->thread_update_data, "tid='".intval($post['tid'])."'");
}
|
| Zeile 1616 | Zeile 1642 |
|---|
$this->post_update_data['visible'] = $visible;
|
$this->post_update_data['visible'] = $visible;
|
$plugins->run_hooks_by_ref("datahandler_post_update", $this);
| $plugins->run_hooks("datahandler_post_update", $this);
|
$db->update_query("posts", $this->post_update_data, "pid='".intval($post['pid'])."'");
|
$db->update_query("posts", $this->post_update_data, "pid='".intval($post['pid'])."'");
|