Vergleich editpost.php - 1.6.3 - 1.6.13

Zeile 6	Zeile 6
* Website: http://mybb.com * License: http://mybb.com/about/license *	* Website: http://mybb.com * License: http://mybb.com/about/license *
* $Id: editpost.php 5380 2011-02-21 12:04:43Z Tomm $	* $Id$
*/ define("IN_MYBB", 1); define('THIS_SCRIPT', 'editpost.php');	*/ define("IN_MYBB", 1); define('THIS_SCRIPT', 'editpost.php');
$templatelist = "editpost,previewpost,redirect_postedited,loginbox,posticons,changeuserbox,attachment,posticons,codebuttons,smilieinsert,post_attachments_attachment_postinsert,post_attachments_attachment_mod_approve,post_attachments_attachment_unapproved,post_attachments_attachment_mod_unapprove,post_attachments_attachment,post_attachments_new,post_attachments,newthread_postpoll,editpost_disablesmilies,post_subscription_method";	$templatelist = "editpost,previewpost,loginbox,posticons,changeuserbox,codebuttons,smilieinsert,smilieinsert_getmore,post_attachments_attachment_postinsert,post_attachments_attachment_mod_approve,post_attachments_attachment_unapproved,post_attachments_attachment_mod_unapprove,post_attachments_attachment,post_attachments_new,post_attachments,newthread_postpoll,editpost_disablesmilies,post_subscription_method,post_attachments_attachment_remove,post_attachments_update,postbit_author_guest,error_attacherror,forumdisplay_password_wrongpass,forumdisplay_password";
require_once "./global.php"; require_once MYBB_ROOT."inc/functions_post.php";	require_once "./global.php"; require_once MYBB_ROOT."inc/functions_post.php";
Zeile 33	Zeile 33
$pid = intval($mybb->input['pid']); // if we already have the post information...	$pid = intval($mybb->input['pid']); // if we already have the post information...
if(isset($style) && $style['pid'] == $pid)	if(isset($style) && $style['pid'] == $pid && $style['type'] != 'f')
{ $post = &$style; }	{ $post = &$style; }
Zeile 62	Zeile 62
// Get forum info $fid = $post['fid']; $forum = get_forum($fid);	// Get forum info $fid = $post['fid']; $forum = get_forum($fid);
	if(($thread['visible'] == 0 && !is_moderator($fid)) \|\| ($thread['visible'] < 0 && $thread['uid'] != $mybb->user['uid'])) { error($lang->error_invalidthread); }
if(!$forum \|\| $forum['type'] != "f") { error($lang->error_closedinvalidforum); }	if(!$forum \|\| $forum['type'] != "f") { error($lang->error_closedinvalidforum); }
if($forum['open'] == 0 \|\| $mybb->user['suspendposting'] == 1)	if(($forum['open'] == 0 && !is_moderator($fid, "caneditposts")) \|\| $mybb->user['suspendposting'] == 1)
{ error_no_permission(); } // Add prefix to breadcrumb $query = $db->simple_select('threadprefixes', 'displaystyle', "pid='{$thread['prefix']}'");	{ error_no_permission(); } // Add prefix to breadcrumb $query = $db->simple_select('threadprefixes', 'displaystyle', "pid='{$thread['prefix']}'");
$breadcrumbprefix = $db->fetch_field($query, 'displaystyle').' ';	$breadcrumbprefix = $db->fetch_field($query, 'displaystyle'); if($breadcrumbprefix) { $breadcrumbprefix .= ' '; }
// Make navigation build_forum_breadcrumb($fid);	// Make navigation build_forum_breadcrumb($fid);
Zeile 81	Zeile 91
add_breadcrumb($lang->nav_editpost); $forumpermissions = forum_permissions($fid);	add_breadcrumb($lang->nav_editpost); $forumpermissions = forum_permissions($fid);

if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0)	if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0)
{	{
$codebuttons = build_mycode_inserter();	$codebuttons = build_mycode_inserter();
}	}
if($mybb->settings['smilieinserter'] != 0) { $smilieinserter = build_clickable_smilies();	if($mybb->settings['smilieinserter'] != 0) { $smilieinserter = build_clickable_smilies();
}	}
if(!$mybb->input['action'] \|\| $mybb->input['previewpost']) { $mybb->input['action'] = "editpost";	if(!$mybb->input['action'] \|\| $mybb->input['previewpost']) { $mybb->input['action'] = "editpost";
Zeile 105	Zeile 115
error($lang->redirect_threadclosed); } if($forumpermissions['candeleteposts'] == 0)	error($lang->redirect_threadclosed); } if($forumpermissions['candeleteposts'] == 0)
{ error_no_permission(); }	{ error_no_permission(); }
if($mybb->user['uid'] != $post['uid'])	if($mybb->user['uid'] != $post['uid'])
	{ error_no_permission(); } // User can't delete unapproved post if($post['visible'] == 0)
{ error_no_permission(); }	{ error_no_permission(); }
Zeile 123	Zeile 138
error($lang->redirect_threadclosed); } if($forumpermissions['caneditposts'] == 0)	error($lang->redirect_threadclosed); } if($forumpermissions['caneditposts'] == 0)
{ error_no_permission(); }	{ error_no_permission(); }
if($mybb->user['uid'] != $post['uid']) { error_no_permission();	if($mybb->user['uid'] != $post['uid']) { error_no_permission();
Zeile 133	Zeile 148
// Edit time limit $time = TIME_NOW; if($mybb->settings['edittimelimit'] != 0 && $post['dateline'] < ($time-($mybb->settings['edittimelimit']*60)))	// Edit time limit $time = TIME_NOW; if($mybb->settings['edittimelimit'] != 0 && $post['dateline'] < ($time-($mybb->settings['edittimelimit']*60)))
{	{
$lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']); error($lang->edit_time_limit);	$lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']); error($lang->edit_time_limit);
} } }	} // User can't edit unapproved post if($post['visible'] == 0) { error_no_permission(); } } }
// Check if this forum is password protected and we have a valid password check_forum_password($forum['fid']);	// Check if this forum is password protected and we have a valid password check_forum_password($forum['fid']);
Zeile 150	Zeile 170
if(!$mybb->input['attachmentaid'] && ($mybb->input['newattachment'] \|\| $mybb->input['updateattachment'] \|\| ($mybb->input['action'] == "do_editpost" && $mybb->input['submit'] && $_FILES['attachment']))) {	if(!$mybb->input['attachmentaid'] && ($mybb->input['newattachment'] \|\| $mybb->input['updateattachment'] \|\| ($mybb->input['action'] == "do_editpost" && $mybb->input['submit'] && $_FILES['attachment']))) {
// Verify incoming POST request verify_post_check($mybb->input['my_post_key']); if($mybb->input['posthash']) { $posthash_query = "posthash='".$db->escape_string($mybb->input['posthash'])."' OR "; } else { $posthash_query = ""; } $query = $db->simple_select("attachments", "COUNT(aid) as numattachs", "{$posthash_query}pid='{$pid}'");	// Verify incoming POST request verify_post_check($mybb->input['my_post_key']); $query = $db->simple_select("attachments", "COUNT(aid) as numattachs", "pid='{$pid}'");
$attachcount = $db->fetch_field($query, "numattachs");	$attachcount = $db->fetch_field($query, "numattachs");

// If there's an attachment, check it and upload it if($_FILES['attachment']['size'] > 0 && $forumpermissions['canpostattachments'] != 0 && ($mybb->settings['maxattachments'] == 0 \|\| $attachcount < $mybb->settings['maxattachments'])) { $update_attachment = false;	// If there's an attachment, check it and upload it if($_FILES['attachment']['size'] > 0 && $forumpermissions['canpostattachments'] != 0 && ($mybb->settings['maxattachments'] == 0 \|\| $attachcount < $mybb->settings['maxattachments'])) { $update_attachment = false;
if($mybb->input['updateattachment'])	if($mybb->input['updateattachment'] && ($mybb->usergroup['caneditattachments'] \|\| $forumpermissions['caneditattachments']))
{ $update_attachment = true; }	{ $update_attachment = true; }
Zeile 186	Zeile 198
} if($mybb->input['attachmentaid'] && isset($mybb->input['attachmentact']) && $mybb->input['action'] == "do_editpost" && $mybb->request_method == "post") // Lets remove/approve/unapprove the attachment	} if($mybb->input['attachmentaid'] && isset($mybb->input['attachmentact']) && $mybb->input['action'] == "do_editpost" && $mybb->request_method == "post") // Lets remove/approve/unapprove the attachment
{	{
// Verify incoming POST request verify_post_check($mybb->input['my_post_key']);	// Verify incoming POST request verify_post_check($mybb->input['my_post_key']);

$mybb->input['attachmentaid'] = intval($mybb->input['attachmentaid']); if($mybb->input['attachmentact'] == "remove") {	$mybb->input['attachmentaid'] = intval($mybb->input['attachmentaid']); if($mybb->input['attachmentact'] == "remove") {
Zeile 199	Zeile 211
{ $update_sql = array("visible" => 1); $db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'");	{ $update_sql = array("visible" => 1); $db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'");
	update_thread_counters($post['tid'], array('attachmentcount' => "+1"));
} elseif($mybb->input['attachmentact'] == "unapprove" && is_moderator($fid, 'caneditposts')) { $update_sql = array("visible" => 0); $db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'");	} elseif($mybb->input['attachmentact'] == "unapprove" && is_moderator($fid, 'caneditposts')) { $update_sql = array("visible" => 0); $db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'");
	update_thread_counters($post['tid'], array('attachmentcount' => "-1"));
} if(!$mybb->input['submit']) {	} if(!$mybb->input['submit']) {
Zeile 230	Zeile 244
{ $firstpost = 0; }	{ $firstpost = 0; }

$modlogdata['fid'] = $fid; $modlogdata['tid'] = $tid; if($firstpost)	$modlogdata['fid'] = $fid; $modlogdata['tid'] = $tid; if($firstpost)
Zeile 380	Zeile 394
{ eval("\$loginbox = \"".$templates->get("loginbox")."\";"); }	{ eval("\$loginbox = \"".$templates->get("loginbox")."\";"); }
// Setup a unique posthash for attachment management $posthash = htmlspecialchars_uni($post['posthash']);
$bgcolor = "trow1"; if($forumpermissions['canpostattachments'] != 0) { // Get a listing of the current attachments, if there are any $attachcount = 0;	$bgcolor = "trow1"; if($forumpermissions['canpostattachments'] != 0) { // Get a listing of the current attachments, if there are any $attachcount = 0;
if($posthash) { $posthash_query = "posthash='{$posthash}' OR "; } else { $posthash_query = ""; } $query = $db->simple_select("attachments", "*", "{$posthash_query}pid='{$pid}'");	$query = $db->simple_select("attachments", "*", "pid='{$pid}'");
$attachments = ''; while($attachment = $db->fetch_array($query)) { $attachment['size'] = get_friendly_size($attachment['filesize']); $attachment['icon'] = get_attachment_icon(get_extension($attachment['filename']));	$attachments = ''; while($attachment = $db->fetch_array($query)) { $attachment['size'] = get_friendly_size($attachment['filesize']); $attachment['icon'] = get_attachment_icon(get_extension($attachment['filename']));
	$attachment['filename'] = htmlspecialchars_uni($attachment['filename']);
if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && (!$mybb->user['uid'] \|\| $mybb->user['showcodebuttons'] != 0)) { eval("\$postinsert = \"".$templates->get("post_attachments_attachment_postinsert")."\";");	if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && (!$mybb->user['uid'] \|\| $mybb->user['showcodebuttons'] != 0)) { eval("\$postinsert = \"".$templates->get("post_attachments_attachment_postinsert")."\";");
}	}
// Moderating options $attach_mod_options = ''; if(is_moderator($fid))	// Moderating options $attach_mod_options = ''; if(is_moderator($fid))
Zeile 413	Zeile 418
if($attachment['visible'] == 1) { eval("\$attach_mod_options = \"".$templates->get("post_attachments_attachment_mod_unapprove")."\";");	if($attachment['visible'] == 1) { eval("\$attach_mod_options = \"".$templates->get("post_attachments_attachment_mod_unapprove")."\";");
}	}
else { eval("\$attach_mod_options = \"".$templates->get("post_attachments_attachment_mod_approve")."\";"); } }	else { eval("\$attach_mod_options = \"".$templates->get("post_attachments_attachment_mod_approve")."\";"); } }
	// Remove Attachment eval("\$attach_rem_options = \"".$templates->get("post_attachments_attachment_remove")."\";");
if($attachment['visible'] != 1) { eval("\$attachments .= \"".$templates->get("post_attachments_attachment_unapproved")."\";");	if($attachment['visible'] != 1) { eval("\$attachments .= \"".$templates->get("post_attachments_attachment_unapproved")."\";");
Zeile 447	Zeile 456
$lang->attach_quota = $lang->sprintf($lang->attach_quota, $friendlyusage, $friendlyquota); if($mybb->settings['maxattachments'] == 0 \|\| ($mybb->settings['maxattachments'] != 0 && $attachcount < $mybb->settings['maxattachments']) && !$noshowattach) {	$lang->attach_quota = $lang->sprintf($lang->attach_quota, $friendlyusage, $friendlyquota); if($mybb->settings['maxattachments'] == 0 \|\| ($mybb->settings['maxattachments'] != 0 && $attachcount < $mybb->settings['maxattachments']) && !$noshowattach) {
	if($mybb->usergroup['caneditattachments'] \|\| $forumpermissions['caneditattachments']) { eval("\$attach_update_options = \"".$templates->get("post_attachments_update")."\";"); }
eval("\$newattach = \"".$templates->get("post_attachments_new")."\";"); } eval("\$attachbox = \"".$templates->get("post_attachments")."\";"); } if(!$mybb->input['attachmentaid'] && !$mybb->input['newattachment'] && !$mybb->input['updateattachment'] && !$mybb->input['previewpost'] && !$maximageserror)	eval("\$newattach = \"".$templates->get("post_attachments_new")."\";"); } eval("\$attachbox = \"".$templates->get("post_attachments")."\";"); } if(!$mybb->input['attachmentaid'] && !$mybb->input['newattachment'] && !$mybb->input['updateattachment'] && !$mybb->input['previewpost'] && !$maximageserror)
{	{
$message = $post['message']; $subject = $post['subject']; } else	$message = $post['message']; $subject = $post['subject']; } else
{	{
$message = $mybb->input['message']; $subject = $mybb->input['subject']; }	$message = $mybb->input['message']; $subject = $mybb->input['subject']; }
Zeile 468	Zeile 482
require_once MYBB_ROOT."inc/datahandlers/post.php"; $posthandler = new PostDataHandler("update"); $posthandler->action = "post";	require_once MYBB_ROOT."inc/datahandlers/post.php"; $posthandler = new PostDataHandler("update"); $posthandler->action = "post";

// Set the post data that came from the input to the $post array. $post = array( "pid" => $mybb->input['pid'],	// Set the post data that came from the input to the $post array. $post = array( "pid" => $mybb->input['pid'],
Zeile 485	Zeile 499
$post['uid'] = $mybb->user['uid']; $post['username'] = $mybb->user['username']; }	$post['uid'] = $mybb->user['uid']; $post['username'] = $mybb->user['username']; }

// Set up the post options from the input. $post['options'] = array( "signature" => $mybb->input['postoptions']['signature'], "emailnotify" => $mybb->input['postoptions']['emailnotify'], "disablesmilies" => $mybb->input['postoptions']['disablesmilies'] );	// Set up the post options from the input. $post['options'] = array( "signature" => $mybb->input['postoptions']['signature'], "emailnotify" => $mybb->input['postoptions']['emailnotify'], "disablesmilies" => $mybb->input['postoptions']['disablesmilies'] );

$posthandler->set_data($post);	$posthandler->set_data($post);

// Now let the post handler do all the hard work. if(!$posthandler->validate_post()) {	// Now let the post handler do all the hard work. if(!$posthandler->validate_post()) {
Zeile 567	Zeile 581
eval("\$preview = \"".$templates->get("previewpost")."\";"); } else if(!$post_errors)	eval("\$preview = \"".$templates->get("previewpost")."\";"); } else if(!$post_errors)
{	{
$message = htmlspecialchars_uni($message); $subject = htmlspecialchars_uni($subject);	$message = htmlspecialchars_uni($message); $subject = htmlspecialchars_uni($subject);
Zeile 585	Zeile 599
if($db->num_rows($query) > 0) { $notification = $db->fetch_field($query, 'notification');	if($db->num_rows($query) > 0) { $notification = $db->fetch_field($query, 'notification');

if($notification == 0)	if($notification == 0)
{	{
$postoptions_subscriptionmethod_none = "checked=\"checked\""; } else if($notification == 1) { $postoptions_subscriptionmethod_instant = "checked=\"checked\"";	$postoptions_subscriptionmethod_none = "checked=\"checked\""; } else if($notification == 1) { $postoptions_subscriptionmethod_instant = "checked=\"checked\"";
}	}
else { $postoptions_subscriptionmethod_dont = "checked=\"checked\""; } } }	else { $postoptions_subscriptionmethod_dont = "checked=\"checked\""; } } }

// Generate thread prefix selector if this is the first post of the thread if($thread['firstpost'] == $pid)	// Generate thread prefix selector if this is the first post of the thread if($thread['firstpost'] == $pid)
{	{
if(!intval($mybb->input['threadprefix'])) { $mybb->input['threadprefix'] = $thread['prefix']; }	if(!intval($mybb->input['threadprefix'])) { $mybb->input['threadprefix'] = $thread['prefix']; }

$prefixselect = build_prefix_select($forum['fid'], $mybb->input['threadprefix']); } else { $prefixselect = ""; }	$prefixselect = build_prefix_select($forum['fid'], $mybb->input['threadprefix']); } else { $prefixselect = ""; }

// Fetch subscription select box $bgcolor = "trow1"; eval("\$subscriptionmethod = \"".$templates->get("post_subscription_method")."\";");	// Fetch subscription select box $bgcolor = "trow1"; eval("\$subscriptionmethod = \"".$templates->get("post_subscription_method")."\";");
Zeile 629	Zeile 643
$numpolloptions = "2"; eval("\$pollbox = \"".$templates->get("newthread_postpoll")."\";"); }	$numpolloptions = "2"; eval("\$pollbox = \"".$templates->get("newthread_postpoll")."\";"); }

// Can we disable smilies or are they disabled already? if($forum['allowsmilies'] != 0)	// Can we disable smilies or are they disabled already? if($forum['allowsmilies'] != 0)
{	{
eval("\$disablesmilies = \"".$templates->get("editpost_disablesmilies")."\";");	eval("\$disablesmilies = \"".$templates->get("editpost_disablesmilies")."\";");
}	}
else { $disablesmilies = "<input type=\"hidden\" name=\"postoptions[disablesmilies]\" value=\"no\" />"; }	else { $disablesmilies = "<input type=\"hidden\" name=\"postoptions[disablesmilies]\" value=\"no\" />"; }

$plugins->run_hooks("editpost_end");	$plugins->run_hooks("editpost_end");

$forum['name'] = strip_tags($forum['name']); eval("\$editpost = \"".$templates->get("editpost")."\";");	$forum['name'] = strip_tags($forum['name']); eval("\$editpost = \"".$templates->get("editpost")."\";");