Vergleich editpost.php - 1.6.10 - 1.6.15

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 62Zeile 62
// Get forum info
$fid = $post['fid'];
$forum = get_forum($fid);

// Get forum info
$fid = $post['fid'];
$forum = get_forum($fid);

 

if(($thread['visible'] == 0 && !is_moderator($fid)) || ($thread['visible'] < 0 && $thread['uid'] != $mybb->user['uid']))
{
error($lang->error_invalidthread);
}

if(!$forum || $forum['type'] != "f")

if(!$forum || $forum['type'] != "f")

{

{

	error($lang->error_closedinvalidforum);

	error($lang->error_closedinvalidforum);

}
if($forum['open'] == 0 || $mybb->user['suspendposting'] == 1)
{

}
if(($forum['open'] == 0 && !is_moderator($fid, "caneditposts")) || $mybb->user['suspendposting'] == 1)
{

	error_no_permission();
}

// Add prefix to breadcrumb
$query = $db->simple_select('threadprefixes', 'displaystyle', "pid='{$thread['prefix']}'");
$breadcrumbprefix = $db->fetch_field($query, 'displaystyle');

	error_no_permission();
}

// Add prefix to breadcrumb
$query = $db->simple_select('threadprefixes', 'displaystyle', "pid='{$thread['prefix']}'");
$breadcrumbprefix = $db->fetch_field($query, 'displaystyle');





if($breadcrumbprefix)
{
$breadcrumbprefix .= '&nbsp;';

if($breadcrumbprefix)
{
$breadcrumbprefix .= '&nbsp;';

Zeile 88Zeile 93
$forumpermissions = forum_permissions($fid);

if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0)

$forumpermissions = forum_permissions($fid);

if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0)

{

{

	$codebuttons = build_mycode_inserter();
}
if($mybb->settings['smilieinserter'] != 0)

	$codebuttons = build_mycode_inserter();
}
if($mybb->settings['smilieinserter'] != 0)

Zeile 110Zeile 115
			error($lang->redirect_threadclosed);
}
if($forumpermissions['candeleteposts'] == 0)

			error($lang->redirect_threadclosed);
}
if($forumpermissions['candeleteposts'] == 0)

		{
error_no_permission();
}

		{
error_no_permission();
}

		if($mybb->user['uid'] != $post['uid'])
{
error_no_permission();
}

		if($mybb->user['uid'] != $post['uid'])
{
error_no_permission();
}

		// User can't delete unapproved post
if($post['visible'] == 0)
{
error_no_permission();
}
}

		// User can't delete unapproved post
if($post['visible'] == 0)
{
error_no_permission();
}
}

}
else
{

}
else
{

Zeile 137Zeile 142
			error_no_permission();
}
if($mybb->user['uid'] != $post['uid'])

			error_no_permission();
}
if($mybb->user['uid'] != $post['uid'])

		{

		{

			error_no_permission();
}
// Edit time limit

			error_no_permission();
}
// Edit time limit

Zeile 151Zeile 156
		if($post['visible'] == 0)
{
error_no_permission();

		if($post['visible'] == 0)
{
error_no_permission();

		}
}

		}
}

}

// Check if this forum is password protected and we have a valid password

}

// Check if this forum is password protected and we have a valid password

Zeile 167Zeile 172
{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);

{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


$query = $db->simple_select("attachments", "COUNT(aid) as numattachs", "pid='{$pid}'");
$attachcount = $db->fetch_field($query, "numattachs");

 

// If there's an attachment, check it and upload it


// If there's an attachment, check it and upload it

	if($_FILES['attachment']['size'] > 0 && $forumpermissions['canpostattachments'] != 0 && ($mybb->settings['maxattachments'] == 0 || $attachcount < $mybb->settings['maxattachments']))

	if($_FILES['attachment']['size'] > 0 && $forumpermissions['canpostattachments'] != 0)

	{

	{

 
		$query = $db->simple_select("attachments", "aid", "filename='".$db->escape_string($_FILES['attachment']['name'])."' AND pid='{$pid}'");
$updateattach = $db->fetch_field($query, "aid");


		$update_attachment = false;

		$update_attachment = false;

		if($mybb->input['updateattachment'] && ($mybb->usergroup['caneditattachments'] || $forumpermissions['caneditattachments']))

		if($updateattach > 0 && $mybb->input['updateattachment'] && ($mybb->usergroup['caneditattachments'] || $forumpermissions['caneditattachments']))

		{
$update_attachment = true;
}

		{
$update_attachment = true;
}

Zeile 184Zeile 189
	if($attachedfile['error'])
{
eval("\$attacherror = \"".$templates->get("error_attacherror")."\";");

	if($attachedfile['error'])
{
eval("\$attacherror = \"".$templates->get("error_attacherror")."\";");

		$mybb->input['action'] = "editpost";
}
if(!$mybb->input['submit'])

		$mybb->input['action'] = "editpost";
}
if(!$mybb->input['submit'])

	{
$mybb->input['action'] = "editpost";
}

	{
$mybb->input['action'] = "editpost";
}

Zeile 206Zeile 211
	{
$update_sql = array("visible" => 1);
$db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'");

	{
$update_sql = array("visible" => 1);
$db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'");

 
		update_thread_counters($post['tid'], array('attachmentcount' => "+1"));

	}
elseif($mybb->input['attachmentact'] == "unapprove" && is_moderator($fid, 'caneditposts'))
{
$update_sql = array("visible" => 0);
$db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'");

	}
elseif($mybb->input['attachmentact'] == "unapprove" && is_moderator($fid, 'caneditposts'))
{
$update_sql = array("visible" => 0);
$db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'");

 
		update_thread_counters($post['tid'], array('attachmentcount' => "-1"));

	}
if(!$mybb->input['submit'])
{

	}
if(!$mybb->input['submit'])
{

Zeile 424Zeile 431
			if($attachment['visible'] != 1)
{
eval("\$attachments .= \"".$templates->get("post_attachments_attachment_unapproved")."\";");

			if($attachment['visible'] != 1)
{
eval("\$attachments .= \"".$templates->get("post_attachments_attachment_unapproved")."\";");

			}

			}

			else
{
eval("\$attachments .= \"".$templates->get("post_attachments_attachment")."\";");

			else
{
eval("\$attachments .= \"".$templates->get("post_attachments_attachment")."\";");

Zeile 449Zeile 456
		$lang->attach_quota = $lang->sprintf($lang->attach_quota, $friendlyusage, $friendlyquota);
if($mybb->settings['maxattachments'] == 0 || ($mybb->settings['maxattachments'] != 0 && $attachcount < $mybb->settings['maxattachments']) && !$noshowattach)
{

		$lang->attach_quota = $lang->sprintf($lang->attach_quota, $friendlyusage, $friendlyquota);
if($mybb->settings['maxattachments'] == 0 || ($mybb->settings['maxattachments'] != 0 && $attachcount < $mybb->settings['maxattachments']) && !$noshowattach)
{

			if($mybb->usergroup['caneditattachments'] || $forumpermissions['caneditattachments'])
{
eval("\$attach_update_options = \"".$templates->get("post_attachments_update")."\";");
}







			eval("\$attach_add_options = \"".$templates->get("post_attachments_add")."\";");
}

if($mybb->usergroup['caneditattachments'] || $forumpermissions['caneditattachments'])
{
eval("\$attach_update_options = \"".$templates->get("post_attachments_update")."\";");
}

if($attach_add_options || $attach_update_options)
{

			eval("\$newattach = \"".$templates->get("post_attachments_new")."\";");
}

			eval("\$newattach = \"".$templates->get("post_attachments_new")."\";");
}

 


		eval("\$attachbox = \"".$templates->get("post_attachments")."\";");
}
if(!$mybb->input['attachmentaid'] && !$mybb->input['newattachment'] && !$mybb->input['updateattachment'] && !$mybb->input['previewpost'] && !$maximageserror)

		eval("\$attachbox = \"".$templates->get("post_attachments")."\";");
}
if(!$mybb->input['attachmentaid'] && !$mybb->input['newattachment'] && !$mybb->input['updateattachment'] && !$mybb->input['previewpost'] && !$maximageserror)

Zeile 464Zeile 477
		$subject = $post['subject'];
}
else

		$subject = $post['subject'];
}
else

	{

	{

		$message = $mybb->input['message'];
$subject = $mybb->input['subject'];
}

		$message = $mybb->input['message'];
$subject = $mybb->input['subject'];
}

Zeile 485Zeile 498
			"uid" => $post['uid'],
"edit_uid" => $mybb->user['uid'],
"message" => $mybb->input['message'],

			"uid" => $post['uid'],
"edit_uid" => $mybb->user['uid'],
"message" => $mybb->input['message'],

		);


		);


		if(!$mybb->input['previewpost'])
{
$post['uid'] = $mybb->user['uid'];

		if(!$mybb->input['previewpost'])
{
$post['uid'] = $mybb->user['uid'];

Zeile 501Zeile 514
		);

$posthandler->set_data($post);

		);

$posthandler->set_data($post);





		// Now let the post handler do all the hard work.
if(!$posthandler->validate_post())
{

		// Now let the post handler do all the hard work.
if(!$posthandler->validate_post())
{

Zeile 509Zeile 522
			$post_errors = inline_error($post_errors);
$mybb->input['action'] = "editpost";
$mybb->input['previewpost'] = 0;

			$post_errors = inline_error($post_errors);
$mybb->input['action'] = "editpost";
$mybb->input['previewpost'] = 0;

		}

		}

		else
{
$previewmessage = $message;
$previewsubject = $subject;
$message = htmlspecialchars_uni($message);
$subject = htmlspecialchars_uni($subject);

		else
{
$previewmessage = $message;
$previewsubject = $subject;
$message = htmlspecialchars_uni($message);
$subject = htmlspecialchars_uni($subject);





			$postoptions = $mybb->input['postoptions'];

			$postoptions = $mybb->input['postoptions'];





			if($postoptions['signature'] == 1)
{
$postoptionschecked['signature'] = " checked=\"checked\"";

			if($postoptions['signature'] == 1)
{
$postoptionschecked['signature'] = " checked=\"checked\"";

			}


			}


			if($postoptions['subscriptionmethod'] == "none")

			if($postoptions['subscriptionmethod'] == "none")

			{

			{

				$postoptions_subscriptionmethod_none = "checked=\"checked\"";
}
else if($postoptions['subscriptionmethod'] == "instant")
{
$postoptions_subscriptionmethod_instant = "checked=\"checked\"";

				$postoptions_subscriptionmethod_none = "checked=\"checked\"";
}
else if($postoptions['subscriptionmethod'] == "instant")
{
$postoptions_subscriptionmethod_instant = "checked=\"checked\"";

			}

			}

			else
{
$postoptions_subscriptionmethod_dont = "checked=\"checked\"";

			else
{
$postoptions_subscriptionmethod_dont = "checked=\"checked\"";

Zeile 546Zeile 559

if($mybb->input['previewpost'])
{


if($mybb->input['previewpost'])
{

		// Figure out the poster's other information.
$query = $db->query("
SELECT u.*, f.*, p.dateline
FROM ".TABLE_PREFIX."users u
LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid)
LEFT JOIN ".TABLE_PREFIX."posts p ON (p.uid=u.uid)
WHERE u.uid='{$post['uid']}' AND p.pid='{$pid}'
LIMIT 1
");
$postinfo = $db->fetch_array($query);










		if(!$post['uid'])
{
$query = $db->simple_select('posts', 'username', "pid='{$pid}'");
$postinfo['username'] = $db->fetch_field($query, 'username');
}
else
{
// Figure out the poster's other information.
$query = $db->query("
SELECT u.*, f.*, p.dateline
FROM ".TABLE_PREFIX."users u
LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid)
LEFT JOIN ".TABLE_PREFIX."posts p ON (p.uid=u.uid)
WHERE u.uid='{$post['uid']}' AND p.pid='{$pid}'
LIMIT 1
");
$postinfo = $db->fetch_array($query);
$postinfo['userusername'] = $postinfo['username'];
}


$query = $db->simple_select("attachments", "*", "pid='{$pid}'");
while($attachment = $db->fetch_array($query))


$query = $db->simple_select("attachments", "*", "pid='{$pid}'");
while($attachment = $db->fetch_array($query))

Zeile 564Zeile 586
		}

// Set the values of the post info array.

		}

// Set the values of the post info array.

		$postinfo['userusername'] = $postinfo['username'];

 
		$postinfo['message'] = $previewmessage;
$postinfo['subject'] = $previewsubject;
$postinfo['icon'] = $icon;

		$postinfo['message'] = $previewmessage;
$postinfo['subject'] = $previewsubject;
$postinfo['icon'] = $icon;