| Zeile 301 | Zeile 301 |
|---|
{
$modlogdata = array(
"tid" => $thread['tid'],
|
{
$modlogdata = array(
"tid" => $thread['tid'],
|
"pid" => $post['pid'],
| |
"fid" => $forum['fid']
);
log_moderator_action($modlogdata, $lang->edited_post);
| "fid" => $forum['fid']
);
log_moderator_action($modlogdata, $lang->edited_post);
|
| Zeile 343 | Zeile 342 |
|---|
if(!$thread['tid'] || !$forum['fid'] || $forum['type'] != "f")
{
xmlhttp_error($lang->thread_doesnt_exist);
|
if(!$thread['tid'] || !$forum['fid'] || $forum['type'] != "f")
{
xmlhttp_error($lang->thread_doesnt_exist);
|
| | }
// Check if this forum is password protected and we have a valid password
if(check_forum_password($forum['fid'], 0, true))
{
xmlhttp_error($lang->wrong_forum_password);
|
}
// Fetch forum permissions.
| }
// Fetch forum permissions.
|
| Zeile 358 | Zeile 363 |
|---|
}
// Forum is not open, user doesn't have permission to edit, or author doesn't match this user - don't allow editing.
else if($forum['open'] == 0 || $forumpermissions['caneditposts'] == 0 || $mybb->user['uid'] != $post['uid'] || $mybb->user['uid'] == 0 || $mybb->user['suspendposting'] == 1)
|
}
// Forum is not open, user doesn't have permission to edit, or author doesn't match this user - don't allow editing.
else if($forum['open'] == 0 || $forumpermissions['caneditposts'] == 0 || $mybb->user['uid'] != $post['uid'] || $mybb->user['uid'] == 0 || $mybb->user['suspendposting'] == 1)
|
{
xmlhttp_error($lang->no_permission_edit_post);
}
| {
xmlhttp_error($lang->no_permission_edit_post);
}
|
// If we're past the edit time limit - don't allow editing.
else if($mybb->settings['edittimelimit'] != 0 && $post['dateline'] < (TIME_NOW-($mybb->settings['edittimelimit']*60)))
|
// If we're past the edit time limit - don't allow editing.
else if($mybb->settings['edittimelimit'] != 0 && $post['dateline'] < (TIME_NOW-($mybb->settings['edittimelimit']*60)))
|
{
| {
|
$lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']);
xmlhttp_error($lang->edit_time_limit);
}
| $lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']);
xmlhttp_error($lang->edit_time_limit);
}
|
| Zeile 371 | Zeile 376 |
|---|
if($post['visible'] == 0)
{
xmlhttp_error($lang->post_moderation);
|
if($post['visible'] == 0)
{
xmlhttp_error($lang->post_moderation);
|
}
// Forum is closed - no editing allowed
if($forum['open'] == 0)
{
xmlhttp_error($lang->no_permission_edit_post);
| |
}
}
if($mybb->input['do'] == "get_post")
| }
}
if($mybb->input['do'] == "get_post")
|
| Zeile 651 | Zeile 650 |
|---|
$username = $mybb->input['value'];
// Fix bad characters
|
$username = $mybb->input['value'];
// Fix bad characters
|
$username = trim($username);
| $username = trim_blank_chrs($username);
|
$username = str_replace(array(unichr(160), unichr(173), unichr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);
// Remove multiple spaces from the username
| $username = str_replace(array(unichr(160), unichr(173), unichr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);
// Remove multiple spaces from the username
|
| Zeile 659 | Zeile 658 |
|---|
header("Content-type: text/xml; charset={$charset}");
|
header("Content-type: text/xml; charset={$charset}");
|
if(empty($username) || utf8_handle_4byte_string($username, false) == false)
| if(empty($username))
|
{
echo "<fail>{$lang->banned_characters_username}</fail>";
exit;
| {
echo "<fail>{$lang->banned_characters_username}</fail>";
exit;
|
| Zeile 674 | Zeile 673 |
|---|
}
// Check for certain characters in username (<, >, &, and slashes)
|
}
// Check for certain characters in username (<, >, &, and slashes)
|
if(strpos($username, "<") !== false || strpos($username, ">") !== false || strpos($username, "&") !== false || my_strpos($username, "\\") !== false || strpos($username, ";") !== false)
| if(strpos($username, "<") !== false || strpos($username, ">") !== false || strpos($username, "&") !== false || my_strpos($username, "\\") !== false || strpos($username, ";") !== false|| strpos($username, ",") !== false || !validate_utf8_string($username, false, false))
|
{
echo "<fail>{$lang->banned_characters_username}</fail>";
exit;
| {
echo "<fail>{$lang->banned_characters_username}</fail>";
exit;
|