| [ Index ] |
PHP Cross Reference of MyBB 1.8.38 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 define("IN_MYBB", 1); 12 define('THIS_SCRIPT', 'editpost.php'); 13 14 $templatelist = "editpost,previewpost,changeuserbox,codebuttons,post_attachments_attachment_postinsert,post_attachments_attachment_mod_unapprove,postbit_attachments_thumbnails,postbit_profilefield_multiselect_value"; 15 $templatelist .= ",editpost_delete,forumdisplay_password_wrongpass,forumdisplay_password,editpost_reason,post_attachments_attachment_remove,post_attachments_update,post_subscription_method,postbit_profilefield_multiselect"; 16 $templatelist .= ",postbit_avatar,postbit_find,postbit_pm,postbit_rep_button,postbit_www,postbit_email,postbit_reputation,postbit_warn,postbit_warninglevel,postbit_author_user,posticons"; 17 $templatelist .= ",postbit_signature,postbit_classic,postbit,postbit_attachments_thumbnails_thumbnail,postbit_attachments_images_image,postbit_attachments_attachment,postbit_attachments_attachment_unapproved"; 18 $templatelist .= ",posticons_icon,post_prefixselect_prefix,post_prefixselect_single,newthread_postpoll,editpost_disablesmilies,post_attachments_attachment_mod_approve,post_attachments_attachment_unapproved"; 19 $templatelist .= ",postbit_warninglevel_formatted,postbit_reputation_formatted_link,editpost_signature,attachment_icon,post_attachments_attachment,post_attachments_add,post_attachments,editpost_postoptions,post_attachments_viewlink"; 20 $templatelist .= ",postbit_attachments_images,global_moderation_notice,post_attachments_new,postbit_attachments,postbit_online,postbit_away,postbit_offline,postbit_gotopost,postbit_userstar,postbit_icon"; 21 22 require_once "./global.php"; 23 require_once MYBB_ROOT."inc/functions_post.php"; 24 require_once MYBB_ROOT."inc/functions_upload.php"; 25 require_once MYBB_ROOT."inc/class_parser.php"; 26 $parser = new postParser; 27 28 // Load global language phrases 29 $lang->load("editpost"); 30 31 $plugins->run_hooks("editpost_start"); 32 33 // No permission for guests 34 if(!$mybb->user['uid']) 35 { 36 error_no_permission(); 37 } 38 39 // Get post info 40 $pid = $mybb->get_input('pid', MyBB::INPUT_INT); 41 42 // if we already have the post information... 43 if(isset($style) && $style['pid'] == $pid && $style['type'] != 'f') 44 { 45 $post = &$style; 46 } 47 else 48 { 49 $post = get_post($pid); 50 } 51 52 if(!$post || ($post['visible'] == -1 && $mybb->input['action'] != "restorepost")) 53 { 54 error($lang->error_invalidpost); 55 } 56 57 // Get thread info 58 $tid = $post['tid']; 59 $thread = get_thread($tid); 60 61 if(!$thread) 62 { 63 error($lang->error_invalidthread); 64 } 65 66 $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); 67 68 // Get forum info 69 $fid = $post['fid']; 70 $forum = get_forum($fid); 71 72 if($thread['visible'] == 0 && !is_moderator($fid, "canviewunapprove") || $thread['visible'] == -1 && !is_moderator($fid, "canviewdeleted") || ($thread['visible'] < -1 && $thread['uid'] != $mybb->user['uid'])) 73 { 74 if($thread['visible'] == 0 && !($mybb->settings['showownunapproved'] && $thread['uid'] == $mybb->user['uid'])) 75 { 76 error($lang->error_invalidthread); 77 } 78 } 79 if(!$forum || $forum['type'] != "f") 80 { 81 error($lang->error_closedinvalidforum); 82 } 83 if(($forum['open'] == 0 && !is_moderator($fid, "caneditposts")) || $mybb->user['suspendposting'] == 1) 84 { 85 error_no_permission(); 86 } 87 88 // Add prefix to breadcrumb 89 $breadcrumbprefix = ''; 90 if($thread['prefix']) 91 { 92 $threadprefixes = build_prefixes(); 93 if(!empty($threadprefixes[$thread['prefix']])) 94 { 95 $breadcrumbprefix = $threadprefixes[$thread['prefix']]['displaystyle'].' '; 96 } 97 } 98 99 // Make navigation 100 build_forum_breadcrumb($fid); 101 add_breadcrumb($breadcrumbprefix.$thread['subject'], get_thread_link($thread['tid'])); 102 add_breadcrumb($lang->nav_editpost); 103 104 $forumpermissions = forum_permissions($fid); 105 106 if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0) 107 { 108 $codebuttons = build_mycode_inserter("message", $mybb->settings['smilieinserter']); 109 } 110 if($mybb->settings['smilieinserter'] != 0) 111 { 112 $smilieinserter = build_clickable_smilies(); 113 } 114 115 $mybb->input['action'] = $mybb->get_input('action'); 116 if(!$mybb->input['action'] || isset($mybb->input['previewpost'])) 117 { 118 $mybb->input['action'] = "editpost"; 119 } 120 121 if($mybb->input['action'] == "deletepost" && $mybb->request_method == "post") 122 { 123 if(!is_moderator($fid, "candeleteposts") && !is_moderator($fid, "cansoftdeleteposts") && $pid != $thread['firstpost'] || !is_moderator($fid, "candeletethreads") && !is_moderator($fid, "cansoftdeletethreads") && $pid == $thread['firstpost']) 124 { 125 if($thread['closed'] == 1) 126 { 127 error($lang->redirect_threadclosed); 128 } 129 if($forumpermissions['candeleteposts'] == 0 && $pid != $thread['firstpost'] || $forumpermissions['candeletethreads'] == 0 && $pid == $thread['firstpost']) 130 { 131 error_no_permission(); 132 } 133 if($mybb->user['uid'] != $post['uid']) 134 { 135 error_no_permission(); 136 } 137 // User can't delete unapproved post unless allowed for own 138 if($post['visible'] == 0 && !($mybb->settings['showownunapproved'] && $post['uid'] == $mybb->user['uid'])) 139 { 140 error_no_permission(); 141 } 142 } 143 if($post['visible'] == -1 && $mybb->settings['soft_delete'] == 1) 144 { 145 error($lang->error_already_deleted); 146 } 147 } 148 elseif($mybb->input['action'] == "restorepost" && $mybb->request_method == "post") 149 { 150 if(!is_moderator($fid, "canrestoreposts") && $pid != $thread['firstpost'] || !is_moderator($fid, "canrestorethreads") && $pid == $thread['firstpost'] || $post['visible'] != -1) 151 { 152 error_no_permission(); 153 } 154 } 155 else 156 { 157 if(!is_moderator($fid, "caneditposts")) 158 { 159 if($thread['closed'] == 1) 160 { 161 error($lang->redirect_threadclosed); 162 } 163 if($forumpermissions['caneditposts'] == 0) 164 { 165 error_no_permission(); 166 } 167 if($mybb->user['uid'] != $post['uid']) 168 { 169 error_no_permission(); 170 } 171 // Edit time limit 172 $time = TIME_NOW; 173 if($mybb->usergroup['edittimelimit'] != 0 && $post['dateline'] < ($time-($mybb->usergroup['edittimelimit']*60))) 174 { 175 $lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->usergroup['edittimelimit']); 176 error($lang->edit_time_limit); 177 } 178 // User can't edit unapproved post 179 if(($post['visible'] == 0 && !($mybb->settings['showownunapproved'] && $post['uid'] == $mybb->user['uid'])) || $post['visible'] == -1) 180 { 181 error_no_permission(); 182 } 183 } 184 } 185 186 // Check if this forum is password protected and we have a valid password 187 check_forum_password($forum['fid']); 188 189 if((empty($_POST) && empty($_FILES)) && $mybb->get_input('processed', MyBB::INPUT_INT) == '1') 190 { 191 error($lang->error_empty_post_input); 192 } 193 194 $attacherror = ''; 195 if($mybb->settings['enableattachments'] == 1 && ($mybb->get_input('newattachment') || $mybb->get_input('updateattachment') || ((($mybb->input['action'] == "do_editpost" && isset($mybb->input['submitbutton'])) || ($mybb->input['action'] == "editpost" && isset($mybb->input['previewpost']))) && $_FILES['attachments']))) 196 { 197 // Verify incoming POST request 198 verify_post_check($mybb->get_input('my_post_key')); 199 200 if($pid) 201 { 202 $attachwhere = "pid='{$pid}'"; 203 } 204 else 205 { 206 $attachwhere = "posthash='".$db->escape_string($mybb->get_input('posthash'))."'"; 207 } 208 209 $ret = add_attachments($pid, $forumpermissions, $attachwhere, "editpost"); 210 211 if($mybb->get_input('ajax', MyBB::INPUT_INT) == 1) 212 { 213 if(isset($ret['success'])) 214 { 215 $attachment = array('aid'=>'{1}', 'icon'=>'{2}', 'filename'=>'{3}', 'size'=>'{4}'); 216 if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0) 217 { 218 eval("\$postinsert = \"".$templates->get("post_attachments_attachment_postinsert")."\";"); 219 } 220 // Moderating options 221 $attach_mod_options = ''; 222 if(is_moderator($fid)) 223 { 224 eval("\$attach_mod_options = \"".$templates->get("post_attachments_attachment_mod_unapprove")."\";"); 225 } 226 eval("\$attach_rem_options = \"".$templates->get("post_attachments_attachment_remove")."\";"); 227 eval("\$attemplate = \"".$templates->get("post_attachments_attachment")."\";"); 228 $ret['template'] = $attemplate; 229 230 $query = $db->simple_select("attachments", "SUM(filesize) AS ausage", "uid='".$mybb->user['uid']."'"); 231 $usage = $db->fetch_array($query); 232 $ret['usage'] = get_friendly_size($usage['ausage']); 233 } 234 235 header("Content-type: application/json; charset={$lang->settings['charset']}"); 236 echo json_encode($ret); 237 exit(); 238 } 239 240 if(!empty($ret['errors'])) 241 { 242 $errors = $ret['errors']; 243 } 244 245 // Do we have attachment errors? 246 if(!empty($errors)) 247 { 248 $attacherror = inline_error($errors); 249 } 250 251 // If we were dealing with an attachment but didn't click 'Update Post', force the post edit page again. 252 if(!isset($mybb->input['submitbutton'])) 253 { 254 $mybb->input['action'] = "editpost"; 255 } 256 } 257 258 detect_attachmentact(); 259 260 if($mybb->settings['enableattachments'] == 1 && $mybb->get_input('attachmentaid', MyBB::INPUT_INT) && isset($mybb->input['attachmentact']) && $mybb->input['action'] == "do_editpost" && $mybb->request_method == "post") // Lets remove/approve/unapprove the attachment 261 { 262 // Verify incoming POST request 263 verify_post_check($mybb->get_input('my_post_key')); 264 265 $mybb->input['attachmentaid'] = $mybb->get_input('attachmentaid', MyBB::INPUT_INT); 266 if($mybb->input['attachmentact'] == "remove") 267 { 268 remove_attachment($pid, "", $mybb->input['attachmentaid']); 269 } 270 elseif($mybb->get_input('attachmentact') == "approve" && is_moderator($fid, 'canapproveunapproveattachs')) 271 { 272 $update_sql = array("visible" => 1); 273 $db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'"); 274 update_thread_counters($post['tid'], array('attachmentcount' => "+1")); 275 } 276 elseif($mybb->get_input('attachmentact') == "unapprove" && is_moderator($fid, 'canapproveunapproveattachs')) 277 { 278 $update_sql = array("visible" => 0); 279 $db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'"); 280 update_thread_counters($post['tid'], array('attachmentcount' => "-1")); 281 } 282 283 if($mybb->get_input('ajax', MyBB::INPUT_INT) == 1) 284 { 285 $query = $db->simple_select("attachments", "SUM(filesize) AS ausage", "uid='".$mybb->user['uid']."'"); 286 $usage = $db->fetch_array($query); 287 288 header("Content-type: application/json; charset={$lang->settings['charset']}"); 289 echo json_encode(array("success" => true, "usage" => get_friendly_size($usage['ausage']))); 290 exit(); 291 } 292 293 if(!isset($mybb->input['submitbutton'])) 294 { 295 $mybb->input['action'] = "editpost"; 296 } 297 } 298 299 if($mybb->input['action'] == "deletepost" && $mybb->request_method == "post") 300 { 301 // Verify incoming POST request 302 verify_post_check($mybb->get_input('my_post_key')); 303 304 $plugins->run_hooks("editpost_deletepost"); 305 306 if($mybb->get_input('delete', MyBB::INPUT_INT) == 1) 307 { 308 $query = $db->simple_select("posts", "pid", "tid='{$tid}'", array("limit" => 1, "order_by" => "dateline, pid")); 309 $firstcheck = $db->fetch_array($query); 310 if($firstcheck['pid'] == $pid) 311 { 312 $firstpost = 1; 313 } 314 else 315 { 316 $firstpost = 0; 317 } 318 319 $modlogdata['fid'] = $fid; 320 $modlogdata['tid'] = $tid; 321 if($firstpost) 322 { 323 if($forumpermissions['candeletethreads'] == 1 || is_moderator($fid, "candeletethreads") || is_moderator($fid, "cansoftdeletethreads")) 324 { 325 require_once MYBB_ROOT."inc/class_moderation.php"; 326 $moderation = new Moderation; 327 328 if($mybb->settings['soft_delete'] == 1 || is_moderator($fid, "cansoftdeletethreads")) 329 { 330 $modlogdata['pid'] = $pid; 331 332 $moderation->soft_delete_threads(array($tid)); 333 log_moderator_action($modlogdata, $lang->thread_soft_deleted); 334 } 335 else 336 { 337 $moderation->delete_thread($tid); 338 mark_reports($tid, "thread"); 339 log_moderator_action($modlogdata, $lang->thread_deleted); 340 } 341 342 if($mybb->input['ajax'] == 1) 343 { 344 header("Content-type: application/json; charset={$lang->settings['charset']}"); 345 if(is_moderator($fid, "canviewdeleted")) 346 { 347 echo json_encode(array("data" => '1', "first" => '1')); 348 } 349 else 350 { 351 echo json_encode(array("data" => '3', "url" => get_forum_link($fid))); 352 } 353 } 354 else 355 { 356 redirect(get_forum_link($fid), $lang->redirect_threaddeleted); 357 } 358 } 359 else 360 { 361 error_no_permission(); 362 } 363 } 364 else 365 { 366 if($forumpermissions['candeleteposts'] == 1 || is_moderator($fid, "candeleteposts") || is_moderator($fid, "cansoftdeleteposts")) 367 { 368 // Select the first post before this 369 require_once MYBB_ROOT."inc/class_moderation.php"; 370 $moderation = new Moderation; 371 372 if($mybb->settings['soft_delete'] == 1 || is_moderator($fid, "cansoftdeleteposts")) 373 { 374 $modlogdata['pid'] = $pid; 375 376 $moderation->soft_delete_posts(array($pid)); 377 log_moderator_action($modlogdata, $lang->post_soft_deleted); 378 } 379 else 380 { 381 $moderation->delete_post($pid); 382 mark_reports($pid, "post"); 383 log_moderator_action($modlogdata, $lang->post_deleted); 384 } 385 386 $query = $db->simple_select("posts", "pid", "tid='{$tid}' AND dateline <= '{$post['dateline']}'", array("limit" => 1, "order_by" => "dateline DESC, pid DESC")); 387 $next_post = $db->fetch_array($query); 388 if($next_post['pid']) 389 { 390 $redirect = get_post_link($next_post['pid'], $tid)."#pid{$next_post['pid']}"; 391 } 392 else 393 { 394 $redirect = get_thread_link($tid); 395 } 396 397 if($mybb->get_input('ajax', MyBB::INPUT_INT) == 1) 398 { 399 header("Content-type: application/json; charset={$lang->settings['charset']}"); 400 if(is_moderator($fid, "canviewdeleted")) 401 { 402 echo json_encode(array("data" => '1', "first" => '0')); 403 } 404 else 405 { 406 echo json_encode(array("data" => '2')); 407 } 408 } 409 else 410 { 411 redirect($redirect, $lang->redirect_postdeleted); 412 } 413 } 414 else 415 { 416 error_no_permission(); 417 } 418 } 419 } 420 else 421 { 422 error($lang->redirect_nodelete); 423 } 424 } 425 426 if($mybb->input['action'] == "restorepost" && $mybb->request_method == "post") 427 { 428 // Verify incoming POST request 429 verify_post_check($mybb->get_input('my_post_key')); 430 431 $plugins->run_hooks("editpost_restorepost"); 432 433 if($mybb->get_input('restore', MyBB::INPUT_INT) == 1) 434 { 435 $query = $db->simple_select("posts", "pid", "tid='{$tid}'", array("limit" => 1, "order_by" => "dateline, pid")); 436 $firstcheck = $db->fetch_array($query); 437 if($firstcheck['pid'] == $pid) 438 { 439 $firstpost = 1; 440 } 441 else 442 { 443 $firstpost = 0; 444 } 445 446 $modlogdata['fid'] = $fid; 447 $modlogdata['tid'] = $tid; 448 $modlogdata['pid'] = $pid; 449 if($firstpost) 450 { 451 if(is_moderator($fid, "canrestorethreads")) 452 { 453 require_once MYBB_ROOT."inc/class_moderation.php"; 454 $moderation = new Moderation; 455 $moderation->restore_threads(array($tid)); 456 log_moderator_action($modlogdata, $lang->thread_restored); 457 if($mybb->input['ajax'] == 1) 458 { 459 header("Content-type: application/json; charset={$lang->settings['charset']}"); 460 echo json_encode(array("data" => '1', "first" => '1')); 461 } 462 else 463 { 464 redirect(get_forum_link($fid), $lang->redirect_threadrestored); 465 } 466 } 467 else 468 { 469 error_no_permission(); 470 } 471 } 472 else 473 { 474 if(is_moderator($fid, "canrestoreposts")) 475 { 476 // Select the first post before this 477 require_once MYBB_ROOT."inc/class_moderation.php"; 478 $moderation = new Moderation; 479 $moderation->restore_posts(array($pid)); 480 log_moderator_action($modlogdata, $lang->post_restored); 481 $redirect = get_post_link($pid, $tid)."#pid{$pid}"; 482 483 if($mybb->input['ajax'] == 1) 484 { 485 header("Content-type: application/json; charset={$lang->settings['charset']}"); 486 echo json_encode(array("data" => '1', "first" => '0')); 487 } 488 else 489 { 490 redirect($redirect, $lang->redirect_postrestored); 491 } 492 } 493 else 494 { 495 error_no_permission(); 496 } 497 } 498 } 499 else 500 { 501 error($lang->redirect_norestore); 502 } 503 } 504 505 $postoptions = array(); 506 507 if($mybb->input['action'] == "do_editpost" && $mybb->request_method == "post") 508 { 509 // Verify incoming POST request 510 verify_post_check($mybb->get_input('my_post_key')); 511 512 $plugins->run_hooks("editpost_do_editpost_start"); 513 514 // Set up posthandler. 515 require_once MYBB_ROOT."inc/datahandlers/post.php"; 516 $posthandler = new PostDataHandler("update"); 517 $posthandler->action = "post"; 518 519 // Set the post data that came from the input to the $post array. 520 $post = array( 521 "pid" => $mybb->input['pid'], 522 "prefix" => $mybb->get_input('threadprefix', MyBB::INPUT_INT), 523 "subject" => $mybb->get_input('subject'), 524 "icon" => $mybb->get_input('icon', MyBB::INPUT_INT), 525 "uid" => $post['uid'], 526 "username" => $post['username'], 527 "edit_uid" => $mybb->user['uid'], 528 "message" => $mybb->get_input('message'), 529 "editreason" => $mybb->get_input('editreason'), 530 ); 531 532 $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); 533 if(!isset($postoptions['signature'])) 534 { 535 $postoptions['signature'] = 0; 536 } 537 if(!isset($postoptions['subscriptionmethod'])) 538 { 539 $postoptions['subscriptionmethod'] = 0; 540 } 541 if(!isset($postoptions['disablesmilies'])) 542 { 543 $postoptions['disablesmilies'] = 0; 544 } 545 546 // Set up the post options from the input. 547 $post['options'] = array( 548 "signature" => $postoptions['signature'], 549 "subscriptionmethod" => $postoptions['subscriptionmethod'], 550 "disablesmilies" => $postoptions['disablesmilies'] 551 ); 552 553 $posthandler->set_data($post); 554 555 // Now let the post handler do all the hard work. 556 if(!$posthandler->validate_post()) 557 { 558 $post_errors = $posthandler->get_friendly_errors(); 559 $post_errors = inline_error($post_errors); 560 $mybb->input['action'] = "editpost"; 561 } 562 // No errors were found, we can call the update method. 563 else 564 { 565 $postinfo = $posthandler->update_post(); 566 $visible = $postinfo['visible']; 567 $first_post = $postinfo['first_post']; 568 569 // Help keep our attachments table clean. 570 $db->delete_query("attachments", "filename='' OR filesize<1"); 571 572 // Did the user choose to post a poll? Redirect them to the poll posting page. 573 if($mybb->get_input('postpoll', MyBB::INPUT_INT) && $forumpermissions['canpostpolls']) 574 { 575 $url = "polls.php?action=newpoll&tid=$tid&polloptions=".$mybb->get_input('numpolloptions', MyBB::INPUT_INT); 576 $lang->redirect_postedited = $lang->redirect_postedited_poll; 577 } 578 else if($visible == 0 && $first_post && !is_moderator($fid, "canviewunapprove", $mybb->user['uid'])) 579 { 580 // Moderated post 581 $lang->redirect_postedited .= $lang->redirect_thread_moderation; 582 $url = get_forum_link($fid); 583 } 584 else if($visible == 0 && !is_moderator($fid, "canviewunapprove", $mybb->user['uid'])) 585 { 586 $lang->redirect_postedited .= $lang->redirect_post_moderation; 587 $url = get_thread_link($tid); 588 } 589 // Otherwise, send them back to their post 590 else 591 { 592 $lang->redirect_postedited .= $lang->redirect_postedited_redirect; 593 $url = get_post_link($pid, $tid)."#pid{$pid}"; 594 } 595 $plugins->run_hooks("editpost_do_editpost_end"); 596 597 redirect($url, $lang->redirect_postedited); 598 } 599 } 600 601 if(!$mybb->input['action'] || $mybb->input['action'] == "editpost") 602 { 603 $plugins->run_hooks("editpost_action_start"); 604 605 $preview = ''; 606 if(!isset($mybb->input['previewpost'])) 607 { 608 $icon = $post['icon']; 609 } 610 611 if($forum['allowpicons'] != 0) 612 { 613 $posticons = get_post_icons(); 614 } 615 616 $mybb->user['username'] = htmlspecialchars_uni($mybb->user['username']); 617 eval("\$loginbox = \"".$templates->get("changeuserbox")."\";"); 618 619 $deletebox = ''; 620 621 if(isset($post['visible']) && $post['visible'] != -1 && (($thread['firstpost'] == $pid && (is_moderator($fid, "candeletethreads") || $forumpermissions['candeletethreads'] == 1 && $mybb->user['uid'] == $post['uid'])) || ($thread['firstpost'] != $pid && (is_moderator($fid, "candeleteposts") || $forumpermissions['candeleteposts'] == 1 && $mybb->user['uid'] == $post['uid'])))) 622 { 623 eval("\$deletebox = \"".$templates->get("editpost_delete")."\";"); 624 } 625 626 $bgcolor = "trow1"; 627 if($mybb->settings['enableattachments'] != 0 && $forumpermissions['canpostattachments'] != 0) 628 { // Get a listing of the current attachments, if there are any 629 $attachcount = 0; 630 $query = $db->simple_select("attachments", "*", "pid='{$pid}'"); 631 $attachments = ''; 632 while($attachment = $db->fetch_array($query)) 633 { 634 $attachment['size'] = get_friendly_size($attachment['filesize']); 635 $attachment['icon'] = get_attachment_icon(get_extension($attachment['filename'])); 636 $attachment['filename'] = htmlspecialchars_uni($attachment['filename']); 637 638 if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0) 639 { 640 eval("\$postinsert = \"".$templates->get("post_attachments_attachment_postinsert")."\";"); 641 } 642 // Moderating options 643 $attach_mod_options = ''; 644 if(is_moderator($fid)) 645 { 646 if($attachment['visible'] == 1) 647 { 648 eval("\$attach_mod_options = \"".$templates->get("post_attachments_attachment_mod_unapprove")."\";"); 649 } 650 else 651 { 652 eval("\$attach_mod_options = \"".$templates->get("post_attachments_attachment_mod_approve")."\";"); 653 } 654 } 655 656 // Remove Attachment 657 eval("\$attach_rem_options = \"".$templates->get("post_attachments_attachment_remove")."\";"); 658 659 if($attachment['visible'] != 1) 660 { 661 eval("\$attachments .= \"".$templates->get("post_attachments_attachment_unapproved")."\";"); 662 } 663 else 664 { 665 eval("\$attachments .= \"".$templates->get("post_attachments_attachment")."\";"); 666 } 667 $attachcount++; 668 } 669 $query = $db->simple_select("attachments", "SUM(filesize) AS ausage", "uid='".$mybb->user['uid']."'"); 670 $usage = $db->fetch_array($query); 671 if($usage['ausage'] > ($mybb->usergroup['attachquota']*1024) && $mybb->usergroup['attachquota'] != 0) 672 { 673 $noshowattach = 1; 674 } 675 else 676 { 677 $noshowattach = 0; 678 } 679 if($mybb->usergroup['attachquota'] == 0) 680 { 681 $friendlyquota = $lang->unlimited; 682 } 683 else 684 { 685 $friendlyquota = get_friendly_size($mybb->usergroup['attachquota']*1024); 686 } 687 688 $lang->attach_quota = $lang->sprintf($lang->attach_quota, $friendlyquota); 689 690 $link_viewattachments = ''; 691 692 if($usage['ausage'] !== NULL) 693 { 694 $friendlyusage = get_friendly_size($usage['ausage']); 695 $lang->attach_usage = $lang->sprintf($lang->attach_usage, $friendlyusage); 696 eval("\$link_viewattachments = \"".$templates->get("post_attachments_viewlink")."\";"); 697 } 698 else 699 { 700 $lang->attach_usage = ""; 701 } 702 703 $attach_update_options = ''; 704 705 if($mybb->settings['maxattachments'] == 0 || ($mybb->settings['maxattachments'] != 0 && $attachcount < $mybb->settings['maxattachments']) && !$noshowattach) 706 { 707 eval("\$attach_add_options = \"".$templates->get("post_attachments_add")."\";"); 708 } 709 710 if(($mybb->usergroup['caneditattachments'] || $forumpermissions['caneditattachments']) && $attachcount > 0) 711 { 712 eval("\$attach_update_options = \"".$templates->get("post_attachments_update")."\";"); 713 } 714 715 if($attach_add_options || $attach_update_options) 716 { 717 eval("\$newattach = \"".$templates->get("post_attachments_new")."\";"); 718 } 719 eval("\$attachbox = \"".$templates->get("post_attachments")."\";"); 720 } 721 else 722 { 723 $attachbox = ''; 724 } 725 if(!$mybb->get_input('attachmentaid', MyBB::INPUT_INT) && !$mybb->get_input('newattachment') && !$mybb->get_input('updateattachment') && !isset($mybb->input['previewpost'])) 726 { 727 $message = $post['message']; 728 $subject = $post['subject']; 729 $reason = htmlspecialchars_uni($post['editreason']); 730 } 731 else 732 { 733 $message = $mybb->get_input('message'); 734 $subject = $mybb->get_input('subject'); 735 $reason = htmlspecialchars_uni($mybb->get_input('editreason')); 736 } 737 738 $previewmessage = $message; 739 $previewsubject = $subject; 740 $message = htmlspecialchars_uni($message); 741 $subject = htmlspecialchars_uni($subject); 742 743 if(!isset($post_errors)) 744 { 745 $post_errors = ''; 746 } 747 748 $subscribe = $nonesubscribe = $emailsubscribe = $pmsubscribe = ''; 749 $postoptionschecked = array('signature' => '', 'disablesmilies' => ''); 750 751 if(!empty($mybb->input['previewpost']) || $post_errors) 752 { 753 // Set up posthandler. 754 require_once MYBB_ROOT."inc/datahandlers/post.php"; 755 $posthandler = new PostDataHandler("update"); 756 $posthandler->action = "post"; 757 758 // Set the post data that came from the input to the $post array. 759 $post = array( 760 "pid" => $mybb->input['pid'], 761 "prefix" => $mybb->get_input('threadprefix', MyBB::INPUT_INT), 762 "subject" => $mybb->get_input('subject'), 763 "icon" => $mybb->get_input('icon', MyBB::INPUT_INT), 764 "uid" => $post['uid'], 765 "username" => $post['username'], 766 "edit_uid" => $mybb->user['uid'], 767 "message" => $mybb->get_input('message'), 768 ); 769 770 $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); 771 if(!isset($postoptions['signature'])) 772 { 773 $postoptions['signature'] = 0; 774 } 775 if(!isset($postoptions['emailnotify'])) 776 { 777 $postoptions['emailnotify'] = 0; 778 } 779 if(!isset($postoptions['disablesmilies'])) 780 { 781 $postoptions['disablesmilies'] = 0; 782 } 783 784 // Set up the post options from the input. 785 $post['options'] = array( 786 "signature" => $postoptions['signature'], 787 "emailnotify" => $postoptions['emailnotify'], 788 "disablesmilies" => $postoptions['disablesmilies'] 789 ); 790 791 $posthandler->set_data($post); 792 793 // Now let the post handler do all the hard work. 794 if(!$posthandler->validate_post()) 795 { 796 $post_errors = $posthandler->get_friendly_errors(); 797 $post_errors = inline_error($post_errors); 798 $mybb->input['action'] = "editpost"; 799 $mybb->input['previewpost'] = 0; 800 } 801 else 802 { 803 804 $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); 805 806 if(isset($postoptions['signature']) && $postoptions['signature'] == 1) 807 { 808 $postoptionschecked['signature'] = " checked=\"checked\""; 809 } 810 811 if(isset($postoptions['disablesmilies']) && $postoptions['disablesmilies'] == 1) 812 { 813 $postoptionschecked['disablesmilies'] = " checked=\"checked\""; 814 } 815 816 $subscription_method = get_subscription_method($tid, $postoptions); 817 ${$subscription_method.'subscribe'} = "checked=\"checked\" "; 818 } 819 } 820 821 if(!empty($mybb->input['previewpost'])) 822 { 823 if(!$post['uid']) 824 { 825 $query = $db->simple_select('posts', 'username, dateline', "pid='{$pid}'"); 826 $postinfo = $db->fetch_array($query); 827 } 828 else 829 { 830 // Figure out the poster's other information. 831 $query = $db->query(" 832 SELECT u.*, f.*, p.dateline 833 FROM ".TABLE_PREFIX."users u 834 LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid) 835 LEFT JOIN ".TABLE_PREFIX."posts p ON (p.uid=u.uid) 836 WHERE u.uid='{$post['uid']}' AND p.pid='{$pid}' 837 LIMIT 1 838 "); 839 $postinfo = $db->fetch_array($query); 840 $postinfo['userusername'] = $postinfo['username']; 841 } 842 843 $query = $db->simple_select("attachments", "*", "pid='{$pid}'"); 844 while($attachment = $db->fetch_array($query)) 845 { 846 $attachcache[0][$attachment['aid']] = $attachment; 847 } 848 849 if(!isset($postoptions['disablesmilies'])) 850 { 851 $postoptions['disablesmilies'] = 0; 852 } 853 854 // Set the values of the post info array. 855 $postinfo['message'] = $previewmessage; 856 $postinfo['subject'] = $previewsubject; 857 $postinfo['icon'] = $icon; 858 $postinfo['smilieoff'] = $postoptions['disablesmilies']; 859 860 $postbit = build_postbit($postinfo, 1); 861 eval("\$preview = \"".$templates->get("previewpost")."\";"); 862 } 863 else if(!$post_errors) 864 { 865 $preview = ''; 866 867 if($post['includesig'] != 0) 868 { 869 $postoptionschecked['signature'] = " checked=\"checked\""; 870 } 871 872 if($post['smilieoff'] == 1) 873 { 874 $postoptionschecked['disablesmilies'] = " checked=\"checked\""; 875 } 876 877 $subscription_method = get_subscription_method($tid, $postoptions); 878 ${$subscription_method.'subscribe'} = "checked=\"checked\" "; 879 } 880 881 // Generate thread prefix selector if this is the first post of the thread 882 if($thread['firstpost'] == $pid) 883 { 884 if(!$mybb->get_input('threadprefix', MyBB::INPUT_INT)) 885 { 886 $mybb->input['threadprefix'] = $thread['prefix']; 887 } 888 889 $prefixselect = build_prefix_select($forum['fid'], $mybb->get_input('threadprefix', MyBB::INPUT_INT), 0, $thread['prefix']); 890 } 891 else 892 { 893 $prefixselect = ""; 894 } 895 896 $editreason = ''; 897 if($mybb->settings['alloweditreason'] == 1) 898 { 899 eval("\$editreason = \"".$templates->get("editpost_reason")."\";"); 900 $bgcolor = "trow2"; 901 $bgcolor2 = "trow1"; 902 } 903 else 904 { 905 $bgcolor = "trow1"; 906 $bgcolor2 = "trow2"; 907 } 908 909 // Fetch subscription select box 910 eval("\$subscriptionmethod = \"".$templates->get("post_subscription_method")."\";"); 911 912 $query = $db->simple_select("posts", "*", "tid='{$tid}'", array("limit" => 1, "order_by" => "dateline, pid")); 913 $firstcheck = $db->fetch_array($query); 914 915 $time = TIME_NOW; 916 if($firstcheck['pid'] == $pid && $forumpermissions['canpostpolls'] != 0 && $thread['poll'] < 1 && (is_moderator($fid, "canmanagepolls") || $thread['dateline'] > ($time-($mybb->settings['polltimelimit']*60*60)) || $mybb->settings['polltimelimit'] == 0)) 917 { 918 $lang->max_options = $lang->sprintf($lang->max_options, $mybb->settings['maxpolloptions']); 919 $numpolloptions = $mybb->get_input('numpolloptions', MyBB::INPUT_INT); 920 $postpollchecked = ''; 921 922 if($numpolloptions < 1) 923 { 924 $numpolloptions = 2; 925 } 926 927 if($mybb->get_input('postpoll', MyBB::INPUT_INT) == 1) 928 { 929 $postpollchecked = 'checked="checked"'; 930 } 931 932 eval("\$pollbox = \"".$templates->get("newthread_postpoll")."\";"); 933 } 934 else 935 { 936 $pollbox = ''; 937 } 938 939 // Hide signature option if no permission 940 $signature = ''; 941 if($mybb->usergroup['canusesig'] == 1 && !$mybb->user['suspendsignature']) 942 { 943 eval("\$signature = \"".$templates->get('editpost_signature')."\";"); 944 } 945 946 // Can we disable smilies or are they disabled already? 947 $disablesmilies = ''; 948 if($forum['allowsmilies'] != 0) 949 { 950 eval("\$disablesmilies = \"".$templates->get("editpost_disablesmilies")."\";"); 951 } 952 953 $postoptions = ''; 954 if(!empty($signature) || !empty($disablesmilies)) 955 { 956 eval("\$postoptions = \"".$templates->get("editpost_postoptions")."\";"); 957 } 958 959 $moderation_notice = ''; 960 if(!is_moderator($forum['fid'], "canapproveunapproveattachs")) 961 { 962 if($forumpermissions['modattachments'] == 1 && $forumpermissions['canpostattachments'] != 0) 963 { 964 $moderation_text = $lang->moderation_forum_attachments; 965 eval('$moderation_notice = "'.$templates->get('global_moderation_notice').'";'); 966 } 967 } 968 969 if(!is_moderator($forum['fid'], "canapproveunapproveposts")) 970 { 971 if($forumpermissions['mod_edit_posts'] == 1) 972 { 973 $moderation_text = $lang->moderation_forum_edits; 974 eval('$moderation_notice = "'.$templates->get('global_moderation_notice').'";'); 975 } 976 } 977 978 $php_max_upload_size = get_php_upload_limit(); 979 $php_max_file_uploads = (int)ini_get('max_file_uploads'); 980 eval("\$post_javascript = \"".$templates->get("post_javascript")."\";"); 981 982 $plugins->run_hooks("editpost_end"); 983 984 $forum['name'] = strip_tags($forum['name']); 985 986 eval("\$editpost = \"".$templates->get("editpost")."\";"); 987 output_page($editpost); 988 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| 2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |