[ Index ]

PHP Cross Reference of MyBB 1.8.19

title

Body

[close]

/ -> editpost.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'editpost.php');
  13  
  14  $templatelist = "editpost,previewpost,changeuserbox,codebuttons,post_attachments_attachment_postinsert,post_attachments_attachment_mod_unapprove,postbit_attachments_thumbnails,postbit_profilefield_multiselect_value";
  15  $templatelist .= ",editpost_delete,forumdisplay_password_wrongpass,forumdisplay_password,editpost_reason,post_attachments_attachment_remove,post_attachments_update,post_subscription_method,postbit_profilefield_multiselect";
  16  $templatelist .= ",postbit_avatar,postbit_find,postbit_pm,postbit_rep_button,postbit_www,postbit_email,postbit_reputation,postbit_warn,postbit_warninglevel,postbit_author_user,posticons";
  17  $templatelist .= ",postbit_signature,postbit_classic,postbit,postbit_attachments_thumbnails_thumbnail,postbit_attachments_images_image,postbit_attachments_attachment,postbit_attachments_attachment_unapproved";
  18  $templatelist .= ",posticons_icon,post_prefixselect_prefix,post_prefixselect_single,newthread_postpoll,editpost_disablesmilies,post_attachments_attachment_mod_approve,post_attachments_attachment_unapproved";
  19  $templatelist .= ",postbit_warninglevel_formatted,postbit_reputation_formatted_link,editpost_signature,attachment_icon,post_attachments_attachment,post_attachments_add,post_attachments,editpost_postoptions";
  20  $templatelist .= ",postbit_attachments_images,global_moderation_notice,post_attachments_new,postbit_attachments,postbit_online,postbit_away,postbit_offline,postbit_gotopost,postbit_userstar,postbit_icon";
  21  
  22  require_once  "./global.php";
  23  require_once  MYBB_ROOT."inc/functions_post.php";
  24  require_once  MYBB_ROOT."inc/functions_upload.php";
  25  require_once  MYBB_ROOT."inc/class_parser.php";
  26  $parser = new postParser;
  27  
  28  // Load global language phrases
  29  $lang->load("editpost");
  30  
  31  $plugins->run_hooks("editpost_start");
  32  
  33  // No permission for guests
  34  if(!$mybb->user['uid'])
  35  {
  36      error_no_permission();
  37  }
  38  
  39  // Get post info
  40  $pid = $mybb->get_input('pid', MyBB::INPUT_INT);
  41  
  42  // if we already have the post information...
  43  if(isset($style) && $style['pid'] == $pid && $style['type'] != 'f')
  44  {
  45      $post = &$style;
  46  }
  47  else
  48  {
  49      $post = get_post($pid);
  50  }
  51  
  52  if(!$post || ($post['visible'] == -1 && $mybb->input['action'] != "restorepost"))
  53  {
  54      error($lang->error_invalidpost);
  55  }
  56  
  57  // Get thread info
  58  $tid = $post['tid'];
  59  $thread = get_thread($tid);
  60  
  61  if(!$thread)
  62  {
  63      error($lang->error_invalidthread);
  64  }
  65  
  66  $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject']));
  67  
  68  // Get forum info
  69  $fid = $post['fid'];
  70  $forum = get_forum($fid);
  71  
  72  if($thread['visible'] == 0 && !is_moderator($fid, "canviewunapprove") || $thread['visible'] == -1 && !is_moderator($fid, "canviewdeleted") || ($thread['visible'] < -1 && $thread['uid'] != $mybb->user['uid']))
  73  {
  74      error($lang->error_invalidthread);
  75  }
  76  if(!$forum || $forum['type'] != "f")
  77  {
  78      error($lang->error_closedinvalidforum);
  79  }
  80  if(($forum['open'] == 0 && !is_moderator($fid, "caneditposts")) || $mybb->user['suspendposting'] == 1)
  81  {
  82      error_no_permission();
  83  }
  84  
  85  // Add prefix to breadcrumb
  86  $breadcrumbprefix = '';
  87  if($thread['prefix'])
  88  {
  89      $threadprefixes = build_prefixes();
  90      if(!empty($threadprefixes[$thread['prefix']]))
  91      {
  92          $breadcrumbprefix = $threadprefixes[$thread['prefix']]['displaystyle'].'&nbsp;';
  93      }
  94  }
  95  
  96  // Make navigation
  97  build_forum_breadcrumb($fid);
  98  add_breadcrumb($breadcrumbprefix.$thread['subject'], get_thread_link($thread['tid']));
  99  add_breadcrumb($lang->nav_editpost);
 100  
 101  $forumpermissions = forum_permissions($fid);
 102  
 103  if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0)
 104  {
 105      $codebuttons = build_mycode_inserter("message", $mybb->settings['smilieinserter']);
 106  }
 107  if($mybb->settings['smilieinserter'] != 0)
 108  {
 109      $smilieinserter = build_clickable_smilies();
 110  }
 111  
 112  $mybb->input['action'] = $mybb->get_input('action');
 113  if(!$mybb->input['action'] || isset($mybb->input['previewpost']))
 114  {
 115      $mybb->input['action'] = "editpost";
 116  }
 117  
 118  if($mybb->input['action'] == "deletepost" && $mybb->request_method == "post")
 119  {
 120      if(!is_moderator($fid, "candeleteposts") && !is_moderator($fid, "cansoftdeleteposts") && $pid != $thread['firstpost'] || !is_moderator($fid, "candeletethreads") && !is_moderator($fid, "cansoftdeletethreads") && $pid == $thread['firstpost'])
 121      {
 122          if($thread['closed'] == 1)
 123          {
 124              error($lang->redirect_threadclosed);
 125          }
 126          if($forumpermissions['candeleteposts'] == 0 && $pid != $thread['firstpost'] || $forumpermissions['candeletethreads'] == 0 && $pid == $thread['firstpost'])
 127          {
 128              error_no_permission();
 129          }
 130          if($mybb->user['uid'] != $post['uid'])
 131          {
 132              error_no_permission();
 133          }
 134          // User can't delete unapproved post
 135          if($post['visible'] == 0)
 136          {
 137              error_no_permission();
 138          }
 139      }
 140      if($post['visible'] == -1 && $mybb->settings['soft_delete'] == 1)
 141      {
 142          error($lang->error_already_deleted);
 143      }
 144  }
 145  elseif($mybb->input['action'] == "restorepost" && $mybb->request_method == "post")
 146  {
 147      if(!is_moderator($fid, "canrestoreposts") && $pid != $thread['firstpost'] || !is_moderator($fid, "canrestorethreads") && $pid == $thread['firstpost'] || $post['visible'] != -1)
 148      {
 149          error_no_permission();
 150      }
 151  }
 152  else
 153  {
 154      if(!is_moderator($fid, "caneditposts"))
 155      {
 156          if($thread['closed'] == 1)
 157          {
 158              error($lang->redirect_threadclosed);
 159          }
 160          if($forumpermissions['caneditposts'] == 0)
 161          {
 162              error_no_permission();
 163          }
 164          if($mybb->user['uid'] != $post['uid'])
 165          {
 166              error_no_permission();
 167          }
 168          // Edit time limit
 169          $time = TIME_NOW;
 170          if($mybb->usergroup['edittimelimit'] != 0 && $post['dateline'] < ($time-($mybb->usergroup['edittimelimit']*60)))
 171          {
 172              $lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->usergroup['edittimelimit']);
 173              error($lang->edit_time_limit);
 174          }
 175          // User can't edit unapproved post
 176          if($post['visible'] == 0 || $post['visible'] == -1)
 177          {
 178              error_no_permission();
 179          }
 180      }
 181  }
 182  
 183  // Check if this forum is password protected and we have a valid password
 184  check_forum_password($forum['fid']);
 185  
 186  if((empty($_POST) && empty($_FILES)) && $mybb->get_input('processed', MyBB::INPUT_INT) == '1')
 187  {
 188      error($lang->error_empty_post_input);
 189  }
 190  
 191  $attacherror = '';
 192  if($mybb->settings['enableattachments'] == 1 && !$mybb->get_input('attachmentaid', MyBB::INPUT_INT) && ($mybb->get_input('newattachment') || $mybb->get_input('updateattachment') || ($mybb->input['action'] == "do_editpost" && isset($mybb->input['submit']) && $_FILES['attachment'])))
 193  {
 194      // Verify incoming POST request
 195      verify_post_check($mybb->get_input('my_post_key'));
 196  
 197      if($pid)
 198      {
 199          $attachwhere = "pid='{$pid}'";
 200      }
 201      else
 202      {
 203          $attachwhere = "posthash='".$db->escape_string($mybb->get_input('posthash'))."'";
 204      }
 205  
 206      $ret = add_attachments($pid, $forumpermissions, $attachwhere, "editpost");
 207  
 208      if(!empty($ret['errors']))
 209      {
 210          $errors = $ret['errors'];
 211      }
 212  
 213      // Do we have attachment errors?
 214      if(!empty($errors))
 215      {
 216          $attacherror = inline_error($errors);
 217      }
 218  
 219      // If we were dealing with an attachment but didn't click 'Update Post', force the post edit page again.
 220      if(!isset($mybb->input['submit']))
 221      {
 222          $mybb->input['action'] = "editpost";
 223      }
 224  }
 225  
 226  if($mybb->settings['enableattachments'] == 1 && $mybb->get_input('attachmentaid', MyBB::INPUT_INT) && isset($mybb->input['attachmentact']) && $mybb->input['action'] == "do_editpost" && $mybb->request_method == "post") // Lets remove/approve/unapprove the attachment
 227  {
 228      // Verify incoming POST request
 229      verify_post_check($mybb->get_input('my_post_key'));
 230  
 231      $mybb->input['attachmentaid'] = $mybb->get_input('attachmentaid', MyBB::INPUT_INT);
 232      if($mybb->input['attachmentact'] == "remove")
 233      {
 234          remove_attachment($pid, "", $mybb->input['attachmentaid']);
 235      }
 236      elseif($mybb->get_input('attachmentact') == "approve" && is_moderator($fid, 'canapproveunapproveattachs'))
 237      {
 238          $update_sql = array("visible" => 1);
 239          $db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'");
 240          update_thread_counters($post['tid'], array('attachmentcount' => "+1"));
 241      }
 242      elseif($mybb->get_input('attachmentact') == "unapprove" && is_moderator($fid, 'canapproveunapproveattachs'))
 243      {
 244          $update_sql = array("visible" => 0);
 245          $db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'");
 246          update_thread_counters($post['tid'], array('attachmentcount' => "-1"));
 247      }
 248      if(!isset($mybb->input['submit']))
 249      {
 250          $mybb->input['action'] = "editpost";
 251      }
 252  }
 253  
 254  if($mybb->input['action'] == "deletepost" && $mybb->request_method == "post")
 255  {
 256      // Verify incoming POST request
 257      verify_post_check($mybb->get_input('my_post_key'));
 258  
 259      $plugins->run_hooks("editpost_deletepost");
 260  
 261      if($mybb->get_input('delete', MyBB::INPUT_INT) == 1)
 262      {
 263          $query = $db->simple_select("posts", "pid", "tid='{$tid}'", array("limit" => 1, "order_by" => "dateline", "order_dir" => "asc"));
 264          $firstcheck = $db->fetch_array($query);
 265          if($firstcheck['pid'] == $pid)
 266          {
 267              $firstpost = 1;
 268          }
 269          else
 270          {
 271              $firstpost = 0;
 272          }
 273  
 274          $modlogdata['fid'] = $fid;
 275          $modlogdata['tid'] = $tid;
 276          if($firstpost)
 277          {
 278              if($forumpermissions['candeletethreads'] == 1 || is_moderator($fid, "candeletethreads") || is_moderator($fid, "cansoftdeletethreads"))
 279              {
 280                  require_once  MYBB_ROOT."inc/class_moderation.php";
 281                  $moderation = new Moderation;
 282  
 283                  if($mybb->settings['soft_delete'] == 1 || is_moderator($fid, "cansoftdeletethreads"))
 284                  {
 285                      $modlogdata['pid'] = $pid;
 286  
 287                      $moderation->soft_delete_threads(array($tid));
 288                      log_moderator_action($modlogdata, $lang->thread_soft_deleted);
 289                  }
 290                  else
 291                  {
 292                      $moderation->delete_thread($tid);
 293                      mark_reports($tid, "thread");
 294                      log_moderator_action($modlogdata, $lang->thread_deleted);
 295                  }
 296  
 297                  if($mybb->input['ajax'] == 1)
 298                  {
 299                      header("Content-type: application/json; charset={$lang->settings['charset']}");
 300                      if(is_moderator($fid, "canviewdeleted"))
 301                      {
 302                          echo json_encode(array("data" => '1', "first" => '1'));
 303                      }
 304                      else
 305                      {
 306                          echo json_encode(array("data" => '3', "url" => get_forum_link($fid)));
 307                      }
 308                  }
 309                  else
 310                  {
 311                      redirect(get_forum_link($fid), $lang->redirect_threaddeleted);
 312                  }
 313              }
 314              else
 315              {
 316                  error_no_permission();
 317              }
 318          }
 319          else
 320          {
 321              if($forumpermissions['candeleteposts'] == 1 || is_moderator($fid, "candeleteposts") || is_moderator($fid, "cansoftdeleteposts"))
 322              {
 323                  // Select the first post before this
 324                  require_once  MYBB_ROOT."inc/class_moderation.php";
 325                  $moderation = new Moderation;
 326  
 327                  if($mybb->settings['soft_delete'] == 1 || is_moderator($fid, "cansoftdeleteposts"))
 328                  {
 329                      $modlogdata['pid'] = $pid;
 330  
 331                      $moderation->soft_delete_posts(array($pid));
 332                      log_moderator_action($modlogdata, $lang->post_soft_deleted);
 333                  }
 334                  else
 335                  {
 336                      $moderation->delete_post($pid);
 337                      mark_reports($pid, "post");
 338                      log_moderator_action($modlogdata, $lang->post_deleted);
 339                  }
 340  
 341                  $query = $db->simple_select("posts", "pid", "tid='{$tid}' AND dateline <= '{$post['dateline']}'", array("limit" => 1, "order_by" => "dateline", "order_dir" => "desc"));
 342                  $next_post = $db->fetch_array($query);
 343                  if($next_post['pid'])
 344                  {
 345                      $redirect = get_post_link($next_post['pid'], $tid)."#pid{$next_post['pid']}";
 346                  }
 347                  else
 348                  {
 349                      $redirect = get_thread_link($tid);
 350                  }
 351  
 352                  if($mybb->input['ajax'] == 1)
 353                  {
 354                      header("Content-type: application/json; charset={$lang->settings['charset']}");
 355                      if(is_moderator($fid, "canviewdeleted"))
 356                      {
 357                          echo json_encode(array("data" => '1', "first" => '0'));
 358                      }
 359                      else
 360                      {
 361                          echo json_encode(array("data" => '2'));
 362                      }
 363                  }
 364                  else
 365                  {
 366                      redirect($redirect, $lang->redirect_postdeleted);
 367                  }
 368              }
 369              else
 370              {
 371                  error_no_permission();
 372              }
 373          }
 374      }
 375      else
 376      {
 377          error($lang->redirect_nodelete);
 378      }
 379  }
 380  
 381  if($mybb->input['action'] == "restorepost" && $mybb->request_method == "post")
 382  {
 383      // Verify incoming POST request
 384      verify_post_check($mybb->get_input('my_post_key'));
 385  
 386      $plugins->run_hooks("editpost_restorepost");
 387  
 388      if($mybb->get_input('restore', MyBB::INPUT_INT) == 1)
 389      {
 390          $query = $db->simple_select("posts", "pid", "tid='{$tid}'", array("limit" => 1, "order_by" => "dateline", "order_dir" => "asc"));
 391          $firstcheck = $db->fetch_array($query);
 392          if($firstcheck['pid'] == $pid)
 393          {
 394              $firstpost = 1;
 395          }
 396          else
 397          {
 398              $firstpost = 0;
 399          }
 400  
 401          $modlogdata['fid'] = $fid;
 402          $modlogdata['tid'] = $tid;
 403          $modlogdata['pid'] = $pid;
 404          if($firstpost)
 405          {
 406              if(is_moderator($fid, "canrestorethreads"))
 407              {
 408                  require_once  MYBB_ROOT."inc/class_moderation.php";
 409                  $moderation = new Moderation;
 410                  $moderation->restore_threads(array($tid));
 411                  log_moderator_action($modlogdata, $lang->thread_restored);
 412                  if($mybb->input['ajax'] == 1)
 413                  {
 414                      header("Content-type: application/json; charset={$lang->settings['charset']}");
 415                      echo json_encode(array("data" => '1', "first" => '1'));
 416                  }
 417                  else
 418                  {
 419                      redirect(get_forum_link($fid), $lang->redirect_threadrestored);
 420                  }
 421              }
 422              else
 423              {
 424                  error_no_permission();
 425              }
 426          }
 427          else
 428          {
 429              if(is_moderator($fid, "canrestoreposts"))
 430              {
 431                  // Select the first post before this
 432                  require_once  MYBB_ROOT."inc/class_moderation.php";
 433                  $moderation = new Moderation;
 434                  $moderation->restore_posts(array($pid));
 435                  log_moderator_action($modlogdata, $lang->post_restored);
 436                  $redirect = get_post_link($pid, $tid)."#pid{$pid}";
 437  
 438                  if($mybb->input['ajax'] == 1)
 439                  {
 440                      header("Content-type: application/json; charset={$lang->settings['charset']}");
 441                      echo json_encode(array("data" => '1', "first" => '0'));
 442                  }
 443                  else
 444                  {
 445                      redirect($redirect, $lang->redirect_postrestored);
 446                  }
 447              }
 448              else
 449              {
 450                  error_no_permission();
 451              }
 452          }
 453      }
 454      else
 455      {
 456          error($lang->redirect_norestore);
 457      }
 458  }
 459  
 460  if($mybb->input['action'] == "do_editpost" && $mybb->request_method == "post")
 461  {
 462      // Verify incoming POST request
 463      verify_post_check($mybb->get_input('my_post_key'));
 464  
 465      $plugins->run_hooks("editpost_do_editpost_start");
 466  
 467      // Set up posthandler.
 468      require_once  MYBB_ROOT."inc/datahandlers/post.php";
 469      $posthandler = new PostDataHandler("update");
 470      $posthandler->action = "post";
 471  
 472      // Set the post data that came from the input to the $post array.
 473      $post = array(
 474          "pid" => $mybb->input['pid'],
 475          "prefix" => $mybb->get_input('threadprefix', MyBB::INPUT_INT),
 476          "subject" => $mybb->get_input('subject'),
 477          "icon" => $mybb->get_input('icon', MyBB::INPUT_INT),
 478          "uid" => $post['uid'],
 479          "username" => $post['username'],
 480          "edit_uid" => $mybb->user['uid'],
 481          "message" => $mybb->get_input('message'),
 482          "editreason" => $mybb->get_input('editreason'),
 483      );
 484  
 485      $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY);
 486      if(!isset($postoptions['signature']))
 487      {
 488          $postoptions['signature'] = 0;
 489      }
 490      if(!isset($postoptions['subscriptionmethod']))
 491      {
 492          $postoptions['subscriptionmethod'] = 0;
 493      }
 494      if(!isset($postoptions['disablesmilies']))
 495      {
 496          $postoptions['disablesmilies'] = 0;
 497      }
 498  
 499      // Set up the post options from the input.
 500      $post['options'] = array(
 501          "signature" => $postoptions['signature'],
 502          "subscriptionmethod" => $postoptions['subscriptionmethod'],
 503          "disablesmilies" => $postoptions['disablesmilies']
 504      );
 505  
 506      $posthandler->set_data($post);
 507  
 508      // Now let the post handler do all the hard work.
 509      if(!$posthandler->validate_post())
 510      {
 511          $post_errors = $posthandler->get_friendly_errors();
 512          $post_errors = inline_error($post_errors);
 513          $mybb->input['action'] = "editpost";
 514      }
 515      // No errors were found, we can call the update method.
 516      else
 517      {
 518          $postinfo = $posthandler->update_post();
 519          $visible = $postinfo['visible'];
 520          $first_post = $postinfo['first_post'];
 521  
 522          // Help keep our attachments table clean.
 523          $db->delete_query("attachments", "filename='' OR filesize<1");
 524  
 525          // Did the user choose to post a poll? Redirect them to the poll posting page.
 526          if($mybb->get_input('postpoll', MyBB::INPUT_INT) && $forumpermissions['canpostpolls'])
 527          {
 528              $url = "polls.php?action=newpoll&tid=$tid&polloptions=".$mybb->get_input('numpolloptions', MyBB::INPUT_INT);
 529              $lang->redirect_postedited = $lang->redirect_postedited_poll;
 530          }
 531          else if($visible == 0 && $first_post && !is_moderator($fid, "canviewunapprove", $mybb->user['uid']))
 532          {
 533              // Moderated post
 534              $lang->redirect_postedited .= $lang->redirect_thread_moderation;
 535              $url = get_forum_link($fid);
 536          }
 537          else if($visible == 0 && !is_moderator($fid, "canviewunapprove", $mybb->user['uid']))
 538          {
 539              $lang->redirect_postedited .= $lang->redirect_post_moderation;
 540              $url = get_thread_link($tid);
 541          }
 542          // Otherwise, send them back to their post
 543          else
 544          {
 545              $lang->redirect_postedited .= $lang->redirect_postedited_redirect;
 546              $url = get_post_link($pid, $tid)."#pid{$pid}";
 547          }
 548          $plugins->run_hooks("editpost_do_editpost_end");
 549  
 550          redirect($url, $lang->redirect_postedited);
 551      }
 552  }
 553  
 554  if(!$mybb->input['action'] || $mybb->input['action'] == "editpost")
 555  {
 556      $plugins->run_hooks("editpost_action_start");
 557  
 558      if(!isset($mybb->input['previewpost']))
 559      {
 560          $icon = $post['icon'];
 561      }
 562  
 563      if($forum['allowpicons'] != 0)
 564      {
 565          $posticons = get_post_icons();
 566      }
 567  
 568      $mybb->user['username'] = htmlspecialchars_uni($mybb->user['username']);
 569      eval("\$loginbox = \"".$templates->get("changeuserbox")."\";");
 570  
 571      $deletebox = '';
 572      // Can we delete posts?
 573      if($post['visible'] != -1 && (is_moderator($fid, "candeleteposts") || $forumpermissions['candeleteposts'] == 1 && $mybb->user['uid'] == $post['uid']))
 574      {
 575          eval("\$deletebox = \"".$templates->get("editpost_delete")."\";");
 576      }
 577  
 578      $bgcolor = "trow1";
 579      if($mybb->settings['enableattachments'] != 0 && $forumpermissions['canpostattachments'] != 0)
 580      { // Get a listing of the current attachments, if there are any
 581          $attachcount = 0;
 582          $query = $db->simple_select("attachments", "*", "pid='{$pid}'");
 583          $attachments = '';
 584          while($attachment = $db->fetch_array($query))
 585          {
 586              $attachment['size'] = get_friendly_size($attachment['filesize']);
 587              $attachment['icon'] = get_attachment_icon(get_extension($attachment['filename']));
 588              $attachment['filename'] = htmlspecialchars_uni($attachment['filename']);
 589  
 590              if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0)
 591              {
 592                  eval("\$postinsert = \"".$templates->get("post_attachments_attachment_postinsert")."\";");
 593              }
 594              // Moderating options
 595              $attach_mod_options = '';
 596              if(is_moderator($fid))
 597              {
 598                  if($attachment['visible'] == 1)
 599                  {
 600                      eval("\$attach_mod_options = \"".$templates->get("post_attachments_attachment_mod_unapprove")."\";");
 601                  }
 602                  else
 603                  {
 604                      eval("\$attach_mod_options = \"".$templates->get("post_attachments_attachment_mod_approve")."\";");
 605                  }
 606              }
 607  
 608              // Remove Attachment
 609              eval("\$attach_rem_options = \"".$templates->get("post_attachments_attachment_remove")."\";");
 610  
 611              if($attachment['visible'] != 1)
 612              {
 613                  eval("\$attachments .= \"".$templates->get("post_attachments_attachment_unapproved")."\";");
 614              }
 615              else
 616              {
 617                  eval("\$attachments .= \"".$templates->get("post_attachments_attachment")."\";");
 618              }
 619              $attachcount++;
 620          }
 621          $query = $db->simple_select("attachments", "SUM(filesize) AS ausage", "uid='".$mybb->user['uid']."'");
 622          $usage = $db->fetch_array($query);
 623          if($usage['ausage'] > ($mybb->usergroup['attachquota']*1024) && $mybb->usergroup['attachquota'] != 0)
 624          {
 625              $noshowattach = 1;
 626          }
 627          else
 628          {
 629              $noshowattach = 0;
 630          }
 631          if($mybb->usergroup['attachquota'] == 0)
 632          {
 633              $friendlyquota = $lang->unlimited;
 634          }
 635          else
 636          {
 637              $friendlyquota = get_friendly_size($mybb->usergroup['attachquota']*1024);
 638          }
 639          $friendlyusage = get_friendly_size($usage['ausage']);
 640          $lang->attach_quota = $lang->sprintf($lang->attach_quota, $friendlyusage, $friendlyquota);
 641          if($mybb->settings['maxattachments'] == 0 || ($mybb->settings['maxattachments'] != 0 && $attachcount < $mybb->settings['maxattachments']) && !$noshowattach)
 642          {
 643              eval("\$attach_add_options = \"".$templates->get("post_attachments_add")."\";");
 644          }
 645  
 646          if(($mybb->usergroup['caneditattachments'] || $forumpermissions['caneditattachments']) && $attachcount > 0)
 647          {
 648              eval("\$attach_update_options = \"".$templates->get("post_attachments_update")."\";");
 649          }
 650  
 651          if($attach_add_options || $attach_update_options)
 652          {
 653              eval("\$newattach = \"".$templates->get("post_attachments_new")."\";");
 654          }
 655          eval("\$attachbox = \"".$templates->get("post_attachments")."\";");
 656      }
 657      if(!$mybb->get_input('attachmentaid', MyBB::INPUT_INT) && !$mybb->get_input('newattachment') && !$mybb->get_input('updateattachment') && !isset($mybb->input['previewpost']))
 658      {
 659          $message = $post['message'];
 660          $subject = $post['subject'];
 661          $reason = htmlspecialchars_uni($post['editreason']);
 662      }
 663      else
 664      {
 665          $message = $mybb->get_input('message');
 666          $subject = $mybb->get_input('subject');
 667          $reason = htmlspecialchars_uni($mybb->get_input('editreason'));
 668      }
 669  
 670      if(!isset($post_errors))
 671      {
 672          $post_errors = '';
 673      }
 674  
 675      $subscribe = $nonesubscribe = $emailsubscribe = $pmsubscribe = '';
 676      $postoptionschecked = array('signature' => '', 'disablesmilies' => '');
 677  
 678      if(!empty($mybb->input['previewpost']) || $post_errors)
 679      {
 680          // Set up posthandler.
 681          require_once  MYBB_ROOT."inc/datahandlers/post.php";
 682          $posthandler = new PostDataHandler("update");
 683          $posthandler->action = "post";
 684  
 685          // Set the post data that came from the input to the $post array.
 686          $post = array(
 687              "pid" => $mybb->input['pid'],
 688              "prefix" => $mybb->get_input('threadprefix', MyBB::INPUT_INT),
 689              "subject" => $mybb->get_input('subject'),
 690              "icon" => $mybb->get_input('icon', MyBB::INPUT_INT),
 691              "uid" => $post['uid'],
 692              "username" => $post['username'],
 693              "edit_uid" => $mybb->user['uid'],
 694              "message" => $mybb->get_input('message'),
 695          );
 696  
 697          $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY);
 698          if(!isset($postoptions['signature']))
 699          {
 700              $postoptions['signature'] = 0;
 701          }
 702          if(!isset($postoptions['emailnotify']))
 703          {
 704              $postoptions['emailnotify'] = 0;
 705          }
 706          if(!isset($postoptions['disablesmilies']))
 707          {
 708              $postoptions['disablesmilies'] = 0;
 709          }
 710  
 711          // Set up the post options from the input.
 712          $post['options'] = array(
 713              "signature" => $postoptions['signature'],
 714              "emailnotify" => $postoptions['emailnotify'],
 715              "disablesmilies" => $postoptions['disablesmilies']
 716          );
 717  
 718          $posthandler->set_data($post);
 719  
 720          // Now let the post handler do all the hard work.
 721          if(!$posthandler->validate_post())
 722          {
 723              $post_errors = $posthandler->get_friendly_errors();
 724              $post_errors = inline_error($post_errors);
 725              $mybb->input['action'] = "editpost";
 726              $mybb->input['previewpost'] = 0;
 727          }
 728          else
 729          {
 730              $previewmessage = $message;
 731              $previewsubject = $subject;
 732              $message = htmlspecialchars_uni($message);
 733              $subject = htmlspecialchars_uni($subject);
 734  
 735              $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY);
 736  
 737              if(isset($postoptions['signature']) && $postoptions['signature'] == 1)
 738              {
 739                  $postoptionschecked['signature'] = " checked=\"checked\"";
 740              }
 741  
 742              if(isset($postoptions['disablesmilies']) && $postoptions['disablesmilies'] == 1)
 743              {
 744                  $postoptionschecked['disablesmilies'] = " checked=\"checked\"";
 745              }
 746              
 747              $subscription_method = get_subscription_method($tid, $postoptions);
 748              ${$subscription_method.'subscribe'} = "checked=\"checked\" ";
 749          }
 750      }
 751  
 752      if(!empty($mybb->input['previewpost']))
 753      {
 754          if(!$post['uid'])
 755          {
 756              $query = $db->simple_select('posts', 'username, dateline', "pid='{$pid}'");
 757              $postinfo = $db->fetch_array($query);
 758          }
 759          else
 760          {
 761              // Figure out the poster's other information.
 762              $query = $db->query("
 763                  SELECT u.*, f.*, p.dateline
 764                  FROM ".TABLE_PREFIX."users u
 765                  LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid)
 766                  LEFT JOIN ".TABLE_PREFIX."posts p ON (p.uid=u.uid)
 767                  WHERE u.uid='{$post['uid']}' AND p.pid='{$pid}'
 768                  LIMIT 1
 769              ");
 770              $postinfo = $db->fetch_array($query);
 771              $postinfo['userusername'] = $postinfo['username'];
 772          }
 773  
 774          $query = $db->simple_select("attachments", "*", "pid='{$pid}'");
 775          while($attachment = $db->fetch_array($query))
 776          {
 777              $attachcache[0][$attachment['aid']] = $attachment;
 778          }
 779  
 780          if(!isset($postoptions['disablesmilies']))
 781          {
 782              $postoptions['disablesmilies'] = 0;
 783          }
 784  
 785          // Set the values of the post info array.
 786          $postinfo['message'] = $previewmessage;
 787          $postinfo['subject'] = $previewsubject;
 788          $postinfo['icon'] = $icon;
 789          $postinfo['smilieoff'] = $postoptions['disablesmilies'];
 790  
 791          $postbit = build_postbit($postinfo, 1);
 792          eval("\$preview = \"".$templates->get("previewpost")."\";");
 793      }
 794      else if(!$post_errors)
 795      {
 796          $message = htmlspecialchars_uni($message);
 797          $subject = htmlspecialchars_uni($subject);
 798  
 799          $preview = '';
 800  
 801          if($post['includesig'] != 0)
 802          {
 803              $postoptionschecked['signature'] = " checked=\"checked\"";
 804          }
 805  
 806          if($post['smilieoff'] == 1)
 807          {
 808              $postoptionschecked['disablesmilies'] = " checked=\"checked\"";
 809          }
 810  
 811          $subscription_method = get_subscription_method($tid, $postoptions);
 812          ${$subscription_method.'subscribe'} = "checked=\"checked\" ";
 813      }
 814  
 815      // Generate thread prefix selector if this is the first post of the thread
 816      if($thread['firstpost'] == $pid)
 817      {
 818          if(!$mybb->get_input('threadprefix', MyBB::INPUT_INT))
 819          {
 820              $mybb->input['threadprefix'] = $thread['prefix'];
 821          }
 822  
 823          $prefixselect = build_prefix_select($forum['fid'], $mybb->get_input('threadprefix', MyBB::INPUT_INT), 0, $thread['prefix']);
 824      }
 825      else
 826      {
 827          $prefixselect = "";
 828      }
 829  
 830      $editreason = '';
 831      if($mybb->settings['alloweditreason'] == 1)
 832      {
 833          eval("\$editreason = \"".$templates->get("editpost_reason")."\";");
 834          $bgcolor = "trow2";
 835          $bgcolor2 = "trow1";
 836      }
 837      else
 838      {
 839          $bgcolor = "trow1";
 840          $bgcolor2 = "trow2";
 841      }
 842  
 843      // Fetch subscription select box
 844      eval("\$subscriptionmethod = \"".$templates->get("post_subscription_method")."\";");
 845  
 846      $query = $db->simple_select("posts", "*", "tid='{$tid}'", array("limit" => 1, "order_by" => "dateline", "order_dir" => "asc"));
 847      $firstcheck = $db->fetch_array($query);
 848  
 849      $time = TIME_NOW;
 850      if($firstcheck['pid'] == $pid && $forumpermissions['canpostpolls'] != 0 && $thread['poll'] < 1 && (is_moderator($fid, "canmanagepolls") || $thread['dateline'] > ($time-($mybb->settings['polltimelimit']*60*60)) || $mybb->settings['polltimelimit'] == 0))
 851      {
 852          $lang->max_options = $lang->sprintf($lang->max_options, $mybb->settings['maxpolloptions']);
 853          $numpolloptions = $mybb->get_input('numpolloptions', MyBB::INPUT_INT);
 854          $postpollchecked = '';
 855          
 856          if($numpolloptions < 1)
 857          {
 858              $numpolloptions = 2;
 859          }
 860          
 861          if($mybb->get_input('postpoll', MyBB::INPUT_INT) == 1)
 862          {
 863              $postpollchecked = 'checked="checked"';
 864          }
 865          
 866          eval("\$pollbox = \"".$templates->get("newthread_postpoll")."\";");
 867      }
 868      else
 869      {
 870          $pollbox = '';
 871      }
 872  
 873      // Hide signature option if no permission
 874      $signature = '';
 875      if($mybb->usergroup['canusesig'] == 1 && !$mybb->user['suspendsignature'])
 876      {
 877          eval("\$signature = \"".$templates->get('editpost_signature')."\";");
 878      }
 879  
 880      // Can we disable smilies or are they disabled already?
 881      $disablesmilies = '';
 882      if($forum['allowsmilies'] != 0)
 883      {
 884          eval("\$disablesmilies = \"".$templates->get("editpost_disablesmilies")."\";");
 885      }
 886  
 887      $postoptions = '';
 888      if(!empty($signature) || !empty($disablesmilies))
 889      {
 890          eval("\$postoptions = \"".$templates->get("editpost_postoptions")."\";");
 891      }
 892  
 893      $moderation_notice = '';
 894      if(!is_moderator($forum['fid'], "canapproveunapproveattachs"))
 895      {
 896          if($forumpermissions['modattachments'] == 1  && $forumpermissions['canpostattachments'] != 0)
 897          {
 898              $moderation_text = $lang->moderation_forum_attachments;
 899              eval('$moderation_notice = "'.$templates->get('global_moderation_notice').'";');
 900          }
 901      }
 902  
 903      if(!is_moderator($forum['fid'], "canapproveunapproveposts"))
 904      {
 905          if($forumpermissions['mod_edit_posts'] == 1)
 906          {
 907              $moderation_text = $lang->moderation_forum_edits;
 908              eval('$moderation_notice = "'.$templates->get('global_moderation_notice').'";');
 909          }
 910      }
 911  
 912      $php_max_upload_filesize = return_bytes(ini_get('max_upload_filesize'));
 913      $php_post_max_size = return_bytes(ini_get('post_max_size'));
 914  
 915      if ($php_max_upload_filesize != 0 && $php_post_max_size != 0)
 916      {
 917          $php_max_upload_size = min($php_max_upload_filesize, $php_post_max_size);
 918      }
 919      else
 920      {
 921          $php_max_upload_size = max($php_max_upload_filesize, $php_post_max_size);
 922      }
 923  
 924      $php_max_file_uploads = (int)ini_get('max_file_uploads');
 925      eval("\$post_javascript = \"".$templates->get("post_javascript")."\";");
 926  
 927      $plugins->run_hooks("editpost_end");
 928  
 929      $forum['name'] = strip_tags($forum['name']);
 930  
 931      eval("\$editpost = \"".$templates->get("editpost")."\";");
 932      output_page($editpost);
 933  }


2005 - 2018 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref 0.7.1