| [ Index ] |
PHP Cross Reference of MyBB 1.8.40 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 define("IN_MYBB", 1); 12 define('THIS_SCRIPT', 'editpost.php'); 13 14 $templatelist = "editpost,previewpost,changeuserbox,codebuttons,post_attachments_attachment_postinsert,post_attachments_attachment_mod_unapprove,postbit_attachments_thumbnails,postbit_profilefield_multiselect_value"; 15 $templatelist .= ",editpost_delete,forumdisplay_password_wrongpass,forumdisplay_password,editpost_reason,post_attachments_attachment_remove,post_attachments_update,post_subscription_method,postbit_profilefield_multiselect"; 16 $templatelist .= ",postbit_avatar,postbit_find,postbit_pm,postbit_rep_button,postbit_www,postbit_email,postbit_reputation,postbit_warn,postbit_warninglevel,postbit_author_user,posticons"; 17 $templatelist .= ",postbit_signature,postbit_classic,postbit,postbit_attachments_thumbnails_thumbnail,postbit_attachments_images_image,postbit_attachments_attachment,postbit_attachments_attachment_unapproved"; 18 $templatelist .= ",posticons_icon,post_prefixselect_prefix,post_prefixselect_single,newthread_postpoll,editpost_disablesmilies,post_attachments_attachment_mod_approve,post_attachments_attachment_unapproved"; 19 $templatelist .= ",postbit_warninglevel_formatted,postbit_reputation_formatted_link,editpost_signature,attachment_icon,post_attachments_attachment,post_attachments_add,post_attachments,editpost_postoptions,post_attachments_viewlink"; 20 $templatelist .= ",postbit_attachments_images,global_moderation_notice,post_attachments_new,postbit_attachments,postbit_online,postbit_away,postbit_offline,postbit_gotopost,postbit_userstar,postbit_icon"; 21 22 require_once "./global.php"; 23 require_once MYBB_ROOT."inc/functions_post.php"; 24 require_once MYBB_ROOT."inc/functions_upload.php"; 25 require_once MYBB_ROOT."inc/class_parser.php"; 26 $parser = new postParser; 27 28 // Load global language phrases 29 $lang->load("editpost"); 30 31 $plugins->run_hooks("editpost_start"); 32 33 // No permission for guests 34 if(!$mybb->user['uid']) 35 { 36 error_no_permission(); 37 } 38 39 // Get post info 40 $pid = $mybb->get_input('pid', MyBB::INPUT_INT); 41 42 // if we already have the post information... 43 if(isset($style) && $style['pid'] == $pid && $style['type'] != 'f') 44 { 45 $post = &$style; 46 } 47 else 48 { 49 $post = get_post($pid); 50 } 51 52 if(!$post || ($post['visible'] == -1 && $mybb->input['action'] != "restorepost")) 53 { 54 error($lang->error_invalidpost); 55 } 56 57 // Get thread info 58 $tid = $post['tid']; 59 $thread = get_thread($tid); 60 61 if(!$thread) 62 { 63 error($lang->error_invalidthread); 64 } 65 66 $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); 67 68 // Get forum info 69 $fid = $post['fid']; 70 $forum = get_forum($fid); 71 72 if($thread['visible'] == 0 && !is_moderator($fid, "canviewunapprove") || $thread['visible'] == -1 && !is_moderator($fid, "canviewdeleted") || ($thread['visible'] < -1 && $thread['uid'] != $mybb->user['uid'])) 73 { 74 if($thread['visible'] == 0 && !($mybb->settings['showownunapproved'] && $thread['uid'] == $mybb->user['uid'])) 75 { 76 error($lang->error_invalidthread); 77 } 78 } 79 if(!$forum || $forum['type'] != "f") 80 { 81 error($lang->error_closedinvalidforum); 82 } 83 if(($forum['open'] == 0 && !is_moderator($fid, "caneditposts")) || $mybb->user['suspendposting'] == 1) 84 { 85 error_no_permission(); 86 } 87 88 // Add prefix to breadcrumb 89 $breadcrumbprefix = ''; 90 if($thread['prefix']) 91 { 92 $threadprefixes = build_prefixes(); 93 if(!empty($threadprefixes[$thread['prefix']])) 94 { 95 $breadcrumbprefix = $threadprefixes[$thread['prefix']]['displaystyle'].' '; 96 } 97 } 98 99 // Make navigation 100 build_forum_breadcrumb($fid); 101 add_breadcrumb($breadcrumbprefix.$thread['subject'], get_thread_link($thread['tid'])); 102 add_breadcrumb($lang->nav_editpost); 103 104 $forumpermissions = forum_permissions($fid); 105 106 if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0) 107 { 108 $codebuttons = build_mycode_inserter("message", $mybb->settings['smilieinserter']); 109 } 110 if($mybb->settings['smilieinserter'] != 0) 111 { 112 $smilieinserter = build_clickable_smilies(); 113 } 114 115 $mybb->input['action'] = $mybb->get_input('action'); 116 if(!$mybb->input['action'] || isset($mybb->input['previewpost'])) 117 { 118 $mybb->input['action'] = "editpost"; 119 } 120 121 if($mybb->input['action'] == "deletepost" && $mybb->request_method == "post") 122 { 123 if(!is_moderator($fid, "candeleteposts") && !is_moderator($fid, "cansoftdeleteposts") && $pid != $thread['firstpost'] || !is_moderator($fid, "candeletethreads") && !is_moderator($fid, "cansoftdeletethreads") && $pid == $thread['firstpost']) 124 { 125 if($thread['closed'] == 1) 126 { 127 error($lang->redirect_threadclosed); 128 } 129 if($forumpermissions['candeleteposts'] == 0 && $pid != $thread['firstpost'] || $forumpermissions['candeletethreads'] == 0 && $pid == $thread['firstpost']) 130 { 131 error_no_permission(); 132 } 133 if($mybb->user['uid'] != $post['uid']) 134 { 135 error_no_permission(); 136 } 137 // User can't delete unapproved post unless allowed for own 138 if($post['visible'] == 0 && !($mybb->settings['showownunapproved'] && $post['uid'] == $mybb->user['uid'])) 139 { 140 error_no_permission(); 141 } 142 } 143 if($post['visible'] == -1 && $mybb->settings['soft_delete'] == 1) 144 { 145 error($lang->error_already_deleted); 146 } 147 } 148 elseif($mybb->input['action'] == "restorepost" && $mybb->request_method == "post") 149 { 150 if(!is_moderator($fid, "canrestoreposts") && $pid != $thread['firstpost'] || !is_moderator($fid, "canrestorethreads") && $pid == $thread['firstpost'] || $post['visible'] != -1) 151 { 152 error_no_permission(); 153 } 154 } 155 else 156 { 157 if(!is_moderator($fid, "caneditposts")) 158 { 159 if($thread['closed'] == 1) 160 { 161 error($lang->redirect_threadclosed); 162 } 163 if($forumpermissions['caneditposts'] == 0) 164 { 165 error_no_permission(); 166 } 167 if($mybb->user['uid'] != $post['uid']) 168 { 169 error_no_permission(); 170 } 171 // Edit time limit 172 $time = TIME_NOW; 173 if($mybb->usergroup['edittimelimit'] != 0 && $post['dateline'] < ($time-($mybb->usergroup['edittimelimit']*60))) 174 { 175 $lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->usergroup['edittimelimit']); 176 error($lang->edit_time_limit); 177 } 178 // User can't edit unapproved post 179 if(($post['visible'] == 0 && !($mybb->settings['showownunapproved'] && $post['uid'] == $mybb->user['uid'])) || $post['visible'] == -1) 180 { 181 error_no_permission(); 182 } 183 } 184 } 185 186 // Check if this forum is password protected and we have a valid password 187 check_forum_password($forum['fid']); 188 189 if((empty($_POST) && empty($_FILES)) && $mybb->get_input('processed', MyBB::INPUT_INT) == '1') 190 { 191 error($lang->error_empty_post_input); 192 } 193 194 $attacherror = ''; 195 if($mybb->settings['enableattachments'] == 1 && ($mybb->get_input('newattachment') || $mybb->get_input('updateattachment') || ((($mybb->input['action'] == "do_editpost" && isset($mybb->input['submitbutton'])) || ($mybb->input['action'] == "editpost" && isset($mybb->input['previewpost']))) && isset($_FILES['attachments'])))) 196 { 197 // Verify incoming POST request 198 verify_post_check($mybb->get_input('my_post_key')); 199 200 if($pid) 201 { 202 $attachwhere = "pid='{$pid}'"; 203 } 204 else 205 { 206 $attachwhere = "posthash='".$db->escape_string($mybb->get_input('posthash'))."'"; 207 } 208 209 $ret = add_attachments($pid, $forumpermissions, $attachwhere, "editpost"); 210 211 if($mybb->get_input('ajax', MyBB::INPUT_INT) == 1) 212 { 213 if(isset($ret['success'])) 214 { 215 $attachment = array('aid'=>'{1}', 'icon'=>'{2}', 'filename'=>'{3}', 'size'=>'{4}'); 216 if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0) 217 { 218 eval("\$postinsert = \"".$templates->get("post_attachments_attachment_postinsert")."\";"); 219 } 220 // Moderating options 221 $attach_mod_options = ''; 222 if(is_moderator($fid)) 223 { 224 eval("\$attach_mod_options = \"".$templates->get("post_attachments_attachment_mod_unapprove")."\";"); 225 } 226 eval("\$attach_rem_options = \"".$templates->get("post_attachments_attachment_remove")."\";"); 227 eval("\$attemplate = \"".$templates->get("post_attachments_attachment")."\";"); 228 $ret['template'] = $attemplate; 229 230 $query = $db->simple_select("attachments", "SUM(filesize) AS ausage", "uid='".$mybb->user['uid']."'"); 231 $usage = $db->fetch_array($query); 232 $ret['usage'] = get_friendly_size($usage['ausage']); 233 } 234 235 header("Content-type: application/json; charset={$lang->settings['charset']}"); 236 echo json_encode($ret); 237 exit(); 238 } 239 240 if(!empty($ret['errors'])) 241 { 242 $errors = $ret['errors']; 243 } 244 245 // Do we have attachment errors? 246 if(!empty($errors)) 247 { 248 $attacherror = inline_error($errors); 249 } 250 251 // If we were dealing with an attachment but didn't click 'Update Post', force the post edit page again. 252 if(!isset($mybb->input['submitbutton'])) 253 { 254 $mybb->input['action'] = "editpost"; 255 } 256 } 257 258 detect_attachmentact(); 259 260 if($mybb->settings['enableattachments'] == 1 && $mybb->get_input('attachmentaid', MyBB::INPUT_INT) && isset($mybb->input['attachmentact']) && $mybb->input['action'] == "do_editpost" && $mybb->request_method == "post") // Lets remove/approve/unapprove the attachment 261 { 262 // Verify incoming POST request 263 verify_post_check($mybb->get_input('my_post_key')); 264 265 $mybb->input['attachmentaid'] = $mybb->get_input('attachmentaid', MyBB::INPUT_INT); 266 if($mybb->input['attachmentact'] == "remove") 267 { 268 remove_attachment($pid, "", $mybb->input['attachmentaid']); 269 } 270 elseif($mybb->get_input('attachmentact') == "approve" && is_moderator($fid, 'canapproveunapproveattachs')) 271 { 272 $update_sql = array("visible" => 1); 273 $db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'"); 274 update_thread_counters($post['tid'], array('attachmentcount' => "+1")); 275 } 276 elseif($mybb->get_input('attachmentact') == "unapprove" && is_moderator($fid, 'canapproveunapproveattachs')) 277 { 278 $update_sql = array("visible" => 0); 279 $db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'"); 280 update_thread_counters($post['tid'], array('attachmentcount' => "-1")); 281 } 282 283 if($mybb->get_input('ajax', MyBB::INPUT_INT) == 1) 284 { 285 $query = $db->simple_select("attachments", "SUM(filesize) AS ausage", "uid='".$mybb->user['uid']."'"); 286 $usage = $db->fetch_array($query); 287 288 header("Content-type: application/json; charset={$lang->settings['charset']}"); 289 echo json_encode(array("success" => true, "usage" => get_friendly_size($usage['ausage']))); 290 exit(); 291 } 292 293 if(!isset($mybb->input['submitbutton'])) 294 { 295 $mybb->input['action'] = "editpost"; 296 } 297 } 298 299 if($mybb->input['action'] == "deletepost" && $mybb->request_method == "post") 300 { 301 // Verify incoming POST request 302 verify_post_check($mybb->get_input('my_post_key')); 303 304 $plugins->run_hooks("editpost_deletepost"); 305 306 if($mybb->get_input('delete', MyBB::INPUT_INT) == 1) 307 { 308 $query = $db->simple_select("posts", "pid", "tid='{$tid}'", array("limit" => 1, "order_by" => "dateline, pid")); 309 $firstcheck = $db->fetch_array($query); 310 if($firstcheck['pid'] == $pid) 311 { 312 $firstpost = 1; 313 } 314 else 315 { 316 $firstpost = 0; 317 } 318 319 $modlogdata['fid'] = $fid; 320 $modlogdata['tid'] = $tid; 321 if($firstpost) 322 { 323 if($forumpermissions['candeletethreads'] == 1 || is_moderator($fid, "candeletethreads") || is_moderator($fid, "cansoftdeletethreads")) 324 { 325 require_once MYBB_ROOT."inc/class_moderation.php"; 326 $moderation = new Moderation; 327 328 if($mybb->settings['soft_delete'] == 1 || is_moderator($fid, "cansoftdeletethreads")) 329 { 330 $modlogdata['pid'] = $pid; 331 332 $moderation->soft_delete_threads(array($tid)); 333 log_moderator_action($modlogdata, $lang->thread_soft_deleted); 334 } 335 else 336 { 337 $moderation->delete_thread($tid); 338 mark_reports($tid, "thread"); 339 log_moderator_action($modlogdata, $lang->thread_deleted); 340 } 341 342 if(!empty($mybb->input['ajax'])) 343 { 344 header("Content-type: application/json; charset={$lang->settings['charset']}"); 345 if(is_moderator($fid, "canviewdeleted")) 346 { 347 echo json_encode(array("data" => '1', "first" => '1')); 348 } 349 else 350 { 351 echo json_encode(array("data" => '3', "url" => get_forum_link($fid))); 352 } 353 } 354 else 355 { 356 redirect(get_forum_link($fid), $lang->redirect_threaddeleted); 357 } 358 } 359 else 360 { 361 error_no_permission(); 362 } 363 } 364 else 365 { 366 if($forumpermissions['candeleteposts'] == 1 || is_moderator($fid, "candeleteposts") || is_moderator($fid, "cansoftdeleteposts")) 367 { 368 // Select the first post before this 369 require_once MYBB_ROOT."inc/class_moderation.php"; 370 $moderation = new Moderation; 371 372 if($mybb->settings['soft_delete'] == 1 || is_moderator($fid, "cansoftdeleteposts")) 373 { 374 $modlogdata['pid'] = $pid; 375 376 $moderation->soft_delete_posts(array($pid)); 377 log_moderator_action($modlogdata, $lang->post_soft_deleted); 378 } 379 else 380 { 381 $moderation->delete_post($pid); 382 mark_reports($pid, "post"); 383 log_moderator_action($modlogdata, $lang->post_deleted); 384 } 385 386 $query = $db->simple_select("posts", "pid", "tid='{$tid}' AND dateline <= '{$post['dateline']}'", array("limit" => 1, "order_by" => "dateline DESC, pid DESC")); 387 $next_post = $db->fetch_array($query); 388 if($next_post['pid']) 389 { 390 $redirect = get_post_link($next_post['pid'], $tid)."#pid{$next_post['pid']}"; 391 } 392 else 393 { 394 $redirect = get_thread_link($tid); 395 } 396 397 if($mybb->get_input('ajax', MyBB::INPUT_INT) == 1) 398 { 399 header("Content-type: application/json; charset={$lang->settings['charset']}"); 400 if(is_moderator($fid, "canviewdeleted")) 401 { 402 echo json_encode(array("data" => '1', "first" => '0')); 403 } 404 else 405 { 406 echo json_encode(array("data" => '2')); 407 } 408 } 409 else 410 { 411 redirect($redirect, $lang->redirect_postdeleted); 412 } 413 } 414 else 415 { 416 error_no_permission(); 417 } 418 } 419 } 420 else 421 { 422 error($lang->redirect_nodelete); 423 } 424 } 425 426 if($mybb->input['action'] == "restorepost" && $mybb->request_method == "post") 427 { 428 // Verify incoming POST request 429 verify_post_check($mybb->get_input('my_post_key')); 430 431 $plugins->run_hooks("editpost_restorepost"); 432 433 if($mybb->get_input('restore', MyBB::INPUT_INT) == 1) 434 { 435 $query = $db->simple_select("posts", "pid", "tid='{$tid}'", array("limit" => 1, "order_by" => "dateline, pid")); 436 $firstcheck = $db->fetch_array($query); 437 if($firstcheck['pid'] == $pid) 438 { 439 $firstpost = 1; 440 } 441 else 442 { 443 $firstpost = 0; 444 } 445 446 $modlogdata['fid'] = $fid; 447 $modlogdata['tid'] = $tid; 448 $modlogdata['pid'] = $pid; 449 if($firstpost) 450 { 451 if(is_moderator($fid, "canrestorethreads")) 452 { 453 require_once MYBB_ROOT."inc/class_moderation.php"; 454 $moderation = new Moderation; 455 $moderation->restore_threads(array($tid)); 456 log_moderator_action($modlogdata, $lang->thread_restored); 457 if($mybb->input['ajax'] == 1) 458 { 459 header("Content-type: application/json; charset={$lang->settings['charset']}"); 460 echo json_encode(array("data" => '1', "first" => '1')); 461 } 462 else 463 { 464 redirect(get_forum_link($fid), $lang->redirect_threadrestored); 465 } 466 } 467 else 468 { 469 error_no_permission(); 470 } 471 } 472 else 473 { 474 if(is_moderator($fid, "canrestoreposts")) 475 { 476 // Select the first post before this 477 require_once MYBB_ROOT."inc/class_moderation.php"; 478 $moderation = new Moderation; 479 $moderation->restore_posts(array($pid)); 480 log_moderator_action($modlogdata, $lang->post_restored); 481 $redirect = get_post_link($pid, $tid)."#pid{$pid}"; 482 483 if($mybb->input['ajax'] == 1) 484 { 485 header("Content-type: application/json; charset={$lang->settings['charset']}"); 486 echo json_encode(array("data" => '1', "first" => '0')); 487 } 488 else 489 { 490 redirect($redirect, $lang->redirect_postrestored); 491 } 492 } 493 else 494 { 495 error_no_permission(); 496 } 497 } 498 } 499 else 500 { 501 error($lang->redirect_norestore); 502 } 503 } 504 505 $postoptions = array(); 506 507 if($mybb->input['action'] == "do_editpost" && $mybb->request_method == "post") 508 { 509 // Verify incoming POST request 510 verify_post_check($mybb->get_input('my_post_key')); 511 512 $plugins->run_hooks("editpost_do_editpost_start"); 513 514 // Set up posthandler. 515 require_once MYBB_ROOT."inc/datahandlers/post.php"; 516 $posthandler = new PostDataHandler("update"); 517 $posthandler->action = "post"; 518 519 // Set the post data that came from the input to the $post array. 520 $post = array( 521 "pid" => $mybb->input['pid'], 522 "prefix" => $mybb->get_input('threadprefix', MyBB::INPUT_INT), 523 "subject" => $mybb->get_input('subject'), 524 "icon" => $mybb->get_input('icon', MyBB::INPUT_INT), 525 "uid" => $post['uid'], 526 "username" => $post['username'], 527 "edit_uid" => $mybb->user['uid'], 528 "message" => $mybb->get_input('message'), 529 "editreason" => $mybb->get_input('editreason'), 530 ); 531 532 $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); 533 if(!isset($postoptions['signature'])) 534 { 535 $postoptions['signature'] = 0; 536 } 537 if(!isset($postoptions['subscriptionmethod'])) 538 { 539 $postoptions['subscriptionmethod'] = 0; 540 } 541 if(!isset($postoptions['disablesmilies'])) 542 { 543 $postoptions['disablesmilies'] = 0; 544 } 545 546 // Set up the post options from the input. 547 $post['options'] = array( 548 "signature" => $postoptions['signature'], 549 "subscriptionmethod" => $postoptions['subscriptionmethod'], 550 "disablesmilies" => $postoptions['disablesmilies'] 551 ); 552 553 $posthandler->set_data($post); 554 555 // Now let the post handler do all the hard work. 556 if(!$posthandler->validate_post()) 557 { 558 $post_errors = $posthandler->get_friendly_errors(); 559 $post_errors = inline_error($post_errors); 560 $mybb->input['action'] = "editpost"; 561 } 562 // No errors were found, we can call the update method. 563 else 564 { 565 $postinfo = $posthandler->update_post(); 566 $visible = $postinfo['visible']; 567 $first_post = $postinfo['first_post']; 568 569 // Help keep our attachments table clean. 570 $db->delete_query("attachments", "filename='' OR filesize<1"); 571 572 // Did the user choose to post a poll? Redirect them to the poll posting page. 573 if($mybb->get_input('postpoll', MyBB::INPUT_INT) && $forumpermissions['canpostpolls']) 574 { 575 $url = "polls.php?action=newpoll&tid=$tid&polloptions=".$mybb->get_input('numpolloptions', MyBB::INPUT_INT); 576 $lang->redirect_postedited = $lang->redirect_postedited_poll; 577 } 578 else if($visible == 0 && $first_post && !is_moderator($fid, "canviewunapprove", $mybb->user['uid'])) 579 { 580 // Moderated post 581 $lang->redirect_postedited .= $lang->redirect_thread_moderation; 582 $url = get_forum_link($fid); 583 } 584 else if($visible == 0 && !is_moderator($fid, "canviewunapprove", $mybb->user['uid'])) 585 { 586 $lang->redirect_postedited .= $lang->redirect_post_moderation; 587 $url = get_thread_link($tid); 588 } 589 // Otherwise, send them back to their post 590 else 591 { 592 $lang->redirect_postedited .= $lang->redirect_postedited_redirect; 593 $url = get_post_link($pid, $tid)."#pid{$pid}"; 594 } 595 $plugins->run_hooks("editpost_do_editpost_end"); 596 597 redirect($url, $lang->redirect_postedited); 598 } 599 } 600 601 if(!$mybb->input['action'] || $mybb->input['action'] == "editpost") 602 { 603 $plugins->run_hooks("editpost_action_start"); 604 605 $preview = ''; 606 $posticons = ''; 607 608 $posticons = ''; 609 610 if($mybb->settings['allowposticons'] == 1 && $forum['allowpicons'] != 0) 611 { 612 $posticons = get_post_icons(); 613 } 614 615 $mybb->user['username'] = htmlspecialchars_uni($mybb->user['username']); 616 eval("\$loginbox = \"".$templates->get("changeuserbox")."\";"); 617 618 $deletebox = ''; 619 620 if(isset($post['visible']) && $post['visible'] != -1 && (($thread['firstpost'] == $pid && (is_moderator($fid, "candeletethreads") || $forumpermissions['candeletethreads'] == 1 && $mybb->user['uid'] == $post['uid'])) || ($thread['firstpost'] != $pid && (is_moderator($fid, "candeleteposts") || $forumpermissions['candeleteposts'] == 1 && $mybb->user['uid'] == $post['uid'])))) 621 { 622 eval("\$deletebox = \"".$templates->get("editpost_delete")."\";"); 623 } 624 625 $bgcolor = "trow1"; 626 if($mybb->settings['enableattachments'] != 0 && $forumpermissions['canpostattachments'] != 0) 627 { // Get a listing of the current attachments, if there are any 628 $attachcount = 0; 629 $query = $db->simple_select("attachments", "*", "pid='{$pid}'"); 630 $attachments = ''; 631 while($attachment = $db->fetch_array($query)) 632 { 633 $attachment['size'] = get_friendly_size($attachment['filesize']); 634 $attachment['icon'] = get_attachment_icon(get_extension($attachment['filename'])); 635 $attachment['filename'] = htmlspecialchars_uni($attachment['filename']); 636 637 if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0) 638 { 639 eval("\$postinsert = \"".$templates->get("post_attachments_attachment_postinsert")."\";"); 640 } 641 // Moderating options 642 $attach_mod_options = ''; 643 if(is_moderator($fid)) 644 { 645 if($attachment['visible'] == 1) 646 { 647 eval("\$attach_mod_options = \"".$templates->get("post_attachments_attachment_mod_unapprove")."\";"); 648 } 649 else 650 { 651 eval("\$attach_mod_options = \"".$templates->get("post_attachments_attachment_mod_approve")."\";"); 652 } 653 } 654 655 // Remove Attachment 656 eval("\$attach_rem_options = \"".$templates->get("post_attachments_attachment_remove")."\";"); 657 658 if($attachment['visible'] != 1) 659 { 660 eval("\$attachments .= \"".$templates->get("post_attachments_attachment_unapproved")."\";"); 661 } 662 else 663 { 664 eval("\$attachments .= \"".$templates->get("post_attachments_attachment")."\";"); 665 } 666 $attachcount++; 667 } 668 $query = $db->simple_select("attachments", "SUM(filesize) AS ausage", "uid='".$mybb->user['uid']."'"); 669 $usage = $db->fetch_array($query); 670 if($usage['ausage'] > ($mybb->usergroup['attachquota']*1024) && $mybb->usergroup['attachquota'] != 0) 671 { 672 $noshowattach = 1; 673 } 674 else 675 { 676 $noshowattach = 0; 677 } 678 if($mybb->usergroup['attachquota'] == 0) 679 { 680 $friendlyquota = $lang->unlimited; 681 } 682 else 683 { 684 $friendlyquota = get_friendly_size($mybb->usergroup['attachquota']*1024); 685 } 686 687 $lang->attach_quota = $lang->sprintf($lang->attach_quota, $friendlyquota); 688 689 $link_viewattachments = ''; 690 691 if($usage['ausage'] !== NULL) 692 { 693 $friendlyusage = get_friendly_size($usage['ausage']); 694 $lang->attach_usage = $lang->sprintf($lang->attach_usage, $friendlyusage); 695 eval("\$link_viewattachments = \"".$templates->get("post_attachments_viewlink")."\";"); 696 } 697 else 698 { 699 $lang->attach_usage = ""; 700 } 701 702 $attach_add_options = ''; 703 if($mybb->settings['maxattachments'] == 0 || ($mybb->settings['maxattachments'] != 0 && $attachcount < $mybb->settings['maxattachments']) && !$noshowattach) 704 { 705 eval("\$attach_add_options = \"".$templates->get("post_attachments_add")."\";"); 706 } 707 708 $attach_update_options = ''; 709 if(($mybb->usergroup['caneditattachments'] || $forumpermissions['caneditattachments']) && $attachcount > 0) 710 { 711 eval("\$attach_update_options = \"".$templates->get("post_attachments_update")."\";"); 712 } 713 714 if($attach_add_options || $attach_update_options) 715 { 716 eval("\$newattach = \"".$templates->get("post_attachments_new")."\";"); 717 } 718 eval("\$attachbox = \"".$templates->get("post_attachments")."\";"); 719 } 720 else 721 { 722 $attachbox = ''; 723 } 724 if(!$mybb->get_input('attachmentaid', MyBB::INPUT_INT) && !$mybb->get_input('newattachment') && !$mybb->get_input('updateattachment') && !isset($mybb->input['previewpost'])) 725 { 726 $message = $post['message']; 727 $subject = $post['subject']; 728 $reason = htmlspecialchars_uni($post['editreason']); 729 } 730 else 731 { 732 $message = $mybb->get_input('message'); 733 $subject = $mybb->get_input('subject'); 734 $reason = htmlspecialchars_uni($mybb->get_input('editreason')); 735 } 736 737 $previewmessage = $message; 738 $previewsubject = $subject; 739 $message = htmlspecialchars_uni($message); 740 $subject = htmlspecialchars_uni($subject); 741 742 if(!isset($post_errors)) 743 { 744 $post_errors = ''; 745 } 746 747 $subscribe = $nonesubscribe = $emailsubscribe = $pmsubscribe = ''; 748 $postoptionschecked = array('signature' => '', 'disablesmilies' => ''); 749 750 if(!empty($mybb->input['previewpost']) || $post_errors) 751 { 752 // Set up posthandler. 753 require_once MYBB_ROOT."inc/datahandlers/post.php"; 754 $posthandler = new PostDataHandler("update"); 755 $posthandler->action = "post"; 756 757 // Set the post data that came from the input to the $post array. 758 $post = array( 759 "pid" => $mybb->input['pid'], 760 "prefix" => $mybb->get_input('threadprefix', MyBB::INPUT_INT), 761 "subject" => $mybb->get_input('subject'), 762 "icon" => $mybb->get_input('icon', MyBB::INPUT_INT), 763 "uid" => $post['uid'], 764 "username" => $post['username'], 765 "edit_uid" => $mybb->user['uid'], 766 "message" => $mybb->get_input('message'), 767 ); 768 769 $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); 770 if(!isset($postoptions['signature'])) 771 { 772 $postoptions['signature'] = 0; 773 } 774 if(!isset($postoptions['emailnotify'])) 775 { 776 $postoptions['emailnotify'] = 0; 777 } 778 if(!isset($postoptions['disablesmilies'])) 779 { 780 $postoptions['disablesmilies'] = 0; 781 } 782 783 // Set up the post options from the input. 784 $post['options'] = array( 785 "signature" => $postoptions['signature'], 786 "emailnotify" => $postoptions['emailnotify'], 787 "disablesmilies" => $postoptions['disablesmilies'] 788 ); 789 790 $posthandler->set_data($post); 791 792 // Now let the post handler do all the hard work. 793 if(!$posthandler->validate_post()) 794 { 795 $post_errors = $posthandler->get_friendly_errors(); 796 $post_errors = inline_error($post_errors); 797 $mybb->input['action'] = "editpost"; 798 $mybb->input['previewpost'] = 0; 799 } 800 else 801 { 802 803 $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); 804 805 if(isset($postoptions['signature']) && $postoptions['signature'] == 1) 806 { 807 $postoptionschecked['signature'] = " checked=\"checked\""; 808 } 809 810 if(isset($postoptions['disablesmilies']) && $postoptions['disablesmilies'] == 1) 811 { 812 $postoptionschecked['disablesmilies'] = " checked=\"checked\""; 813 } 814 815 $subscription_method = get_subscription_method($tid, $postoptions); 816 ${$subscription_method.'subscribe'} = "checked=\"checked\" "; 817 } 818 } 819 820 if(!empty($mybb->input['previewpost'])) 821 { 822 if(!$post['uid']) 823 { 824 $query = $db->simple_select('posts', 'username, dateline', "pid='{$pid}'"); 825 $postinfo = $db->fetch_array($query); 826 } 827 else 828 { 829 // Figure out the poster's other information. 830 $query = $db->query(" 831 SELECT u.*, f.*, p.dateline 832 FROM ".TABLE_PREFIX."users u 833 LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid) 834 LEFT JOIN ".TABLE_PREFIX."posts p ON (p.uid=u.uid) 835 WHERE u.uid='{$post['uid']}' AND p.pid='{$pid}' 836 LIMIT 1 837 "); 838 $postinfo = $db->fetch_array($query); 839 $postinfo['userusername'] = $postinfo['username']; 840 } 841 842 $query = $db->simple_select("attachments", "*", "pid='{$pid}'"); 843 while($attachment = $db->fetch_array($query)) 844 { 845 $attachcache[0][$attachment['aid']] = $attachment; 846 } 847 848 if(!isset($postoptions['disablesmilies'])) 849 { 850 $postoptions['disablesmilies'] = 0; 851 } 852 853 // Set the values of the post info array. 854 $postinfo['message'] = $previewmessage; 855 $postinfo['subject'] = $previewsubject; 856 $postinfo['icon'] = $post['icon']; 857 $postinfo['smilieoff'] = $postoptions['disablesmilies']; 858 859 $postbit = build_postbit($postinfo, 1); 860 eval("\$preview = \"".$templates->get("previewpost")."\";"); 861 } 862 else if(!$post_errors) 863 { 864 $preview = ''; 865 866 if($post['includesig'] != 0) 867 { 868 $postoptionschecked['signature'] = " checked=\"checked\""; 869 } 870 871 if($post['smilieoff'] == 1) 872 { 873 $postoptionschecked['disablesmilies'] = " checked=\"checked\""; 874 } 875 876 $subscription_method = get_subscription_method($tid, $postoptions); 877 ${$subscription_method.'subscribe'} = "checked=\"checked\" "; 878 } 879 880 // Generate thread prefix selector if this is the first post of the thread 881 if($thread['firstpost'] == $pid) 882 { 883 if(!$mybb->get_input('threadprefix', MyBB::INPUT_INT)) 884 { 885 $mybb->input['threadprefix'] = $thread['prefix']; 886 } 887 888 $prefixselect = build_prefix_select($forum['fid'], $mybb->get_input('threadprefix', MyBB::INPUT_INT), 0, $thread['prefix']); 889 } 890 else 891 { 892 $prefixselect = ""; 893 } 894 895 $editreason = ''; 896 if($mybb->settings['alloweditreason'] == 1) 897 { 898 eval("\$editreason = \"".$templates->get("editpost_reason")."\";"); 899 $bgcolor = "trow2"; 900 $bgcolor2 = "trow1"; 901 } 902 else 903 { 904 $bgcolor = "trow1"; 905 $bgcolor2 = "trow2"; 906 } 907 908 // Fetch subscription select box 909 eval("\$subscriptionmethod = \"".$templates->get("post_subscription_method")."\";"); 910 911 $query = $db->simple_select("posts", "*", "tid='{$tid}'", array("limit" => 1, "order_by" => "dateline, pid")); 912 $firstcheck = $db->fetch_array($query); 913 914 $time = TIME_NOW; 915 if($firstcheck['pid'] == $pid && $forumpermissions['canpostpolls'] != 0 && $thread['poll'] < 1 && (is_moderator($fid, "canmanagepolls") || $thread['dateline'] > ($time-($mybb->settings['polltimelimit']*60*60)) || $mybb->settings['polltimelimit'] == 0)) 916 { 917 $lang->max_options = $lang->sprintf($lang->max_options, $mybb->settings['maxpolloptions']); 918 $numpolloptions = $mybb->get_input('numpolloptions', MyBB::INPUT_INT); 919 $postpollchecked = ''; 920 921 if($numpolloptions < 1) 922 { 923 $numpolloptions = 2; 924 } 925 926 if($mybb->get_input('postpoll', MyBB::INPUT_INT) == 1) 927 { 928 $postpollchecked = 'checked="checked"'; 929 } 930 931 eval("\$pollbox = \"".$templates->get("newthread_postpoll")."\";"); 932 } 933 else 934 { 935 $pollbox = ''; 936 } 937 938 // Hide signature option if no permission 939 $signature = ''; 940 if($mybb->usergroup['canusesig'] == 1 && !$mybb->user['suspendsignature']) 941 { 942 eval("\$signature = \"".$templates->get('editpost_signature')."\";"); 943 } 944 945 // Can we disable smilies or are they disabled already? 946 $disablesmilies = ''; 947 if($forum['allowsmilies'] != 0) 948 { 949 eval("\$disablesmilies = \"".$templates->get("editpost_disablesmilies")."\";"); 950 } 951 952 $postoptions = ''; 953 if(!empty($signature) || !empty($disablesmilies)) 954 { 955 eval("\$postoptions = \"".$templates->get("editpost_postoptions")."\";"); 956 } 957 958 $moderation_notice = ''; 959 if(!is_moderator($forum['fid'], "canapproveunapproveattachs")) 960 { 961 if($forumpermissions['modattachments'] == 1 && $forumpermissions['canpostattachments'] != 0) 962 { 963 $moderation_text = $lang->moderation_forum_attachments; 964 eval('$moderation_notice = "'.$templates->get('global_moderation_notice').'";'); 965 } 966 } 967 968 if(!is_moderator($forum['fid'], "canapproveunapproveposts")) 969 { 970 if($forumpermissions['mod_edit_posts'] == 1) 971 { 972 $moderation_text = $lang->moderation_forum_edits; 973 eval('$moderation_notice = "'.$templates->get('global_moderation_notice').'";'); 974 } 975 } 976 977 $php_max_upload_size = get_php_upload_limit(); 978 $php_max_file_uploads = (int)ini_get('max_file_uploads'); 979 eval("\$post_javascript = \"".$templates->get("post_javascript")."\";"); 980 981 $plugins->run_hooks("editpost_end"); 982 983 $forum['name'] = strip_tags($forum['name']); 984 985 eval("\$editpost = \"".$templates->get("editpost")."\";"); 986 output_page($editpost); 987 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| 2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |