[ Index ] |
PHP Cross Reference of MyBB 1.8.39 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 define("IN_MYBB", 1); 12 define('THIS_SCRIPT', 'editpost.php'); 13 14 $templatelist = "editpost,previewpost,changeuserbox,codebuttons,post_attachments_attachment_postinsert,post_attachments_attachment_mod_unapprove,postbit_attachments_thumbnails,postbit_profilefield_multiselect_value"; 15 $templatelist .= ",editpost_delete,forumdisplay_password_wrongpass,forumdisplay_password,editpost_reason,post_attachments_attachment_remove,post_attachments_update,post_subscription_method,postbit_profilefield_multiselect"; 16 $templatelist .= ",postbit_avatar,postbit_find,postbit_pm,postbit_rep_button,postbit_www,postbit_email,postbit_reputation,postbit_warn,postbit_warninglevel,postbit_author_user,posticons"; 17 $templatelist .= ",postbit_signature,postbit_classic,postbit,postbit_attachments_thumbnails_thumbnail,postbit_attachments_images_image,postbit_attachments_attachment,postbit_attachments_attachment_unapproved"; 18 $templatelist .= ",posticons_icon,post_prefixselect_prefix,post_prefixselect_single,newthread_postpoll,editpost_disablesmilies,post_attachments_attachment_mod_approve,post_attachments_attachment_unapproved"; 19 $templatelist .= ",postbit_warninglevel_formatted,postbit_reputation_formatted_link,editpost_signature,attachment_icon,post_attachments_attachment,post_attachments_add,post_attachments,editpost_postoptions,post_attachments_viewlink"; 20 $templatelist .= ",postbit_attachments_images,global_moderation_notice,post_attachments_new,postbit_attachments,postbit_online,postbit_away,postbit_offline,postbit_gotopost,postbit_userstar,postbit_icon"; 21 22 require_once "./global.php"; 23 require_once MYBB_ROOT."inc/functions_post.php"; 24 require_once MYBB_ROOT."inc/functions_upload.php"; 25 require_once MYBB_ROOT."inc/class_parser.php"; 26 $parser = new postParser; 27 28 // Load global language phrases 29 $lang->load("editpost"); 30 31 $plugins->run_hooks("editpost_start"); 32 33 // No permission for guests 34 if(!$mybb->user['uid']) 35 { 36 error_no_permission(); 37 } 38 39 // Get post info 40 $pid = $mybb->get_input('pid', MyBB::INPUT_INT); 41 42 // if we already have the post information... 43 if(isset($style) && $style['pid'] == $pid && $style['type'] != 'f') 44 { 45 $post = &$style; 46 } 47 else 48 { 49 $post = get_post($pid); 50 } 51 52 if(!$post || ($post['visible'] == -1 && $mybb->input['action'] != "restorepost")) 53 { 54 error($lang->error_invalidpost); 55 } 56 57 // Get thread info 58 $tid = $post['tid']; 59 $thread = get_thread($tid); 60 61 if(!$thread) 62 { 63 error($lang->error_invalidthread); 64 } 65 66 $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); 67 68 // Get forum info 69 $fid = $post['fid']; 70 $forum = get_forum($fid); 71 72 if($thread['visible'] == 0 && !is_moderator($fid, "canviewunapprove") || $thread['visible'] == -1 && !is_moderator($fid, "canviewdeleted") || ($thread['visible'] < -1 && $thread['uid'] != $mybb->user['uid'])) 73 { 74 if($thread['visible'] == 0 && !($mybb->settings['showownunapproved'] && $thread['uid'] == $mybb->user['uid'])) 75 { 76 error($lang->error_invalidthread); 77 } 78 } 79 if(!$forum || $forum['type'] != "f") 80 { 81 error($lang->error_closedinvalidforum); 82 } 83 if(($forum['open'] == 0 && !is_moderator($fid, "caneditposts")) || $mybb->user['suspendposting'] == 1) 84 { 85 error_no_permission(); 86 } 87 88 // Add prefix to breadcrumb 89 $breadcrumbprefix = ''; 90 if($thread['prefix']) 91 { 92 $threadprefixes = build_prefixes(); 93 if(!empty($threadprefixes[$thread['prefix']])) 94 { 95 $breadcrumbprefix = $threadprefixes[$thread['prefix']]['displaystyle'].' '; 96 } 97 } 98 99 // Make navigation 100 build_forum_breadcrumb($fid); 101 add_breadcrumb($breadcrumbprefix.$thread['subject'], get_thread_link($thread['tid'])); 102 add_breadcrumb($lang->nav_editpost); 103 104 $forumpermissions = forum_permissions($fid); 105 106 if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0) 107 { 108 $codebuttons = build_mycode_inserter("message", $mybb->settings['smilieinserter']); 109 } 110 if($mybb->settings['smilieinserter'] != 0) 111 { 112 $smilieinserter = build_clickable_smilies(); 113 } 114 115 $mybb->input['action'] = $mybb->get_input('action'); 116 if(!$mybb->input['action'] || isset($mybb->input['previewpost'])) 117 { 118 $mybb->input['action'] = "editpost"; 119 } 120 121 if($mybb->input['action'] == "deletepost" && $mybb->request_method == "post") 122 { 123 if(!is_moderator($fid, "candeleteposts") && !is_moderator($fid, "cansoftdeleteposts") && $pid != $thread['firstpost'] || !is_moderator($fid, "candeletethreads") && !is_moderator($fid, "cansoftdeletethreads") && $pid == $thread['firstpost']) 124 { 125 if($thread['closed'] == 1) 126 { 127 error($lang->redirect_threadclosed); 128 } 129 if($forumpermissions['candeleteposts'] == 0 && $pid != $thread['firstpost'] || $forumpermissions['candeletethreads'] == 0 && $pid == $thread['firstpost']) 130 { 131 error_no_permission(); 132 } 133 if($mybb->user['uid'] != $post['uid']) 134 { 135 error_no_permission(); 136 } 137 // User can't delete unapproved post unless allowed for own 138 if($post['visible'] == 0 && !($mybb->settings['showownunapproved'] && $post['uid'] == $mybb->user['uid'])) 139 { 140 error_no_permission(); 141 } 142 } 143 if($post['visible'] == -1 && $mybb->settings['soft_delete'] == 1) 144 { 145 error($lang->error_already_deleted); 146 } 147 } 148 elseif($mybb->input['action'] == "restorepost" && $mybb->request_method == "post") 149 { 150 if(!is_moderator($fid, "canrestoreposts") && $pid != $thread['firstpost'] || !is_moderator($fid, "canrestorethreads") && $pid == $thread['firstpost'] || $post['visible'] != -1) 151 { 152 error_no_permission(); 153 } 154 } 155 else 156 { 157 if(!is_moderator($fid, "caneditposts")) 158 { 159 if($thread['closed'] == 1) 160 { 161 error($lang->redirect_threadclosed); 162 } 163 if($forumpermissions['caneditposts'] == 0) 164 { 165 error_no_permission(); 166 } 167 if($mybb->user['uid'] != $post['uid']) 168 { 169 error_no_permission(); 170 } 171 // Edit time limit 172 $time = TIME_NOW; 173 if($mybb->usergroup['edittimelimit'] != 0 && $post['dateline'] < ($time-($mybb->usergroup['edittimelimit']*60))) 174 { 175 $lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->usergroup['edittimelimit']); 176 error($lang->edit_time_limit); 177 } 178 // User can't edit unapproved post 179 if(($post['visible'] == 0 && !($mybb->settings['showownunapproved'] && $post['uid'] == $mybb->user['uid'])) || $post['visible'] == -1) 180 { 181 error_no_permission(); 182 } 183 } 184 } 185 186 // Check if this forum is password protected and we have a valid password 187 check_forum_password($forum['fid']); 188 189 if((empty($_POST) && empty($_FILES)) && $mybb->get_input('processed', MyBB::INPUT_INT) == '1') 190 { 191 error($lang->error_empty_post_input); 192 } 193 194 $attacherror = ''; 195 if($mybb->settings['enableattachments'] == 1 && ($mybb->get_input('newattachment') || $mybb->get_input('updateattachment') || ((($mybb->input['action'] == "do_editpost" && isset($mybb->input['submitbutton'])) || ($mybb->input['action'] == "editpost" && isset($mybb->input['previewpost']))) && isset($_FILES['attachments'])))) 196 { 197 // Verify incoming POST request 198 verify_post_check($mybb->get_input('my_post_key')); 199 200 if($pid) 201 { 202 $attachwhere = "pid='{$pid}'"; 203 } 204 else 205 { 206 $attachwhere = "posthash='".$db->escape_string($mybb->get_input('posthash'))."'"; 207 } 208 209 $ret = add_attachments($pid, $forumpermissions, $attachwhere, "editpost"); 210 211 if($mybb->get_input('ajax', MyBB::INPUT_INT) == 1) 212 { 213 if(isset($ret['success'])) 214 { 215 $attachment = array('aid'=>'{1}', 'icon'=>'{2}', 'filename'=>'{3}', 'size'=>'{4}'); 216 if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0) 217 { 218 eval("\$postinsert = \"".$templates->get("post_attachments_attachment_postinsert")."\";"); 219 } 220 // Moderating options 221 $attach_mod_options = ''; 222 if(is_moderator($fid)) 223 { 224 eval("\$attach_mod_options = \"".$templates->get("post_attachments_attachment_mod_unapprove")."\";"); 225 } 226 eval("\$attach_rem_options = \"".$templates->get("post_attachments_attachment_remove")."\";"); 227 eval("\$attemplate = \"".$templates->get("post_attachments_attachment")."\";"); 228 $ret['template'] = $attemplate; 229 230 $query = $db->simple_select("attachments", "SUM(filesize) AS ausage", "uid='".$mybb->user['uid']."'"); 231 $usage = $db->fetch_array($query); 232 $ret['usage'] = get_friendly_size($usage['ausage']); 233 } 234 235 header("Content-type: application/json; charset={$lang->settings['charset']}"); 236 echo json_encode($ret); 237 exit(); 238 } 239 240 if(!empty($ret['errors'])) 241 { 242 $errors = $ret['errors']; 243 } 244 245 // Do we have attachment errors? 246 if(!empty($errors)) 247 { 248 $attacherror = inline_error($errors); 249 } 250 251 // If we were dealing with an attachment but didn't click 'Update Post', force the post edit page again. 252 if(!isset($mybb->input['submitbutton'])) 253 { 254 $mybb->input['action'] = "editpost"; 255 } 256 } 257 258 detect_attachmentact(); 259 260 if($mybb->settings['enableattachments'] == 1 && $mybb->get_input('attachmentaid', MyBB::INPUT_INT) && isset($mybb->input['attachmentact']) && $mybb->input['action'] == "do_editpost" && $mybb->request_method == "post") // Lets remove/approve/unapprove the attachment 261 { 262 // Verify incoming POST request 263 verify_post_check($mybb->get_input('my_post_key')); 264 265 $mybb->input['attachmentaid'] = $mybb->get_input('attachmentaid', MyBB::INPUT_INT); 266 if($mybb->input['attachmentact'] == "remove") 267 { 268 remove_attachment($pid, "", $mybb->input['attachmentaid']); 269 } 270 elseif($mybb->get_input('attachmentact') == "approve" && is_moderator($fid, 'canapproveunapproveattachs')) 271 { 272 $update_sql = array("visible" => 1); 273 $db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'"); 274 update_thread_counters($post['tid'], array('attachmentcount' => "+1")); 275 } 276 elseif($mybb->get_input('attachmentact') == "unapprove" && is_moderator($fid, 'canapproveunapproveattachs')) 277 { 278 $update_sql = array("visible" => 0); 279 $db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'"); 280 update_thread_counters($post['tid'], array('attachmentcount' => "-1")); 281 } 282 283 if($mybb->get_input('ajax', MyBB::INPUT_INT) == 1) 284 { 285 $query = $db->simple_select("attachments", "SUM(filesize) AS ausage", "uid='".$mybb->user['uid']."'"); 286 $usage = $db->fetch_array($query); 287 288 header("Content-type: application/json; charset={$lang->settings['charset']}"); 289 echo json_encode(array("success" => true, "usage" => get_friendly_size($usage['ausage']))); 290 exit(); 291 } 292 293 if(!isset($mybb->input['submitbutton'])) 294 { 295 $mybb->input['action'] = "editpost"; 296 } 297 } 298 299 if($mybb->input['action'] == "deletepost" && $mybb->request_method == "post") 300 { 301 // Verify incoming POST request 302 verify_post_check($mybb->get_input('my_post_key')); 303 304 $plugins->run_hooks("editpost_deletepost"); 305 306 if($mybb->get_input('delete', MyBB::INPUT_INT) == 1) 307 { 308 $query = $db->simple_select("posts", "pid", "tid='{$tid}'", array("limit" => 1, "order_by" => "dateline, pid")); 309 $firstcheck = $db->fetch_array($query); 310 if($firstcheck['pid'] == $pid) 311 { 312 $firstpost = 1; 313 } 314 else 315 { 316 $firstpost = 0; 317 } 318 319 $modlogdata['fid'] = $fid; 320 $modlogdata['tid'] = $tid; 321 if($firstpost) 322 { 323 if($forumpermissions['candeletethreads'] == 1 || is_moderator($fid, "candeletethreads") || is_moderator($fid, "cansoftdeletethreads")) 324 { 325 require_once MYBB_ROOT."inc/class_moderation.php"; 326 $moderation = new Moderation; 327 328 if($mybb->settings['soft_delete'] == 1 || is_moderator($fid, "cansoftdeletethreads")) 329 { 330 $modlogdata['pid'] = $pid; 331 332 $moderation->soft_delete_threads(array($tid)); 333 log_moderator_action($modlogdata, $lang->thread_soft_deleted); 334 } 335 else 336 { 337 $moderation->delete_thread($tid); 338 mark_reports($tid, "thread"); 339 log_moderator_action($modlogdata, $lang->thread_deleted); 340 } 341 342 if($mybb->input['ajax'] == 1) 343 { 344 header("Content-type: application/json; charset={$lang->settings['charset']}"); 345 if(is_moderator($fid, "canviewdeleted")) 346 { 347 echo json_encode(array("data" => '1', "first" => '1')); 348 } 349 else 350 { 351 echo json_encode(array("data" => '3', "url" => get_forum_link($fid))); 352 } 353 } 354 else 355 { 356 redirect(get_forum_link($fid), $lang->redirect_threaddeleted); 357 } 358 } 359 else 360 { 361 error_no_permission(); 362 } 363 } 364 else 365 { 366 if($forumpermissions['candeleteposts'] == 1 || is_moderator($fid, "candeleteposts") || is_moderator($fid, "cansoftdeleteposts")) 367 { 368 // Select the first post before this 369 require_once MYBB_ROOT."inc/class_moderation.php"; 370 $moderation = new Moderation; 371 372 if($mybb->settings['soft_delete'] == 1 || is_moderator($fid, "cansoftdeleteposts")) 373 { 374 $modlogdata['pid'] = $pid; 375 376 $moderation->soft_delete_posts(array($pid)); 377 log_moderator_action($modlogdata, $lang->post_soft_deleted); 378 } 379 else 380 { 381 $moderation->delete_post($pid); 382 mark_reports($pid, "post"); 383 log_moderator_action($modlogdata, $lang->post_deleted); 384 } 385 386 $query = $db->simple_select("posts", "pid", "tid='{$tid}' AND dateline <= '{$post['dateline']}'", array("limit" => 1, "order_by" => "dateline DESC, pid DESC")); 387 $next_post = $db->fetch_array($query); 388 if($next_post['pid']) 389 { 390 $redirect = get_post_link($next_post['pid'], $tid)."#pid{$next_post['pid']}"; 391 } 392 else 393 { 394 $redirect = get_thread_link($tid); 395 } 396 397 if($mybb->get_input('ajax', MyBB::INPUT_INT) == 1) 398 { 399 header("Content-type: application/json; charset={$lang->settings['charset']}"); 400 if(is_moderator($fid, "canviewdeleted")) 401 { 402 echo json_encode(array("data" => '1', "first" => '0')); 403 } 404 else 405 { 406 echo json_encode(array("data" => '2')); 407 } 408 } 409 else 410 { 411 redirect($redirect, $lang->redirect_postdeleted); 412 } 413 } 414 else 415 { 416 error_no_permission(); 417 } 418 } 419 } 420 else 421 { 422 error($lang->redirect_nodelete); 423 } 424 } 425 426 if($mybb->input['action'] == "restorepost" && $mybb->request_method == "post") 427 { 428 // Verify incoming POST request 429 verify_post_check($mybb->get_input('my_post_key')); 430 431 $plugins->run_hooks("editpost_restorepost"); 432 433 if($mybb->get_input('restore', MyBB::INPUT_INT) == 1) 434 { 435 $query = $db->simple_select("posts", "pid", "tid='{$tid}'", array("limit" => 1, "order_by" => "dateline, pid")); 436 $firstcheck = $db->fetch_array($query); 437 if($firstcheck['pid'] == $pid) 438 { 439 $firstpost = 1; 440 } 441 else 442 { 443 $firstpost = 0; 444 } 445 446 $modlogdata['fid'] = $fid; 447 $modlogdata['tid'] = $tid; 448 $modlogdata['pid'] = $pid; 449 if($firstpost) 450 { 451 if(is_moderator($fid, "canrestorethreads")) 452 { 453 require_once MYBB_ROOT."inc/class_moderation.php"; 454 $moderation = new Moderation; 455 $moderation->restore_threads(array($tid)); 456 log_moderator_action($modlogdata, $lang->thread_restored); 457 if($mybb->input['ajax'] == 1) 458 { 459 header("Content-type: application/json; charset={$lang->settings['charset']}"); 460 echo json_encode(array("data" => '1', "first" => '1')); 461 } 462 else 463 { 464 redirect(get_forum_link($fid), $lang->redirect_threadrestored); 465 } 466 } 467 else 468 { 469 error_no_permission(); 470 } 471 } 472 else 473 { 474 if(is_moderator($fid, "canrestoreposts")) 475 { 476 // Select the first post before this 477 require_once MYBB_ROOT."inc/class_moderation.php"; 478 $moderation = new Moderation; 479 $moderation->restore_posts(array($pid)); 480 log_moderator_action($modlogdata, $lang->post_restored); 481 $redirect = get_post_link($pid, $tid)."#pid{$pid}"; 482 483 if($mybb->input['ajax'] == 1) 484 { 485 header("Content-type: application/json; charset={$lang->settings['charset']}"); 486 echo json_encode(array("data" => '1', "first" => '0')); 487 } 488 else 489 { 490 redirect($redirect, $lang->redirect_postrestored); 491 } 492 } 493 else 494 { 495 error_no_permission(); 496 } 497 } 498 } 499 else 500 { 501 error($lang->redirect_norestore); 502 } 503 } 504 505 $postoptions = array(); 506 507 if($mybb->input['action'] == "do_editpost" && $mybb->request_method == "post") 508 { 509 // Verify incoming POST request 510 verify_post_check($mybb->get_input('my_post_key')); 511 512 $plugins->run_hooks("editpost_do_editpost_start"); 513 514 // Set up posthandler. 515 require_once MYBB_ROOT."inc/datahandlers/post.php"; 516 $posthandler = new PostDataHandler("update"); 517 $posthandler->action = "post"; 518 519 // Set the post data that came from the input to the $post array. 520 $post = array( 521 "pid" => $mybb->input['pid'], 522 "prefix" => $mybb->get_input('threadprefix', MyBB::INPUT_INT), 523 "subject" => $mybb->get_input('subject'), 524 "icon" => $mybb->get_input('icon', MyBB::INPUT_INT), 525 "uid" => $post['uid'], 526 "username" => $post['username'], 527 "edit_uid" => $mybb->user['uid'], 528 "message" => $mybb->get_input('message'), 529 "editreason" => $mybb->get_input('editreason'), 530 ); 531 532 $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); 533 if(!isset($postoptions['signature'])) 534 { 535 $postoptions['signature'] = 0; 536 } 537 if(!isset($postoptions['subscriptionmethod'])) 538 { 539 $postoptions['subscriptionmethod'] = 0; 540 } 541 if(!isset($postoptions['disablesmilies'])) 542 { 543 $postoptions['disablesmilies'] = 0; 544 } 545 546 // Set up the post options from the input. 547 $post['options'] = array( 548 "signature" => $postoptions['signature'], 549 "subscriptionmethod" => $postoptions['subscriptionmethod'], 550 "disablesmilies" => $postoptions['disablesmilies'] 551 ); 552 553 $posthandler->set_data($post); 554 555 // Now let the post handler do all the hard work. 556 if(!$posthandler->validate_post()) 557 { 558 $post_errors = $posthandler->get_friendly_errors(); 559 $post_errors = inline_error($post_errors); 560 $mybb->input['action'] = "editpost"; 561 } 562 // No errors were found, we can call the update method. 563 else 564 { 565 $postinfo = $posthandler->update_post(); 566 $visible = $postinfo['visible']; 567 $first_post = $postinfo['first_post']; 568 569 // Help keep our attachments table clean. 570 $db->delete_query("attachments", "filename='' OR filesize<1"); 571 572 // Did the user choose to post a poll? Redirect them to the poll posting page. 573 if($mybb->get_input('postpoll', MyBB::INPUT_INT) && $forumpermissions['canpostpolls']) 574 { 575 $url = "polls.php?action=newpoll&tid=$tid&polloptions=".$mybb->get_input('numpolloptions', MyBB::INPUT_INT); 576 $lang->redirect_postedited = $lang->redirect_postedited_poll; 577 } 578 else if($visible == 0 && $first_post && !is_moderator($fid, "canviewunapprove", $mybb->user['uid'])) 579 { 580 // Moderated post 581 $lang->redirect_postedited .= $lang->redirect_thread_moderation; 582 $url = get_forum_link($fid); 583 } 584 else if($visible == 0 && !is_moderator($fid, "canviewunapprove", $mybb->user['uid'])) 585 { 586 $lang->redirect_postedited .= $lang->redirect_post_moderation; 587 $url = get_thread_link($tid); 588 } 589 // Otherwise, send them back to their post 590 else 591 { 592 $lang->redirect_postedited .= $lang->redirect_postedited_redirect; 593 $url = get_post_link($pid, $tid)."#pid{$pid}"; 594 } 595 $plugins->run_hooks("editpost_do_editpost_end"); 596 597 redirect($url, $lang->redirect_postedited); 598 } 599 } 600 601 if(!$mybb->input['action'] || $mybb->input['action'] == "editpost") 602 { 603 $plugins->run_hooks("editpost_action_start"); 604 605 $preview = ''; 606 $posticons = ''; 607 608 if($forum['allowpicons'] != 0) 609 { 610 $posticons = get_post_icons(); 611 } 612 613 $mybb->user['username'] = htmlspecialchars_uni($mybb->user['username']); 614 eval("\$loginbox = \"".$templates->get("changeuserbox")."\";"); 615 616 $deletebox = ''; 617 618 if(isset($post['visible']) && $post['visible'] != -1 && (($thread['firstpost'] == $pid && (is_moderator($fid, "candeletethreads") || $forumpermissions['candeletethreads'] == 1 && $mybb->user['uid'] == $post['uid'])) || ($thread['firstpost'] != $pid && (is_moderator($fid, "candeleteposts") || $forumpermissions['candeleteposts'] == 1 && $mybb->user['uid'] == $post['uid'])))) 619 { 620 eval("\$deletebox = \"".$templates->get("editpost_delete")."\";"); 621 } 622 623 $bgcolor = "trow1"; 624 if($mybb->settings['enableattachments'] != 0 && $forumpermissions['canpostattachments'] != 0) 625 { // Get a listing of the current attachments, if there are any 626 $attachcount = 0; 627 $query = $db->simple_select("attachments", "*", "pid='{$pid}'"); 628 $attachments = ''; 629 while($attachment = $db->fetch_array($query)) 630 { 631 $attachment['size'] = get_friendly_size($attachment['filesize']); 632 $attachment['icon'] = get_attachment_icon(get_extension($attachment['filename'])); 633 $attachment['filename'] = htmlspecialchars_uni($attachment['filename']); 634 635 if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0) 636 { 637 eval("\$postinsert = \"".$templates->get("post_attachments_attachment_postinsert")."\";"); 638 } 639 // Moderating options 640 $attach_mod_options = ''; 641 if(is_moderator($fid)) 642 { 643 if($attachment['visible'] == 1) 644 { 645 eval("\$attach_mod_options = \"".$templates->get("post_attachments_attachment_mod_unapprove")."\";"); 646 } 647 else 648 { 649 eval("\$attach_mod_options = \"".$templates->get("post_attachments_attachment_mod_approve")."\";"); 650 } 651 } 652 653 // Remove Attachment 654 eval("\$attach_rem_options = \"".$templates->get("post_attachments_attachment_remove")."\";"); 655 656 if($attachment['visible'] != 1) 657 { 658 eval("\$attachments .= \"".$templates->get("post_attachments_attachment_unapproved")."\";"); 659 } 660 else 661 { 662 eval("\$attachments .= \"".$templates->get("post_attachments_attachment")."\";"); 663 } 664 $attachcount++; 665 } 666 $query = $db->simple_select("attachments", "SUM(filesize) AS ausage", "uid='".$mybb->user['uid']."'"); 667 $usage = $db->fetch_array($query); 668 if($usage['ausage'] > ($mybb->usergroup['attachquota']*1024) && $mybb->usergroup['attachquota'] != 0) 669 { 670 $noshowattach = 1; 671 } 672 else 673 { 674 $noshowattach = 0; 675 } 676 if($mybb->usergroup['attachquota'] == 0) 677 { 678 $friendlyquota = $lang->unlimited; 679 } 680 else 681 { 682 $friendlyquota = get_friendly_size($mybb->usergroup['attachquota']*1024); 683 } 684 685 $lang->attach_quota = $lang->sprintf($lang->attach_quota, $friendlyquota); 686 687 $link_viewattachments = ''; 688 689 if($usage['ausage'] !== NULL) 690 { 691 $friendlyusage = get_friendly_size($usage['ausage']); 692 $lang->attach_usage = $lang->sprintf($lang->attach_usage, $friendlyusage); 693 eval("\$link_viewattachments = \"".$templates->get("post_attachments_viewlink")."\";"); 694 } 695 else 696 { 697 $lang->attach_usage = ""; 698 } 699 700 $attach_add_options = ''; 701 if($mybb->settings['maxattachments'] == 0 || ($mybb->settings['maxattachments'] != 0 && $attachcount < $mybb->settings['maxattachments']) && !$noshowattach) 702 { 703 eval("\$attach_add_options = \"".$templates->get("post_attachments_add")."\";"); 704 } 705 706 $attach_update_options = ''; 707 if(($mybb->usergroup['caneditattachments'] || $forumpermissions['caneditattachments']) && $attachcount > 0) 708 { 709 eval("\$attach_update_options = \"".$templates->get("post_attachments_update")."\";"); 710 } 711 712 if($attach_add_options || $attach_update_options) 713 { 714 eval("\$newattach = \"".$templates->get("post_attachments_new")."\";"); 715 } 716 eval("\$attachbox = \"".$templates->get("post_attachments")."\";"); 717 } 718 else 719 { 720 $attachbox = ''; 721 } 722 if(!$mybb->get_input('attachmentaid', MyBB::INPUT_INT) && !$mybb->get_input('newattachment') && !$mybb->get_input('updateattachment') && !isset($mybb->input['previewpost'])) 723 { 724 $message = $post['message']; 725 $subject = $post['subject']; 726 $reason = htmlspecialchars_uni($post['editreason']); 727 } 728 else 729 { 730 $message = $mybb->get_input('message'); 731 $subject = $mybb->get_input('subject'); 732 $reason = htmlspecialchars_uni($mybb->get_input('editreason')); 733 } 734 735 $previewmessage = $message; 736 $previewsubject = $subject; 737 $message = htmlspecialchars_uni($message); 738 $subject = htmlspecialchars_uni($subject); 739 740 if(!isset($post_errors)) 741 { 742 $post_errors = ''; 743 } 744 745 $subscribe = $nonesubscribe = $emailsubscribe = $pmsubscribe = ''; 746 $postoptionschecked = array('signature' => '', 'disablesmilies' => ''); 747 748 if(!empty($mybb->input['previewpost']) || $post_errors) 749 { 750 // Set up posthandler. 751 require_once MYBB_ROOT."inc/datahandlers/post.php"; 752 $posthandler = new PostDataHandler("update"); 753 $posthandler->action = "post"; 754 755 // Set the post data that came from the input to the $post array. 756 $post = array( 757 "pid" => $mybb->input['pid'], 758 "prefix" => $mybb->get_input('threadprefix', MyBB::INPUT_INT), 759 "subject" => $mybb->get_input('subject'), 760 "icon" => $mybb->get_input('icon', MyBB::INPUT_INT), 761 "uid" => $post['uid'], 762 "username" => $post['username'], 763 "edit_uid" => $mybb->user['uid'], 764 "message" => $mybb->get_input('message'), 765 ); 766 767 $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); 768 if(!isset($postoptions['signature'])) 769 { 770 $postoptions['signature'] = 0; 771 } 772 if(!isset($postoptions['emailnotify'])) 773 { 774 $postoptions['emailnotify'] = 0; 775 } 776 if(!isset($postoptions['disablesmilies'])) 777 { 778 $postoptions['disablesmilies'] = 0; 779 } 780 781 // Set up the post options from the input. 782 $post['options'] = array( 783 "signature" => $postoptions['signature'], 784 "emailnotify" => $postoptions['emailnotify'], 785 "disablesmilies" => $postoptions['disablesmilies'] 786 ); 787 788 $posthandler->set_data($post); 789 790 // Now let the post handler do all the hard work. 791 if(!$posthandler->validate_post()) 792 { 793 $post_errors = $posthandler->get_friendly_errors(); 794 $post_errors = inline_error($post_errors); 795 $mybb->input['action'] = "editpost"; 796 $mybb->input['previewpost'] = 0; 797 } 798 else 799 { 800 801 $postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); 802 803 if(isset($postoptions['signature']) && $postoptions['signature'] == 1) 804 { 805 $postoptionschecked['signature'] = " checked=\"checked\""; 806 } 807 808 if(isset($postoptions['disablesmilies']) && $postoptions['disablesmilies'] == 1) 809 { 810 $postoptionschecked['disablesmilies'] = " checked=\"checked\""; 811 } 812 813 $subscription_method = get_subscription_method($tid, $postoptions); 814 ${$subscription_method.'subscribe'} = "checked=\"checked\" "; 815 } 816 } 817 818 if(!empty($mybb->input['previewpost'])) 819 { 820 if(!$post['uid']) 821 { 822 $query = $db->simple_select('posts', 'username, dateline', "pid='{$pid}'"); 823 $postinfo = $db->fetch_array($query); 824 } 825 else 826 { 827 // Figure out the poster's other information. 828 $query = $db->query(" 829 SELECT u.*, f.*, p.dateline 830 FROM ".TABLE_PREFIX."users u 831 LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid) 832 LEFT JOIN ".TABLE_PREFIX."posts p ON (p.uid=u.uid) 833 WHERE u.uid='{$post['uid']}' AND p.pid='{$pid}' 834 LIMIT 1 835 "); 836 $postinfo = $db->fetch_array($query); 837 $postinfo['userusername'] = $postinfo['username']; 838 } 839 840 $query = $db->simple_select("attachments", "*", "pid='{$pid}'"); 841 while($attachment = $db->fetch_array($query)) 842 { 843 $attachcache[0][$attachment['aid']] = $attachment; 844 } 845 846 if(!isset($postoptions['disablesmilies'])) 847 { 848 $postoptions['disablesmilies'] = 0; 849 } 850 851 // Set the values of the post info array. 852 $postinfo['message'] = $previewmessage; 853 $postinfo['subject'] = $previewsubject; 854 $postinfo['icon'] = $post['icon']; 855 $postinfo['smilieoff'] = $postoptions['disablesmilies']; 856 857 $postbit = build_postbit($postinfo, 1); 858 eval("\$preview = \"".$templates->get("previewpost")."\";"); 859 } 860 else if(!$post_errors) 861 { 862 $preview = ''; 863 864 if($post['includesig'] != 0) 865 { 866 $postoptionschecked['signature'] = " checked=\"checked\""; 867 } 868 869 if($post['smilieoff'] == 1) 870 { 871 $postoptionschecked['disablesmilies'] = " checked=\"checked\""; 872 } 873 874 $subscription_method = get_subscription_method($tid, $postoptions); 875 ${$subscription_method.'subscribe'} = "checked=\"checked\" "; 876 } 877 878 // Generate thread prefix selector if this is the first post of the thread 879 if($thread['firstpost'] == $pid) 880 { 881 if(!$mybb->get_input('threadprefix', MyBB::INPUT_INT)) 882 { 883 $mybb->input['threadprefix'] = $thread['prefix']; 884 } 885 886 $prefixselect = build_prefix_select($forum['fid'], $mybb->get_input('threadprefix', MyBB::INPUT_INT), 0, $thread['prefix']); 887 } 888 else 889 { 890 $prefixselect = ""; 891 } 892 893 $editreason = ''; 894 if($mybb->settings['alloweditreason'] == 1) 895 { 896 eval("\$editreason = \"".$templates->get("editpost_reason")."\";"); 897 $bgcolor = "trow2"; 898 $bgcolor2 = "trow1"; 899 } 900 else 901 { 902 $bgcolor = "trow1"; 903 $bgcolor2 = "trow2"; 904 } 905 906 // Fetch subscription select box 907 eval("\$subscriptionmethod = \"".$templates->get("post_subscription_method")."\";"); 908 909 $query = $db->simple_select("posts", "*", "tid='{$tid}'", array("limit" => 1, "order_by" => "dateline, pid")); 910 $firstcheck = $db->fetch_array($query); 911 912 $time = TIME_NOW; 913 if($firstcheck['pid'] == $pid && $forumpermissions['canpostpolls'] != 0 && $thread['poll'] < 1 && (is_moderator($fid, "canmanagepolls") || $thread['dateline'] > ($time-($mybb->settings['polltimelimit']*60*60)) || $mybb->settings['polltimelimit'] == 0)) 914 { 915 $lang->max_options = $lang->sprintf($lang->max_options, $mybb->settings['maxpolloptions']); 916 $numpolloptions = $mybb->get_input('numpolloptions', MyBB::INPUT_INT); 917 $postpollchecked = ''; 918 919 if($numpolloptions < 1) 920 { 921 $numpolloptions = 2; 922 } 923 924 if($mybb->get_input('postpoll', MyBB::INPUT_INT) == 1) 925 { 926 $postpollchecked = 'checked="checked"'; 927 } 928 929 eval("\$pollbox = \"".$templates->get("newthread_postpoll")."\";"); 930 } 931 else 932 { 933 $pollbox = ''; 934 } 935 936 // Hide signature option if no permission 937 $signature = ''; 938 if($mybb->usergroup['canusesig'] == 1 && !$mybb->user['suspendsignature']) 939 { 940 eval("\$signature = \"".$templates->get('editpost_signature')."\";"); 941 } 942 943 // Can we disable smilies or are they disabled already? 944 $disablesmilies = ''; 945 if($forum['allowsmilies'] != 0) 946 { 947 eval("\$disablesmilies = \"".$templates->get("editpost_disablesmilies")."\";"); 948 } 949 950 $postoptions = ''; 951 if(!empty($signature) || !empty($disablesmilies)) 952 { 953 eval("\$postoptions = \"".$templates->get("editpost_postoptions")."\";"); 954 } 955 956 $moderation_notice = ''; 957 if(!is_moderator($forum['fid'], "canapproveunapproveattachs")) 958 { 959 if($forumpermissions['modattachments'] == 1 && $forumpermissions['canpostattachments'] != 0) 960 { 961 $moderation_text = $lang->moderation_forum_attachments; 962 eval('$moderation_notice = "'.$templates->get('global_moderation_notice').'";'); 963 } 964 } 965 966 if(!is_moderator($forum['fid'], "canapproveunapproveposts")) 967 { 968 if($forumpermissions['mod_edit_posts'] == 1) 969 { 970 $moderation_text = $lang->moderation_forum_edits; 971 eval('$moderation_notice = "'.$templates->get('global_moderation_notice').'";'); 972 } 973 } 974 975 $php_max_upload_size = get_php_upload_limit(); 976 $php_max_file_uploads = (int)ini_get('max_file_uploads'); 977 eval("\$post_javascript = \"".$templates->get("post_javascript")."\";"); 978 979 $plugins->run_hooks("editpost_end"); 980 981 $forum['name'] = strip_tags($forum['name']); 982 983 eval("\$editpost = \"".$templates->get("editpost")."\";"); 984 output_page($editpost); 985 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |