# HG changeset patch # User Dan # Date 1192667031 14400 # Node ID 6f8b7c6fac02b4dcd937d68b11297b12739d98ea # Parent 0417a5a0c7be786d85ec8ee15710677109f1ccd5 Let's just say: major progress and still only 20% complete. So many changes I forgot to commit. diff -r 0417a5a0c7be -r 6f8b7c6fac02 decir/bbcode.php --- a/decir/bbcode.php Wed Jun 13 22:33:54 2007 -0400 +++ b/decir/bbcode.php Wed Oct 17 20:23:51 2007 -0400 @@ -12,46 +12,39 @@ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details. */ -function str_replace_once($needle1, $needle2, $haystack) -{ - $len_h = strlen($haystack); - $len_1 = strlen($needle1); - $len_2 = strlen($needle2); - if ( $len_h < $len_1 ) - return $haystack; - if ( $needle1 == $haystack ) - return $needle1; - for ( $i = 0; $i < $len_h; $i++ ) - { - if ( substr($haystack, $i, $len_1) == $needle1 ) - { - $haystack = substr($haystack, 0, $i) . - $needle2 . - substr($haystack, $i + $len_1); - return $haystack; - } - } -} - -function render_bbcode($text, $bbcode_uid) +function render_bbcode($text, $bbcode_uid = false) { // First things first, strip out all [code] sections $text = decir_bbcode_strip_code($text, $bbcode_uid, $_code); + if ( $bbcode_uid ) + $bbcode_uid = ':' . $bbcode_uid; + // Bold text - $text = preg_replace("/\[b:$bbcode_uid\](.*?)\[\/b:$bbcode_uid\]/is", '\\1', $text); + $text = preg_replace("/\[b$bbcode_uid\](.*?)\[\/b$bbcode_uid\]/is", '\\1', $text); // Italicized text - $text = preg_replace("/\[i:$bbcode_uid\](.*?)\[\/i:$bbcode_uid\]/is", '\\1', $text); + $text = preg_replace("/\[i$bbcode_uid\](.*?)\[\/i$bbcode_uid\]/is", '\\1', $text); - // Uunderlined text - $text = preg_replace("/\[u:$bbcode_uid\](.*?)\[\/u:$bbcode_uid\]/is", '\\1', $text); + // Underlined text + $text = preg_replace("/\[u$bbcode_uid\](.*?)\[\/u$bbcode_uid\]/is", '\\1', $text); // Colored text - $text = preg_replace("/\[color=\#([A-F0-9]*){3,6}:$bbcode_uid\](.*?)\[\/color:$bbcode_uid\]/is", '\\2', $text); + $text = preg_replace("/\[color$bbcode_uid=#([A-Fa-f0-9][A-Fa-f0-9][A-Fa-f0-9]([A-Fa-f0-9][A-Fa-f0-9][A-Fa-f0-9])?)\](.*?)\[\/color$bbcode_uid\]/is", '\\3', $text); + + // Size + $text = preg_replace("/\[size$bbcode_uid=([0-4]+(\.[0-9]+)?)\](.*?)\[\/size$bbcode_uid\]/is", '\\3', $text); // Quotes - $text = preg_replace("/\[quote:$bbcode_uid\](.*?)\[\/quote:$bbcode_uid\]/is", '
\\1
', $text); + $text = preg_replace("/\[quote$bbcode_uid=\"?([^]]+?)\"?\](.*?)\[\/quote$bbcode_uid\]/is", '\\1 wrote:
\\2
', $text); + $text = preg_replace("/\[quote$bbcode_uid\](.*?)\[\/quote$bbcode_uid\]/is", '
\\1
', $text); + + // https?:\/\/((([a-z0-9-]+\.)*)[a-z0-9-]+)(\/[A-z0-9_%\|~`!\!@#\$\^&\*\(\):;\.,\/-]*(\?(([a-z0-9_-]+)(=[A-z0-9_%\|~`\!@#\$\^&\*\(\):;\.,\/-\[\]]+)?((&([a-z0-9_-]+)(=[A-z0-9_%\|~`!\!@#\$\^&\*\(\):;\.,\/-]+)?)*))?)?)? + + // Links + // Trial and error. + $regexp = "/\[url$bbcode_uid(=(https?:\/\/((([a-z0-9-]+\.)*)[a-z0-9-]+)(\/[A-z0-9_%\|~`!\!@#\$\^&\*\(\):;\.,\/-]*(\?(([a-z0-9_-]+)(=[A-z0-9_%\|~`\!@#\$\^&\*\(\):;\.,\/-\[\]]+)?((&([a-z0-9_-]+)(=[A-z0-9_%\|~`!\!@#\$\^&\*\(\):;\.,\/-]+)?)*))?)?)?))?\](.*?)\[\/url$bbcode_uid\]/is"; + $text = preg_replace($regexp, '\\15', $text); // Newlines $text = str_replace("\n", "
\n", $text); @@ -60,7 +53,7 @@ $text = decir_bbcode_restore_code($text, $bbcode_uid, $_code); // Code - $text = preg_replace("/\[code:$bbcode_uid\](.*?)\[\/code:$bbcode_uid\]/is", '
\\1
', $text); + $text = preg_replace("/\[code$bbcode_uid\](.*?)\[\/code$bbcode_uid\]/is", '
\\1
', $text); return $text; } @@ -96,3 +89,35 @@ return $bbcode; } +function bbcode_inject_uid($text, &$uid) +{ + $seed = md5( implode('.', explode(' ', microtime)) ); + $uid = substr($seed, 0, 10); + // Bold text + $text = preg_replace("/\[b\](.*?)\[\/b\]/is", "[b:$uid]\\1[/b:$uid]", $text); + + // Italicized text + $text = preg_replace("/\[i\](.*?)\[\/i\]/is", "[i:$uid]\\1[/i:$uid]", $text); + + // Uunderlined text + $text = preg_replace("/\[u\](.*?)\[\/u\]/is", "[u:$uid]\\1[/u:$uid]", $text); + + // Colored text + $text = preg_replace("/\[color=\#([A-Fa-f0-9][A-Fa-f0-9][A-Fa-f0-9]([A-Fa-f0-9][A-Fa-f0-9][A-Fa-f0-9])?)\](.*?)\[\/color\]/is", "[color:$uid=#\\1]\\3[/color:$uid]", $text); + + // Size + $text = preg_replace('/\[size=([0-4]+(\.[0-9]+)?)\](.*?)\[\/size\]/is', "[size:$uid=\\1]\\3[/size:$uid]", $text); + + // Quotes + $text = preg_replace("/\[quote\](.*?)\[\/quote\]/is", "[quote:$uid]\\1[/quote:$uid]", $text); + $text = preg_replace("/\[quote=\"?([^]]+)\"?\](.*?)\[\/quote\]/is", "[quote:$uid=\\1]\\2[/quote:$uid]", $text); + + // Code + $text = preg_replace("/\[code\](.*?)\[\/code\]/is", "[code:$uid]\\1[/code:$uid]", $text); + + // URLs + $text = preg_replace('/\[url(=https?:\/\/([^ ]+))?\](.*?)\[\/url\]/is', "[url:$uid\\1]\\3[/url:$uid]", $text); + + return $text; +} + diff -r 0417a5a0c7be -r 6f8b7c6fac02 decir/common.php --- a/decir/common.php Wed Jun 13 22:33:54 2007 -0400 +++ b/decir/common.php Wed Oct 17 20:23:51 2007 -0400 @@ -21,6 +21,7 @@ } require('constants.php'); +require('functions.php'); $html = ' + + + + + '); + +$template->header(); + +if ( $show_preview ) +{ + echo '
+

Post preview

+

' . $message_render . '

+
'; +} + +?> +
+
+ + + + + + + + + + + + + + + + + + + + + + +
Editing post:
Delete post:
If this is the first post in the thread, the entire thread will be deleted.
Post subject:
Reason for editing:
+ +
+ + + +
+
+
+footer(); + +?> diff -r 0417a5a0c7be -r 6f8b7c6fac02 decir/forum_index.php --- a/decir/forum_index.php Wed Jun 13 22:33:54 2007 -0400 +++ b/decir/forum_index.php Wed Oct 17 20:23:51 2007 -0400 @@ -49,16 +49,24 @@ case FORUM_FORUM: $color = ( $row['user_level'] >= USER_LEVEL_ADMIN ) ? 'AA0000' : ( ( $row['user_level'] >= USER_LEVEL_MOD ) ? '00AA00' : '0000AA' ); // Forum + if ( $row['post_id'] ) + { + $last_post_data = ' + ' . $row['topic_title'] . '
+ ' . date('d M Y h:i a', $row['timestamp']) . '
+ by ' . $row['username'] . ' + '; + } + else + { + $last_post_data = 'No posts'; + } echo '<icon>' . $row['forum_name'] . '
' . $row['forum_desc'].' ' . $row['num_topics'] . ' ' . $row['num_posts'] . ' - - ' . $row['topic_title'] . '
- ' . date('d M Y h:i a', $row['timestamp']) . '
- by ' . $row['username'] . ' - + ' . $last_post_data . ' '; break; @@ -75,7 +83,7 @@ } else { - echo 'This board has no forums.'; + echo 'This board has no forums.'; } if ( $cat_open ) echo ''; diff -r 0417a5a0c7be -r 6f8b7c6fac02 decir/functions.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/decir/functions.php Wed Oct 17 20:23:51 2007 -0400 @@ -0,0 +1,355 @@ +user_id; + $poster_name = ( $session->user_logged_in ) ? $db->escape($session->username) : 'Anonymous'; + $timestamp = time(); + + $post_text = bbcode_inject_uid($post_text, $bbcode_uid); + $post_text = $db->escape($post_text); + + $post_subject = $db->escape($post_subject); + + $q = $db->sql_query('INSERT INTO '.table_prefix."decir_posts(topic_id,poster_id,poster_name,post_subject,timestamp) VALUES($topic_id, $poster_id, '$poster_name', '$post_subject', $timestamp);"); + if ( !$q ) + $db->_die('Decir functions.php in decir_submit_post()'); + + $post_id = $db->insert_id(); + $q = $db->sql_query('INSERT INTO '.table_prefix."decir_posts_text(post_id, post_text, bbcode_uid) VALUES($post_id, '$post_text', '$bbcode_uid');"); + if ( !$q ) + $db->_die('Decir functions.php in decir_submit_post()'); + + return true; +} + +/** + * Registers a new topic. Does not perform any type of authorization checks at all. + * @param int Forum ID + * @param string Post subject + * @param string Post text + * @param reference Will be set to the new topic ID + */ + +function decir_submit_topic($forum_id, $post_subject, $post_text, &$topic_id = false, &$post_id = false) +{ + global $db, $session, $paths, $template, $plugins; // Common objects + + if ( !is_int($forum_id) ) + return false; + + $poster_id = $session->user_id; + $timestamp = time(); + + $topic_subject = $db->escape($post_subject); + + $q = $db->sql_query('INSERT INTO ' . table_prefix . "decir_topics(forum_id, topic_title, topic_starter, timestamp) VALUES( $forum_id, '$topic_subject', $poster_id, $timestamp );"); + if ( !$q ) + $db->_die('Decir functions.php in decir_submit_topic()'); + $topic_id = $db->insert_id(); + + // Submit the post + $postsub = decir_submit_post($topic_id, $post_subject, $post_text, $post_id); + + if ( !$postsub ) + return false; + + // Update "last post" + $q = $db->sql_query('UPDATE '.table_prefix."decir_topics SET last_post=$post_id WHERE topic_id=$topic_id;"); + if ( !$q ) + $db->_die('Decir functions.php in decir_submit_topic()'); + + return true; +} + +/** + * Modifies a post's text. Does not perform any type of authorization checks at all. + * @param int Post ID + * @param string Post subject + * @param string Post text + * @param string Reason for editing + */ + +function decir_edit_post($post_id, $subject, $message, $reason) +{ + global $db, $session, $paths, $template, $plugins; // Common objects + + if ( !is_int($post_id) ) + return false; + + $last_edited_by = $session->user_id; + $edit_reason = $db->escape($reason); + $post_subject = $db->escape($subject); + $post_text = bbcode_inject_uid($message, $bbcode_uid); + $post_text = $db->escape($post_text); + + $q = $db->sql_query('UPDATE '.table_prefix."decir_posts SET edit_count = edit_count + 1, edit_reason='$edit_reason', post_subject='$post_subject', last_edited_by=$last_edited_by WHERE post_id=$post_id;"); + if ( !$q ) + $db->_die('Decir functions.php in decir_edit_post()'); + + $q = $db->sql_query('UPDATE '.table_prefix."decir_posts_text SET post_text='$post_text' WHERE post_id=$post_id;"); + if ( !$q ) + $db->_die('Decir functions.php in decir_edit_post()'); + + return true; +} + +/** + * Deletes a post, or a topic if the post is the first topic in the thread. Does not perform any type of authorization checks at all. + * @param int Post id + * @param string Reason for deletion + * @param bool If true, removes the post physically from the database instead of "soft" deleting it + */ + +function decir_delete_post($post_id, $del_reason, $for_real = false) +{ + global $db, $session, $paths, $template, $plugins; // Common objects + + if ( !is_int($post_id) ) + return false; + + // Is this the first post in the thread? + $q = $db->sql_query('SELECT topic_id FROM '.table_prefix."decir_posts WHERE post_id = $post_id;"); + if ( !$q ) + $db->_die('Decir functions.php in decir_delete_post()'); + if ( $db->numrows() < 1 ) + // Post doesn't exist + return false; + $row = $db->fetchrow(); + $db->free_result(); + + $topic_id = intval($row['topic_id']); + + // while we're at it, also get the forum id + $q = $db->sql_query('SELECT p.post_id, t.forum_id FROM '.table_prefix."decir_posts AS p + LEFT JOIN ".table_prefix."decir_topics AS t + ON ( t.topic_id = p.topic_id ) + WHERE p.topic_id = $topic_id ORDER BY p.timestamp ASC LIMIT 1;"); + if ( !$q ) + $db->_die('Decir functions.php in decir_delete_post()'); + $row = $db->fetchrow(); + $db->free_result(); + + $forum_id = intval($row['forum_id']); + + if ( $row['post_id'] == $post_id ) + { + // first post in the thread + return decir_delete_topic($topic_id, $del_reason); + } + + $del_reason = $db->escape($del_reason); + + if ( $for_real ) + { + $q = $db->sql_query('DELETE FROM '.table_prefix."decir_posts_text WHERE post_id = $post_id;"); + if ( !$q ) + $db->_die('Decir functions.php in decir_delete_post()'); + $q = $db->sql_query('DELETE FROM '.table_prefix."decir_posts WHERE post_id = $post_id;"); + if ( !$q ) + $db->_die('Decir functions.php in decir_delete_post()'); + } + else + { + // Delete the post + $q = $db->sql_query('UPDATE '.table_prefix."decir_posts SET post_deleted = 1, last_edited_by = $session->user_id, edit_reason = '$del_reason' WHERE post_id = $post_id;"); + if ( !$q ) + $db->_die('Decir functions.php in decir_delete_post()'); + } + + // update forum stats + $q = $db->sql_query('UPDATE '.table_prefix."decir_forums SET num_posts = num_posts - 1 WHERE forum_id = $forum_id;"); + if ( !$q ) + $db->_die('Decir functions.php in decir_delete_post()'); + + // update last post and topic + decir_update_forum_stats($forum_id); + + return true; +} + +/** + * Deletes a topic. Does not perform any type of authorization checks at all. + * @param int Topic ID + * @param string Reason for deleting the topic + * @param bool If true, physically removes the topic from the database; else, just turns on the delete switch + */ + +function decir_delete_topic($topic_id, $del_reason, $unlink = false) +{ + global $db, $session, $paths, $template, $plugins; // Common objects + + if ( !is_int($topic_id) ) + return false; + + // Obtain a list of posts in the topic + $q = $db->sql_query('SELECT post_id FROM '.table_prefix.'decir_posts WHERE topic_id = ' . $topic_id . ';'); + if ( !$q ) + $db->_die('Decir functions.php in decir_delete_topic()'); + if ( $db->numrows() < 1 ) + return false; + $posts = array(); + while ( $row = $db->fetchrow() ) + { + $posts[] = $row['post_id']; + } + + // Obtain forum ID + $q = $db->sql_query('SELECT forum_id FROM '.table_prefix."decir_topics WHERE topic_id = $topic_id;"); + if ( !$q ) + $db->_die('Decir functions.php in decir_delete_topic()'); + list($forum_id) = $db->fetchrow_num(); + $db->free_result(); + + // Perform delete + if ( $unlink ) + { + // Remove all posts from the database + $post_list = implode(' OR post_id=', $posts); + $q = $db->sql_query('DELETE FROM '.table_prefix."decir_posts_text WHERE $post_list;"); + if ( !$q ) + $db->_die('Decir functions.php in decir_delete_topic()'); + $q = $db->sql_query('DELETE FROM '.table_prefix."decir_posts WHERE $post_list;"); + if ( !$q ) + $db->_die('Decir functions.php in decir_delete_topic()'); + // Remove the topic itself + $q = $db->sql_query('DELETE FROM '.table_prefix."decir_topics WHERE topic_id = $topic_id;"); + if ( !$q ) + $db->_die('Decir functions.php in decir_delete_topic()'); + } + else + { + $reason = $db->escape($del_reason); + $topic_deletor = $session->user_id; + $q = $db->sql_query('UPDATE ' . table_prefix . "decir_topics SET topic_deleted = 1, topic_deletor = $topic_deletor, topic_delete_reason = '$reason' WHERE topic_id = $topic_id;"); + } + + // Update forum stats + $post_count = count($posts); + $q = $db->sql_query('UPDATE '.table_prefix."decir_forums SET num_topics = num_topics - 1, num_posts = num_posts - $post_count WHERE forum_id = $forum_id;"); + if ( !$q ) + $db->_die('Decir functions.php in decir_delete_topic()'); + decir_update_forum_stats($forum_id); + + return true; +} + +/** + * Updates the last post information for the specified forum. + * @param int Forum ID + */ + +function decir_update_forum_stats($forum_id) +{ + global $db, $session, $paths, $template, $plugins; // Common objects + + if ( !is_int($forum_id) ) + return false; + + $sql = 'SELECT p.post_id, p.poster_id, p.topic_id FROM ' . table_prefix . "decir_posts AS p + LEFT JOIN ".table_prefix."decir_topics AS t + ON ( t.topic_id = p.topic_id ) + WHERE t.forum_id = $forum_id + AND p.post_deleted != 1 + ORDER BY p.timestamp DESC + LIMIT 1;"; + $q = $db->sql_query($sql); + if ( !$q ) + $db->_die('Decir functions.php in decir_update_forum_stats()'); + + if ( $db->numrows() < 1 ) + { + $last_post_id = 'NULL'; + $last_post_topic = 'NULL'; + $last_post_user = 'NULL'; + } + else + { + $row = $db->fetchrow(); + $last_post_id = intval($row['post_id']); + $last_post_topic = intval($row['topic_id']); + $last_post_user = intval($row['poster_id']); + } + $db->free_result(); + + $sql = 'UPDATE ' . table_prefix . "decir_forums SET last_post_id = $last_post_id, last_post_topic = $last_post_topic, + last_post_user = $last_post_user WHERE forum_id = $forum_id;"; + if ( $db->sql_query($sql) ) + return true; + else + $db->_die('Decir functions.php in decir_update_forum_stats()'); +} + +/** + * Un-deletes a post so that the public can see it. + * @param int Post ID + */ + +function decir_restore_post($post_id) +{ + global $db, $session, $paths, $template, $plugins; // Common objects + + if ( !is_int($post_id) ) + return false; + + $q = $db->sql_query('UPDATE ' . table_prefix . "decir_posts SET post_deleted = 0, edit_count = 0, last_edited_by = NULL, edit_reason = '' WHERE post_id = $post_id AND post_deleted = 1;"); + if ( !$q ) + $db->_die('Decir functions.php in decir_restore_post()'); + + if ( $db->sql_affectedrows() > 0 ) + { + // get forum id + $q = $db->sql_query('SELECT t.forum_id FROM '.table_prefix."decir_posts AS p + LEFT JOIN ".table_prefix."decir_topics AS t + ON ( p.topic_id = t.topic_id ) + WHERE p.post_id = $post_id;"); + if ( !$q ) + $db->_die('Decir functions.php in decir_restore_post()'); + $row = $db->fetchrow(); + $db->free_result(); + $forum_id = intval($row['forum_id']); + // Update forum stats + $q = $db->sql_query('UPDATE ' . table_prefix . "decir_forums SET num_posts = num_posts + 1 WHERE forum_id = $forum_id;"); + if ( !$q ) + $db->_die('Decir functions.php in decir_restore_post()'); + decir_update_forum_stats($forum_id); + return true; + } + return false; +} + +?> diff -r 0417a5a0c7be -r 6f8b7c6fac02 decir/install.sql --- a/decir/install.sql Wed Jun 13 22:33:54 2007 -0400 +++ b/decir/install.sql Wed Oct 17 20:23:51 2007 -0400 @@ -23,6 +23,9 @@ topic_locked tinyint(1) unsigned NOT NULL DEFAULT 0, topic_moved tinyint(1) unsigned NOT NULL DEFAULT 0, timestamp int(11) unsigned NOT NULL, + topic_deleted tinyint(1) NOT NULL DEFAULT 0, + topic_deletor int(12) DEFAULT NULL, + topic_delete_reason varchar(255) DEFAULT NULL, PRIMARY KEY ( topic_id ) ); CREATE TABLE decir_posts( @@ -30,10 +33,12 @@ topic_id bigint(15) unsigned NOT NULL, poster_id int(12) unsigned NOT NULL, poster_name varchar(255) NOT NULL, + post_subject varchar(255) NOT NULL DEFAULT '', timestamp int(11) unsigned NOT NULL, last_edited_by int(12) unsigned DEFAULT NULL, - edit_count int(5) unsigned, + edit_count int(5) unsigned NOT NULL DEFAULT 0, edit_reason varchar(255), + post_deleted tinyint(1) NOT NULL DEFAULT 0, PRIMARY KEY ( post_id ) ); CREATE TABLE decir_posts_text( diff -r 0417a5a0c7be -r 6f8b7c6fac02 decir/js/bbcedit.js --- a/decir/js/bbcedit.js Wed Jun 13 22:33:54 2007 -0400 +++ b/decir/js/bbcedit.js Wed Oct 17 20:23:51 2007 -0400 @@ -10,15 +10,6 @@ var is_opera_seven = (window.opera && document.childNodes); } -var $_GET=new Object(); -var aParams=document.location.search.substr(1).split('&'); -for ( i = 0; i < aParams.length; i++ ) { - var aParam=aParams[i].split('='); - var sParamName=aParam[0]; - var sParamValue=aParam[1]; - $_GET[sParamName]=sParamValue; -} - // List of BBcode buttons var buttons = [ @@ -65,6 +56,20 @@ 'start' : '[quote]', 'end' : '[/quote]', 'desc' : 'Quote' + }, + { + 'start' : '[url]', + 'end' : '[/url]', + 'custom':true, + 'func' : function() { openUrlInput(this); }, + 'desc' : 'URL' + }, + { + 'start' : '[[', + 'end' : ']]', + 'custom':true, + 'func' : function() { openWikilinkInput(this); }, + 'desc' : 'Wikilink' } ]; @@ -148,8 +153,6 @@ fl.appendChild(lb); var used = []; - var scriptPath = ''; // REMOVE FOR ENANO IMPLEMENTATION! - var frm = document.createElement('form'); frm.action='javascript:void(0)'; frm.onsubmit = function(){return false;}; @@ -159,6 +162,7 @@ tbl.cellspacing = '0'; tbl.cellpadding = '0'; tbl.width = '100%'; + tbl.style.backgroundColor = 'transparent'; var tr = document.createElement('tr'); var tick = -1; @@ -422,6 +426,56 @@ } // +// URL INPUT +// + +function openUrlInput(button) +{ + var url = prompt('Please enter the URL to the page you want to link to:', 'http://'); + if ( url == '' || url == 'http://' || !url ) + return false; + + var start = '[url]'; + var inner = url; + var end = '[/url]'; + + var text = prompt('Please enter some text to be displayed as the link (optional):'); + if ( text != '' && ! (!text) ) + { + start = '[url=' + url + ']'; + inner = text; + end = '[/url]'; + } + + formatBBCode(button, start, end, inner); +} + +// +// WIKILINK INPUT +// + +function openWikilinkInput(button) +{ + var url = prompt('Please enter the title of the page to link to:', ''); + if ( url == '' || !url ) + return false; + + var start = '[['; + var inner = url; + var end = ']]'; + + var text = prompt('Please enter some text to be displayed as the link (optional):'); + if ( text != '' && ! (!text) ) + { + start = '[[' + url + '|'; + inner = text; + end = ']]'; + } + + formatBBCode(button, start, end, inner); +} + +// // HTML RENDERER // @@ -531,19 +585,22 @@ el = parent.getElementsByTagName(type); for ( var i in el ) { - if(el[i].className) + if(el[i]) { - if(el[i].className.indexOf(' ') > 0) + if(el[i].className) { - classes = el[i].className.split(' '); + if(el[i].className.indexOf(' ') > 0) + { + classes = el[i].className.split(' '); + } + else + { + classes = new Array(); + classes.push(el[i].className); + } + if ( in_array(cls, classes) ) + ret.push(el[i]); } - else - { - classes = new Array(); - classes.push(el[i].className); - } - if ( in_array(cls, classes) ) - ret.push(el[i]); } } return ret; diff -r 0417a5a0c7be -r 6f8b7c6fac02 decir/posting.php --- a/decir/posting.php Wed Jun 13 22:33:54 2007 -0400 +++ b/decir/posting.php Wed Oct 17 20:23:51 2007 -0400 @@ -60,12 +60,15 @@ } else if ( isset($_POST['do']['post']) ) { + $errors = Array(); + // Decrypt authorization array $parms = $aes->decrypt($_POST['authorization'], $session->private_key, ENC_HEX); + if ( !$parms ) + $errors[] = 'Could not decrypt authorization key.'; $parms = unserialize($parms); // Perform a little input validation - $errors = Array(); if ( empty($_POST['post_text']) ) $errors[] = 'Please enter a post.'; if ( empty($_POST['subject']) && $parms['mode'] == 'topic' ) @@ -74,14 +77,47 @@ if ( !$parms['authorized'] ) $errors[] = 'Invalid authorization key'; - if ( sizeof($errors) > 0 ) + if ( sizeof($errors) < 1 ) { // Collect other options // Submit post - decir_submit_post(); + if ( $parms['mode'] == 'reply' || $parms['mode'] == 'quote' ) + { + $result = decir_submit_post($parms['topic_in'], $_POST['subject'], $_POST['post_text'], $post_id); + if ( $result ) + { + // update forum stats + $user = $db->escape($session->username); + $q = $db->sql_query('UPDATE '.table_prefix."decir_forums SET num_posts = num_posts+1, last_post_id = $post_id, last_post_topic = {$parms['topic_in']}, last_post_user = $session->user_id WHERE forum_id={$parms['forum_in']};"); + if ( !$q ) + { + $db->_die('Decir posting.php under Submit post [reply]'); + } + $url = makeUrlNS('Special', 'Forum/Topic/' . $parms['topic_in'], false, true); + redirect($url, 'Post submitted', 'Your post has been submitted successfully.', 4); + } + } + else if ( $parms['mode'] == 'topic' ) + { + $result = decir_submit_topic($parms['forum_id'], $_POST['subject'], $_POST['post_text'], $topic_id, $post_id); + if ( $result ) + { + // update forum stats + $q = $db->sql_query('UPDATE '.table_prefix."decir_forums SET num_posts = num_posts+1, num_topics = num_topics+1, last_post_id = $post_id, last_post_topic = $topic_id, last_post_user = $session->user_id WHERE forum_id={$parms['forum_id']};"); + if ( !$q ) + { + $db->_die('Decir posting.php under Submit post [topic]'); + } + $url = makeUrlNS('Special', 'Forum/Topic/' . $topic_id, false, true); + redirect($url, 'Post submitted', 'Your post has been submitted successfully.', 4); + } + } return; } + $mode = 'already_taken_care_of'; + $parms2 = $parms; + $parms = htmlspecialchars($_POST['authorization']); } } @@ -90,6 +126,7 @@ if ( $mode == 'reply' ) { $message = ''; + $subject = ''; // Validate topic ID $topic_id = intval($paths->getParam(2)); if ( empty($topic_id) ) @@ -108,7 +145,7 @@ die_friendly('Error', '

Invalid post ID

'); // Get post text and topic ID - $q = $db->sql_query('SELECT p.topic_id,t.post_text,t.bbcode_uid,p.poster_name FROM '.table_prefix.'decir_posts AS p + $q = $db->sql_query('SELECT p.topic_id,t.post_text,t.bbcode_uid,p.poster_name,p.post_subject FROM '.table_prefix.'decir_posts AS p LEFT JOIN '.table_prefix.'decir_posts_text AS t ON ( p.post_id = t.post_id ) WHERE p.post_id=' . $post_id . ';'); @@ -123,6 +160,7 @@ $db->free_result(); $message = '[quote="' . $row['poster_name'] . '"]' . bbcode_strip_uid( $row['post_text'], $row['bbcode_uid'] ) . '[/quote]'; + $subject = 'Re: ' . htmlspecialchars($row['post_subject']); $quote_poster = $row['poster_name']; $topic_id = intval($row['topic_id']); @@ -139,8 +177,8 @@ $row = $db->fetchrow(); $db->free_result(); - $forum_perms = $session->fetch_page_acl('DecirForum', $row['forum_id']); - $topic_perms = $session->fetch_page_acl('DecirTopic', $row['topic_id']); + $forum_perms = $session->fetch_page_acl($row['forum_id'], 'DecirForum'); + $topic_perms = $session->fetch_page_acl($row['topic_id'], 'DecirTopic'); if ( !$forum_perms->get_permissions('decir_see_forum') ) die_friendly('Error', '

The forum you requested does not exist.

'); @@ -166,6 +204,7 @@ else if ( $mode == 'topic' ) { $message = ''; + $subject = ''; // Validate topic ID $forum_id = intval($paths->getParam(2)); if ( empty($forum_id) ) @@ -173,7 +212,7 @@ $title = 'Post new topic'; // Topic ID is good, verify topic status - $q = $db->sql_query('SELECT forum_id FROM '.table_prefix.'decir_forums WHERE forum_id=' . $forum_id . ';'); + $q = $db->sql_query('SELECT forum_id, forum_name FROM '.table_prefix.'decir_forums WHERE forum_id=' . $forum_id . ';'); if ( !$q ) $db->_die(); @@ -184,14 +223,14 @@ $row = $db->fetchrow(); $db->free_result(); - $forum_perms = $session->fetch_page_acl('DecirForum', $row['forum_id']); + $forum_perms = $session->fetch_page_acl($row['forum_id'], 'DecirForum'); if ( !$forum_perms->get_permissions('decir_see_forum') ) die_friendly('Error', '

The forum you requested does not exist.

'); $parms = Array( 'mode' => $mode, - 'forum_in' => $forum_in, + 'forum_id' => $forum_id, 'timestamp' => time(), 'authorized' => true ); @@ -203,7 +242,7 @@ else if ( $mode == 'already_taken_care_of' ) { $mode = $parms2['mode']; - $title = ( $mode == 'topic' ) ? 'Post new topic' : ( $mode == 'reply' ) ? 'Reply to topic' : ( $mode == 'quote' ) ? 'Reply to topic with quote' : 'Duh...'; + $title = ( $mode == 'topic' ) ? 'Post new topic' : ( ( $mode == 'reply' ) ? 'Reply to topic' : ( $mode == 'quote' ) ? 'Reply to topic with quote' : 'Duh...' ); } else { @@ -221,17 +260,43 @@ $template->header(); +if ( isset($errors) ) +{ + echo '
+ Your post could not be submitted. + +
'; +} + if ( $do_preview ) { - echo 'Doing preview'; + $message = $_POST['post_text']; + $subject = htmlspecialchars($_POST['subject']); + $message_render = render_bbcode($message); + $message_render = RenderMan::smilieyize($message_render); + echo '
+

Post preview

+

' . $message_render . '

+
'; } $url = makeUrlNS('Special', 'Forum/New', 'act=post', true); echo '
'; +echo '
+ '; +echo ''; +echo ''; +echo ' + + '; +echo ''; +echo '
Post subject:
'; echo ''; -echo ''; -echo '
 
'; +echo '
'; +echo ' 
'; echo '
'; $template->footer(); diff -r 0417a5a0c7be -r 6f8b7c6fac02 decir/viewforum.php --- a/decir/viewforum.php Wed Jun 13 22:33:54 2007 -0400 +++ b/decir/viewforum.php Wed Oct 17 20:23:51 2007 -0400 @@ -35,19 +35,22 @@ $sort_column = ( isset($_GET['sort_column']) && in_array($_GET['sort_column'], array('t.timestamp', 't.topic_title')) ) ? $_GET['sort_column'] : 't.timestamp'; $sort_dir = ( isset($_GET['sort_dir']) && in_array($_GET['sort_dir'], array('ASC', 'DESC')) ) ? $_GET['sort_dir'] : 'DESC'; -$q = $db->sql_query('SELECT t.topic_id,t.topic_title,t.topic_type,t.topic_icon,COUNT(p.post_id)-1 AS num_replies, +$q = $db->sql_query('SELECT t.topic_id,t.topic_title,t.topic_type,t.topic_icon, COUNT(h.hit_id) AS num_views,t.topic_starter AS starter_id, u.username AS topic_starter, - p.poster_name AS last_post_name, p.timestamp AS last_post_time + p.poster_name AS last_post_name, p.timestamp AS last_post_time, t.topic_deleted, u2.username AS deletor, + t.topic_delete_reason FROM '.table_prefix.'decir_topics AS t LEFT JOIN '.table_prefix.'decir_posts AS p - ON (t.last_post=p.post_id) + ON (t.topic_id = p.topic_id) LEFT JOIN '.table_prefix.'decir_hits AS h ON (t.topic_id=h.topic_id) LEFT JOIN '.table_prefix.'users AS u ON (u.user_id=t.topic_starter) + LEFT JOIN '.table_prefix.'users AS u2 + ON (u2.user_id = t.topic_deletor OR t.topic_deletor IS NULL) WHERE t.forum_id='.$fid.' - GROUP BY t.topic_id - ORDER BY '.$sort_column.' '.$sort_dir.';'); + GROUP BY p.post_id + ORDER BY '.$sort_column.' '.$sort_dir.', p.timestamp DESC;'); if(!$q) $db->_die(); @@ -64,22 +67,61 @@ if ( $row = $db->fetchrow() ) { + $last_row = $row; + $i = 0; + $num_replies = -1; do { - echo ' - - - ' . $row['topic_title'] . ' - ' . $row['topic_starter'] . ' - ' . $row['num_replies'] . ' - ' . $row['num_views'] . ' - ' . date('d M Y h:i a', $row['last_post_time']) . '
by '.$row['last_post_name'].' - '; + $i++; + if ( $last_row['topic_id'] != $row['topic_id'] || $i == $db->numrows() ) + { + if ( $last_row['topic_deleted'] == 1 ) + { + $thread_link = ''; + // FIXME: This will be controlled by an ACL rule + if ( $session->user_level >= USER_LEVEL_MOD ) + { + $thread_link = '' . $last_row['topic_title'] . ''; + } + echo ' + + + ' . $thread_link . ' + Thread deleted by ' . htmlspecialchars($row['deletor']) . '
Reason: ' . htmlspecialchars($row['topic_delete_reason']) . ' + '; + } + else + { + echo ' + + + ' . $last_row['topic_title'] . ' + ' . $last_row['topic_starter'] . ' + ' . $num_replies . ' + ' . $last_row['num_views'] . ' + ' . date('d M Y h:i a', $last_row['last_post_time']) . '
by '.$last_row['last_post_name'].' + '; + } + $num_replies = 0; + } + $num_replies++; + $last_row = $row; } while ( $row = $db->fetchrow() ); } +else +{ + echo ' + There are no topics in this forum. + '; +} echo ''; +if ( $perms->get_permissions('decir_post') ) +{ + echo '

Post new topic

'; +} + $template->footer(); ?> diff -r 0417a5a0c7be -r 6f8b7c6fac02 decir/viewtopic.php --- a/decir/viewtopic.php Wed Jun 13 22:33:54 2007 -0400 +++ b/decir/viewtopic.php Wed Oct 17 20:23:51 2007 -0400 @@ -11,7 +11,7 @@ * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details. */ - + require('common.php'); require('bbcode.php'); @@ -36,6 +36,8 @@ $db->_die(); $row = $db->fetchrow(); + $tid = intval($row['topic_id']); + $db->free_result(); } else { @@ -73,15 +75,59 @@
+ + + + + + + - +
+ This post was deleted by {LAST_EDITED_BY}.
+ Reason: {EDIT_REASON} + +
+
+ The deleted post is shown below: + + 		+ {USER_LINK} +
Posted: {TIMESTAMP}
- {POST_TEXT} + + + + + + + + + + + + + + + + +
+ {POST_TEXT} +
+ + Last edited by {LAST_EDITED_BY}; edited {EDIT_COUNT} time{EDIT_COUNT_S} in total
+ Reason: {EDIT_REASON} + + 		+ edit | delete | + quote +
+ + restore post | physically delete +
-
+
{USER_LINK}
TPLCODE; -$sql = 'SELECT p.post_id,p.poster_name,p.poster_id,u.username,p.timestamp,u.user_level,u.reg_time,t.post_text,t.bbcode_uid FROM '.table_prefix.'decir_posts AS p +$sql = 'SELECT p.post_id,p.poster_name,p.poster_id,u.username,p.timestamp,p.edit_count,p.last_edited_by,p.post_deleted,u2.username AS editor,p.edit_reason,u.user_level,u.reg_time,t.post_text,t.bbcode_uid FROM '.table_prefix.'decir_posts AS p LEFT JOIN '.table_prefix.'users AS u - ON u.user_id=poster_id + ON u.user_id=p.poster_id + LEFT JOIN '.table_prefix.'users AS u2 + ON (u2.user_id=p.last_edited_by OR p.last_edited_by IS NULL) LEFT JOIN '.table_prefix.'decir_posts_text AS t ON p.post_id=t.post_id WHERE p.topic_id='.$tid.' + GROUP BY p.post_id ORDER BY p.timestamp ASC;'; $q = $db->sql_query($sql); @@ -134,6 +184,7 @@ $poster_name = ( $row['poster_id'] == 1 ) ? $row['poster_name'] : $row['username']; $datetime = date('F d, Y h:i a', $row['timestamp']); $post_text = render_bbcode($row['post_text'], $row['bbcode_uid']); + $post_text = RenderMan::smilieyize($post_text); $regtime = date('F Y', $row['reg_time']); $user_color = '#0000AA'; @@ -150,7 +201,10 @@ { $user_link = ''.$poster_name.''; } - $quote_link = makeUrlNS('Special', 'Forum/New/Quote/' . $row['post_id'], false, true); + $quote_link = makeUrlNS('Special', 'Forum/New/Quote/' . $row['post_id'], false, true); + $edit_link = makeUrlNS('Special', 'Forum/Edit/' . $row['post_id'], false, true); + $delete_link = makeUrlNS('Special', 'Forum/Delete/' . $row['post_id'], false, true); + $restore_link = makeUrlNS('Special', 'Forum/Delete/' . $row['post_id'], 'act=restore', true); $user_title = 'Anonymous user'; switch ( $row['user_level'] ) { @@ -159,6 +213,13 @@ case USER_LEVEL_MEMBER:$user_title = 'Member'; break; case USER_LEVEL_GUEST: $user_title = 'Guest'; break; } + $leb_link = ''; + if ( $row['editor'] ) + { + $userpage_url = makeUrlNS('User', sanitize_page_id($row['editor']), false, true); + $row['editor'] = htmlspecialchars($row['editor']); + $leb_link = "{$row['editor']}"; + } $parser->assign_vars(Array( 'POST_ID' => (string)$row['post_id'], 'USERNAME' => $poster_name, @@ -167,10 +228,17 @@ 'TIMESTAMP' => $datetime, 'POST_TEXT' => $post_text, 'USER_TITLE' => $user_title, - 'QUOTE_LINK' => $quote_link + 'QUOTE_LINK' => $quote_link, + 'EDIT_LINK' => $edit_link, + 'DELETE_LINK' => $delete_link, + 'RESTORE_LINK' => $restore_link, + 'EDIT_COUNT' => $row['edit_count'], + 'EDIT_COUNT_S' => ( $row['edit_count'] == 1 ? '' : 's' ), + 'LAST_EDITED_BY' => $leb_link, + 'EDIT_REASON' => htmlspecialchars($row['edit_reason']) )); // Decir can integrate with the Who's Online plugin - $who_support = $plugins->loaded('WhosOnline'); + $who_support = $plugins->loaded('WhosOnline') && $row['user_level'] >= USER_LEVEL_GUEST; $user_online = false; if ( $who_support && in_array($row['username'], $whos_online['users']) ) { @@ -182,7 +250,11 @@ } $parser->assign_bool(Array( 'whos_online_support' => $who_support, - 'user_is_online' => $user_online + 'user_is_online' => $user_online, + 'post_edited' => ( $row['edit_count'] > 0 ), + 'post_deleted' => ( $row['post_deleted'] == 1 ), + // FIXME: This should check something on ACLs + 'show_post' => ( $row['post_deleted'] != 1 || $session->user_level >= USER_LEVEL_MOD ) )); echo $parser->run(); } @@ -194,8 +266,8 @@ $can_post_replies = false; $can_post_topics = false; - $forum_perms = $session->fetch_page_acl('DecirForum', $forum_id); - $topic_perms = $session->fetch_page_acl('DecirTopic', $topic_id); + $forum_perms = $session->fetch_page_acl($forum_id, 'DecirForum'); + $topic_perms = $session->fetch_page_acl($topic_id, 'DecirTopic'); if ( $forum_perms->get_permissions('decir_post') ) $can_post_topics = true; @@ -219,5 +291,9 @@ echo '

'; } +// log the hit +$time = time(); +$q = $db->sql_query('INSERT INTO '.table_prefix."decir_hits(user_id, topic_id, timestamp) VALUES($session->user_id, $tid, $time);"); + $template->footer(); diff -r 0417a5a0c7be -r 6f8b7c6fac02 plugins/Decir.php --- a/plugins/Decir.php Wed Jun 13 22:33:54 2007 -0400 +++ b/plugins/Decir.php Wed Oct 17 20:23:51 2007 -0400 @@ -36,14 +36,16 @@ function decir_early_init(&$paths, &$session) { $paths->addAdminNode('Decir forum configuration', 'General settings', 'DecirGeneral'); - $paths->nslist['DecirForum'] = $paths->nslist['Special'] . 'Forum/ViewForum/'; - $paths->nslist['DecirPost'] = $paths->nslist['Special'] . 'Forum/Post/'; - $paths->nslist['DecirTopic'] = $paths->nslist['Special'] . 'Forum/Topic/'; + $paths->create_namespace('DecirForum', $paths->nslist['Special'] . 'Forum/ViewForum/'); + $paths->create_namespace('DecirPost', $paths->nslist['Special'] . 'Forum/Post/'); + $paths->create_namespace('DecirTopic', $paths->nslist['Special'] . 'Forum/Topic/'); $session->register_acl_type('decir_see_forum', AUTH_ALLOW, 'See forum in index', Array('read'), 'DecirForum'); $session->register_acl_type('decir_view_forum', AUTH_ALLOW, 'View forum', Array('decir_see_forum'), 'DecirForum'); $session->register_acl_type('decir_post', AUTH_ALLOW, 'Post new topics', Array('decir_view_forum'), 'DecirForum'); $session->register_acl_type('decir_reply', AUTH_ALLOW, 'Reply to topics', Array('decir_post'), 'DecirTopic'); + $session->register_acl_type('decir_edit_own', AUTH_ALLOW, 'Edit own posts', Array('decir_post'), 'DecirPost'); + $session->register_acl_type('decir_edit_other', AUTH_DISALLOW, 'Edit others\' posts', Array('decir_post'), 'DecirPost'); } function page_Special_Forum() @@ -53,6 +55,7 @@ if ( getConfig('decir_version') != ENANO_DECIR_VERSION || isset($_POST['do_install_finish']) ) { require(DECIR_ROOT . '/install.php'); + return false; } $act = strtolower( ( $n = $paths->getParam(0) ) ? $n : 'Index' ); @@ -77,6 +80,12 @@ case 'new': require('posting.php'); break; + case 'edit': + require('edit.php'); + break; + case 'delete': + require('delete.php'); + break; } chdir($curdir); @@ -85,7 +94,13 @@ function page_Admin_DecirGeneral() { - global $db, $session, $paths, $template, $plugins; if($session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN) { header('Location: '.makeUrl($paths->nslist['Special'].'Administration'.urlSeparator.'noheaders')); die('Hacking attempt'); } + global $db, $session, $paths, $template, $plugins; // Common objects + if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) + { + echo '

Error: Not authenticated

It looks like your administration session is invalid or you are not authorized to access this administration page. Please re-authenticate to continue.

'; + return; + } + echo 'Hello world!'; }