|
1 <?php |
|
2 /*********************************************************************** |
|
3 |
|
4 Copyright (C) 2002-2008 PunBB.org |
|
5 |
|
6 This file is part of PunBB. |
|
7 |
|
8 PunBB is free software; you can redistribute it and/or modify it |
|
9 under the terms of the GNU General Public License as published |
|
10 by the Free Software Foundation; either version 2 of the License, |
|
11 or (at your option) any later version. |
|
12 |
|
13 PunBB is distributed in the hope that it will be useful, but |
|
14 WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 GNU General Public License for more details. |
|
17 |
|
18 You should have received a copy of the GNU General Public License |
|
19 along with this program; if not, write to the Free Software |
|
20 Foundation, Inc., 59 Temple Place, Suite 330, Boston, |
|
21 MA 02111-1307 USA |
|
22 |
|
23 ************************************************************************/ |
|
24 |
|
25 |
|
26 // if (!defined('PUN_ROOT')) |
|
27 // define('PUN_ROOT', './'); |
|
28 // require PUN_ROOT.'include/common.php'; |
|
29 |
|
30 // import globals (I really hope this isn't dangerous) |
|
31 foreach ( $GLOBALS as $key => $_ ) |
|
32 { |
|
33 $$key =& $GLOBALS[$key]; |
|
34 } |
|
35 |
|
36 ($hook = get_hook('ed_start')) ? eval($hook) : null; |
|
37 |
|
38 if ($pun_user['g_read_board'] == '0') |
|
39 message($lang_common['No view']); |
|
40 |
|
41 // Load the post.php/edit.php language file |
|
42 require PUN_ROOT.'lang/'.$pun_user['language'].'/post.php'; |
|
43 |
|
44 |
|
45 $id = isset($_GET['id']) ? intval($_GET['id']) : 0; |
|
46 if ($id < 1) |
|
47 message($lang_common['Bad request']); |
|
48 |
|
49 |
|
50 // Fetch some info about the post, the topic and the forum |
|
51 $query = array( |
|
52 'SELECT' => 'f.id AS fid, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics, t.id AS tid, t.subject, t.posted, t.first_post_id, t.closed, p.poster, p.poster_id, p.message, p.hide_smilies', |
|
53 'FROM' => 'posts AS p', |
|
54 'JOINS' => array( |
|
55 array( |
|
56 'INNER JOIN' => 'topics AS t', |
|
57 'ON' => 't.id=p.topic_id' |
|
58 ), |
|
59 array( |
|
60 'INNER JOIN' => 'forums AS f', |
|
61 'ON' => 'f.id=t.forum_id' |
|
62 ), |
|
63 array( |
|
64 'LEFT JOIN' => 'forum_perms AS fp', |
|
65 'ON' => '(fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].')' |
|
66 ) |
|
67 ), |
|
68 'WHERE' => '(fp.read_forum IS NULL OR fp.read_forum=1) AND p.id='.$id |
|
69 ); |
|
70 |
|
71 ($hook = get_hook('ed_qr_get_post_info')) ? eval($hook) : null; |
|
72 $result = $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
73 if (!$pun_db->num_rows($result)) |
|
74 message($lang_common['Bad request']); |
|
75 |
|
76 $cur_post = $pun_db->fetch_assoc($result); |
|
77 |
|
78 // Sort out who the moderators are and if we are currently a moderator (or an admin) |
|
79 $mods_array = ($cur_post['moderators'] != '') ? unserialize($cur_post['moderators']) : array(); |
|
80 $pun_user['is_admmod'] = ($session->user_level >= USER_LEVEL_ADMIN || ($pun_user['g_moderator'] == '1' && array_key_exists($pun_user['username'], $mods_array))) ? true : false; |
|
81 |
|
82 $can_edit_subject = ($id == $cur_post['first_post_id'] && (($pun_user['g_edit_subjects_interval'] == '0' || (time() - $cur_post['posted']) < $pun_user['g_edit_subjects_interval']) || $pun_user['is_admmod'])) ? true : false; |
|
83 |
|
84 // Do we have permission to edit this post? |
|
85 if (($pun_user['g_edit_posts'] == '0' || |
|
86 $cur_post['poster_id'] != $pun_user['id'] || |
|
87 $cur_post['closed'] == '1') && |
|
88 !$pun_user['is_admmod']) |
|
89 message($lang_common['No permission']); |
|
90 |
|
91 |
|
92 // Start with a clean slate |
|
93 $errors = array(); |
|
94 |
|
95 if (isset($_POST['form_sent'])) |
|
96 { |
|
97 ($hook = get_hook('ed_form_submitted')) ? eval($hook) : null; |
|
98 |
|
99 // If it is a topic it must contain a subject |
|
100 if ($can_edit_subject) |
|
101 { |
|
102 $subject = trim($_POST['req_subject']); |
|
103 |
|
104 if ($subject == '') |
|
105 $errors[] = $lang_post['No subject']; |
|
106 else if (pun_strlen($subject) > 70) |
|
107 $errors[] = $lang_post['Too long subject']; |
|
108 else if ($pun_config['p_subject_all_caps'] == '0' && strtoupper($subject) == $subject && !$pun_user['is_admmod']) |
|
109 $subject = ucwords(strtolower($subject)); |
|
110 } |
|
111 |
|
112 // Clean up message from POST |
|
113 $message = pun_linebreaks(trim($_POST['req_message'])); |
|
114 |
|
115 if ($message == '') |
|
116 $errors[] = $lang_post['No message']; |
|
117 else if (strlen($message) > 65535) |
|
118 $errors[] = $lang_post['Too long message']; |
|
119 else if ($pun_config['p_message_all_caps'] == '0' && strtoupper($message) == $message && !$pun_user['is_admmod']) |
|
120 $message = ucwords(strtolower($message)); |
|
121 |
|
122 // Validate BBCode syntax |
|
123 if ($pun_config['p_message_bbcode'] == '1' && strpos($message, '[') !== false && strpos($message, ']') !== false) |
|
124 { |
|
125 require PUN_ROOT.'include/parser.php'; |
|
126 $message = preparse_bbcode($message, $errors); |
|
127 } |
|
128 |
|
129 |
|
130 $hide_smilies = isset($_POST['hide_smilies']) ? intval($_POST['hide_smilies']) : 0; |
|
131 if ($hide_smilies != '1') $hide_smilies = '0'; |
|
132 |
|
133 // Did everything go according to plan? |
|
134 if (empty($errors) && !isset($_POST['preview'])) |
|
135 { |
|
136 ($hook = get_hook('ed_pre_post_edited')) ? eval($hook) : null; |
|
137 |
|
138 if ($db_type != 'mysql' && $db_type != 'mysqli') |
|
139 require PUN_ROOT.'include/search_idx.php'; |
|
140 |
|
141 if ($can_edit_subject) |
|
142 { |
|
143 // Update the topic and any redirect topics |
|
144 $query = array( |
|
145 'UPDATE' => 'topics', |
|
146 'SET' => 'subject=\''.$pun_db->escape($subject).'\'', |
|
147 'WHERE' => 'id='.$cur_post['tid'].' OR moved_to='.$cur_post['tid'] |
|
148 ); |
|
149 |
|
150 ($hook = get_hook('ed_qr_update_subject')) ? eval($hook) : null; |
|
151 $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
152 |
|
153 // We changed the subject, so we need to take that into account when we update the search words |
|
154 if ($db_type != 'mysql' && $db_type != 'mysqli') |
|
155 update_search_index('edit', $id, $message, $subject); |
|
156 } |
|
157 else if ($db_type != 'mysql' && $db_type != 'mysqli') |
|
158 update_search_index('edit', $id, $message); |
|
159 |
|
160 // Update the post |
|
161 $query = array( |
|
162 'UPDATE' => 'posts', |
|
163 'SET' => 'message=\''.$pun_db->escape($message).'\', hide_smilies=\''.$hide_smilies.'\'', |
|
164 'WHERE' => 'id='.$id |
|
165 ); |
|
166 |
|
167 if (!isset($_POST['silent']) || !$pun_user['is_admmod']) |
|
168 $query['SET'] .= ', edited='.time().', edited_by=\''.$pun_db->escape($pun_user['username']).'\''; |
|
169 |
|
170 ($hook = get_hook('ed_qr_update_post')) ? eval($hook) : null; |
|
171 $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
172 |
|
173 pun_redirect(pun_link($pun_url['post'], $id), $lang_post['Edit redirect']); |
|
174 } |
|
175 } |
|
176 |
|
177 // Setup error messages |
|
178 if (!empty($errors)) |
|
179 { |
|
180 $pun_page['errors'] = array(); |
|
181 |
|
182 while (list(, $cur_error) = each($errors)) |
|
183 $pun_page['errors'][] = '<li><span>'.$cur_error.'</span></li>'; |
|
184 } |
|
185 |
|
186 // Setup form |
|
187 $pun_page['set_count'] = $pun_page['fld_count'] = 0; |
|
188 $pun_page['form_action'] = pun_link($pun_url['edit'], $id); |
|
189 |
|
190 $pun_page['hidden_fields'][] = '<input type="hidden" name="form_sent" value="1" />'; |
|
191 if ($pun_user['is_admmod']) |
|
192 $pun_page['hidden_fields'][] = '<input type="hidden" name="csrf_token" value="'.generate_form_token($pun_page['form_action']).'" />'; |
|
193 |
|
194 // Setup help |
|
195 $pun_page['main_head_options'] = array(); |
|
196 if ($pun_config['p_message_bbcode'] == '1') |
|
197 $pun_page['main_head_options'][] = '<a class="exthelp" href="'.pun_link($pun_url['help'], 'bbcode').'" title="'.sprintf($lang_common['Help page'], $lang_common['BBCode']).'">'.$lang_common['BBCode'].'</a>'; |
|
198 if ($pun_config['p_message_img_tag'] == '1') |
|
199 $pun_page['main_head_options'][] = '<a class="exthelp" href="'.pun_link($pun_url['help'], 'img').'" title="'.sprintf($lang_common['Help page'], $lang_common['Images']).'">'.$lang_common['Images'].'</a>'; |
|
200 if ($pun_config['o_smilies'] == '1') |
|
201 $pun_page['main_head_options'][] = '<a class="exthelp" href="'.pun_link($pun_url['help'], 'smilies').'" title="'.sprintf($lang_common['Help page'], $lang_common['Smilies']).'">'.$lang_common['Smilies'].'</a>'; |
|
202 |
|
203 // Setup main heading |
|
204 $pun_page['main_head'] = sprintf($lang_post['Edit this'], (($id == $cur_post['first_post_id']) ? $lang_post['Topic'] : $lang_post['Reply']), $cur_post['poster']); |
|
205 |
|
206 // Setup breadcrumbs |
|
207 $pun_page['crumbs'] = array( |
|
208 array($pun_config['o_board_title'], pun_link($pun_url['index'])), |
|
209 array($cur_post['forum_name'], pun_link($pun_url['forum'], $cur_post['fid'])), |
|
210 array($cur_post['subject'], pun_link($pun_url['topic'], $cur_post['tid'])), |
|
211 $lang_post['Edit post'] |
|
212 ); |
|
213 |
|
214 ($hook = get_hook('ed_pre_header_load')) ? eval($hook) : null; |
|
215 |
|
216 define('PUN_PAGE', 'postedit'); |
|
217 require PUN_ROOT.'header.php'; |
|
218 |
|
219 ?> |
|
220 <div id="pun-main" class="main"> |
|
221 |
|
222 <h1><span><?php echo end($pun_page['crumbs']) ?></span></h1> |
|
223 <?php |
|
224 |
|
225 // If preview selected and there are no errors |
|
226 if (isset($_POST['preview']) && empty($pun_page['errors'])) |
|
227 { |
|
228 require_once PUN_ROOT.'include/parser.php'; |
|
229 $pun_page['preview_message'] = parse_message(trim($_POST['req_message']), $hide_smilies); |
|
230 |
|
231 ?> |
|
232 <div class="main-head"> |
|
233 <h2><span><?php echo $lang_post['Preview reply'] ?></span></h2> |
|
234 </div> |
|
235 |
|
236 <div id="post-preview" class="main-content topic"> |
|
237 <div class="post firstpost"> |
|
238 <div class="postmain"> |
|
239 <div class="posthead"> |
|
240 <h3><?php echo $lang_post['Preview info'] ?></h3> |
|
241 </div> |
|
242 <div class="postbody"> |
|
243 <div class="user"> |
|
244 <h4 class="user-ident"><strong class="username"><?php echo $cur_post['poster'] ?></strong></h4> |
|
245 </div> |
|
246 <div class="post-entry"> |
|
247 <div class="entry-content"> |
|
248 <?php echo $pun_page['preview_message']."\n" ?> |
|
249 </div> |
|
250 </div> |
|
251 </div> |
|
252 </div> |
|
253 </div> |
|
254 </div> |
|
255 <?php |
|
256 |
|
257 } |
|
258 |
|
259 ?> |
|
260 <div class="main-head"> |
|
261 <h2><span><?php echo $pun_page['main_head'] ?></span></h2> |
|
262 <?php if (!empty($pun_page['main_head_options'])): ?> <p class="main-options"><?php printf($lang_common['You may use'], implode(' ', $pun_page['main_head_options'])) ?></p> |
|
263 <?php endif; ?> </div> |
|
264 |
|
265 <div class="main-content frm"> |
|
266 <?php |
|
267 |
|
268 // If there were any errors, show them |
|
269 if (isset($pun_page['errors'])) |
|
270 { |
|
271 |
|
272 ?> |
|
273 <div class="frm-error"> |
|
274 <h3 class="warn"><?php echo $lang_post['Post errors'] ?></h3> |
|
275 <ul> |
|
276 <?php echo implode("\n\t\t\t\t\t", $pun_page['errors'])."\n" ?> |
|
277 </ul> |
|
278 </div> |
|
279 <?php |
|
280 |
|
281 } |
|
282 |
|
283 ?> |
|
284 <div id="req-msg" class="frm-warn"> |
|
285 <p class="important"><?php printf($lang_common['Required warn'], '<em class="req-text">'.$lang_common['Required'].'</em>') ?></p> |
|
286 </div> |
|
287 <form id="afocus" class="frm-form" method="post" accept-charset="utf-8" action="<?php echo $pun_page['form_action'] ?>"> |
|
288 <div class="hidden"> |
|
289 <?php echo implode("\n\t\t\t\t", $pun_page['hidden_fields'])."\n" ?> |
|
290 </div> |
|
291 <?php ($hook = get_hook('ed_pre_main_fieldset')) ? eval($hook) : null; ?> |
|
292 <fieldset class="frm-set set<?php echo ++$pun_page['set_count'] ?>"> |
|
293 <legend class="frm-legend"><strong><?php echo $lang_post['Edit post legend'] ?></strong></legend> |
|
294 <?php if ($can_edit_subject): ?> <div class="frm-fld text longtext required"> |
|
295 <label for="fld<?php echo ++ $pun_page['fld_count'] ?>"> |
|
296 <span class="fld-label"><?php echo $lang_post['Topic subject'] ?></span><br /> |
|
297 <span class="fld-input"><input id="fld<?php echo $pun_page['fld_count'] ?>" type="text" name="req_subject" size="80" maxlength="70" value="<?php echo htmlspecialchars(isset($_POST['req_subject']) ? $_POST['req_subject'] : $cur_post['subject']) ?>" /></span> |
|
298 <em class="req-text"><?php echo $lang_common['Required'] ?></em> |
|
299 </label> |
|
300 </div> |
|
301 <?php endif; ($hook = get_hook('ed_pre_message_box')) ? eval($hook) : null; ?> <div class="frm-fld text textarea required"> |
|
302 <label for="fld<?php echo ++ $pun_page['fld_count'] ?>"> |
|
303 <span class="fld-label"><?php echo $lang_post['Write message'] ?></span><br /> |
|
304 <span class="fld-input"><textarea id="fld<?php echo $pun_page['fld_count'] ?>" name="req_message" rows="14" cols="95"><?php echo htmlspecialchars(isset($_POST['req_message']) ? $message : $cur_post['message']) ?></textarea></span> |
|
305 <em class="req-text"><?php echo $lang_common['Required'] ?></em> |
|
306 </label> |
|
307 </div> |
|
308 </fieldset> |
|
309 <?php |
|
310 |
|
311 $pun_page['checkboxes'] = array(); |
|
312 if ($pun_config['o_smilies'] == '1') |
|
313 { |
|
314 if (isset($_POST['hide_smilies']) || $cur_post['hide_smilies'] == '1') |
|
315 $pun_page['checkboxes'][] = '<div class="radbox"><label for="fld'.(++$pun_page['fld_count']).'"><input type="checkbox" id="fld'.$pun_page['fld_count'].'" name="hide_smilies" value="1" checked="checked" /> '.$lang_post['Hide smilies'].'</label></div>'; |
|
316 else |
|
317 $pun_page['checkboxes'][] = '<div class="radbox"><label for="fld'.(++$pun_page['fld_count']).'"><input type="checkbox" id="fld'.$pun_page['fld_count'].'" name="hide_smilies" value="1" /> '.$lang_post['Hide smilies'].'</label></div>'; |
|
318 } |
|
319 |
|
320 if ($pun_user['is_admmod']) |
|
321 { |
|
322 if ((isset($_POST['form_sent']) && isset($_POST['silent'])) || !isset($_POST['form_sent'])) |
|
323 $pun_page['checkboxes'][] = '<div class="radbox"><label for="fld'.(++$pun_page['fld_count']).'"><input type="checkbox" id="fld'.$pun_page['fld_count'].'" name="silent" value="1" checked="checked" /> '.$lang_post['Silent edit'].'</label></div>'; |
|
324 else |
|
325 $pun_page['checkboxes'][] = '<div class="radbox"><label for="fld'.(++$pun_page['fld_count']).'"><input type="checkbox" id="fld'.$pun_page['fld_count'].'" name="silent" value="1" /> '.$lang_post['Silent edit'].'</label></div>'; |
|
326 } |
|
327 |
|
328 ($hook = get_hook('ed_pre_checkbox_display')) ? eval($hook) : null; |
|
329 |
|
330 if (!empty($pun_page['checkboxes'])) |
|
331 { |
|
332 |
|
333 ?> |
|
334 <fieldset class="frm-set set<?php echo ++$pun_page['set_count'] ?>"> |
|
335 <legend class="frm-legend"><strong><?php echo $lang_post['Optional legend'] ?></strong></legend> |
|
336 <fieldset class="frm-group"> |
|
337 <legend><span><?php echo $lang_post['Post settings'] ?></span></legend> |
|
338 <?php echo implode("\n\t\t\t\t\t\t", $pun_page['checkboxes'])."\n"; ?> |
|
339 </fieldset> |
|
340 </fieldset> |
|
341 |
|
342 <?php |
|
343 |
|
344 } |
|
345 |
|
346 ($hook = get_hook('ed_post_checkbox_display')) ? eval($hook) : null; |
|
347 |
|
348 ?> |
|
349 <div class="frm-buttons"> |
|
350 <span class="submit"><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" accesskey="s" title="<?php echo $lang_common['Submit title'] ?>" /></span> |
|
351 <span class="submit"><input type="submit" name="preview" value="<?php echo $lang_common['Preview'] ?>" accesskey="p" title="<?php echo $lang_common['Preview title'] ?>" /></span> |
|
352 </div> |
|
353 </form> |
|
354 </div> |
|
355 |
|
356 </div> |
|
357 <?php |
|
358 |
|
359 ($hook = get_hook('ed_end')) ? eval($hook) : null; |
|
360 |
|
361 require PUN_ROOT.'footer.php'; |