Mercurial Mercurial > repos > punbb / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
punbb/edit.php
changeset 7 98bbc533541c 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/punbb/edit.php	Sun Apr 06 00:28:50 2008 -0400
@@ -0,0 +1,361 @@
+<?php
+/***********************************************************************
+
+  Copyright (C) 2002-2008  PunBB.org
+
+  This file is part of PunBB.
+
+  PunBB is free software; you can redistribute it and/or modify it
+  under the terms of the GNU General Public License as published
+  by the Free Software Foundation; either version 2 of the License,
+  or (at your option) any later version.
+
+  PunBB is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 59 Temple Place, Suite 330, Boston,
+  MA  02111-1307  USA
+
+************************************************************************/
+
+
+// if (!defined('PUN_ROOT'))
+// 	define('PUN_ROOT', './');
+// require PUN_ROOT.'include/common.php';
+
+// import globals (I really hope this isn't dangerous)
+foreach ( $GLOBALS as $key => $_ )
+{
+  $$key =& $GLOBALS[$key];
+}
+
+($hook = get_hook('ed_start')) ? eval($hook) : null;
+
+if ($pun_user['g_read_board'] == '0')
+	message($lang_common['No view']);
+
+// Load the post.php/edit.php language file
+require PUN_ROOT.'lang/'.$pun_user['language'].'/post.php';
+
+
+$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
+if ($id < 1)
+	message($lang_common['Bad request']);
+
+
+// Fetch some info about the post, the topic and the forum
+$query = array(
+	'SELECT'	=> 'f.id AS fid, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics, t.id AS tid, t.subject, t.posted, t.first_post_id, t.closed, p.poster, p.poster_id, p.message, p.hide_smilies',
+	'FROM'		=> 'posts AS p',
+	'JOINS'		=> array(
+		array(
+			'INNER JOIN'	=> 'topics AS t',
+			'ON'			=> 't.id=p.topic_id'
+		),
+		array(
+			'INNER JOIN'	=> 'forums AS f',
+			'ON'			=> 'f.id=t.forum_id'
+		),
+		array(
+			'LEFT JOIN'		=> 'forum_perms AS fp',
+			'ON'			=> '(fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].')'
+		)
+	),
+	'WHERE'		=> '(fp.read_forum IS NULL OR fp.read_forum=1) AND p.id='.$id
+);
+
+($hook = get_hook('ed_qr_get_post_info')) ? eval($hook) : null;
+$result = $pun_db->query_build($query) or error(__FILE__, __LINE__);
+if (!$pun_db->num_rows($result))
+	message($lang_common['Bad request']);
+
+$cur_post = $pun_db->fetch_assoc($result);
+
+// Sort out who the moderators are and if we are currently a moderator (or an admin)
+$mods_array = ($cur_post['moderators'] != '') ? unserialize($cur_post['moderators']) : array();
+$pun_user['is_admmod'] = ($session->user_level >= USER_LEVEL_ADMIN || ($pun_user['g_moderator'] == '1' && array_key_exists($pun_user['username'], $mods_array))) ? true : false;
+
+$can_edit_subject = ($id == $cur_post['first_post_id'] && (($pun_user['g_edit_subjects_interval'] == '0' || (time() - $cur_post['posted']) < $pun_user['g_edit_subjects_interval']) || $pun_user['is_admmod'])) ? true : false;
+
+// Do we have permission to edit this post?
+if (($pun_user['g_edit_posts'] == '0' ||
+	$cur_post['poster_id'] != $pun_user['id'] ||
+	$cur_post['closed'] == '1') &&
+	!$pun_user['is_admmod'])
+	message($lang_common['No permission']);
+
+
+// Start with a clean slate
+$errors = array();
+
+if (isset($_POST['form_sent']))
+{
+	($hook = get_hook('ed_form_submitted')) ? eval($hook) : null;
+
+	// If it is a topic it must contain a subject
+	if ($can_edit_subject)
+	{
+		$subject = trim($_POST['req_subject']);
+
+		if ($subject == '')
+			$errors[] = $lang_post['No subject'];
+		else if (pun_strlen($subject) > 70)
+			$errors[] = $lang_post['Too long subject'];
+		else if ($pun_config['p_subject_all_caps'] == '0' && strtoupper($subject) == $subject && !$pun_user['is_admmod'])
+			$subject = ucwords(strtolower($subject));
+	}
+
+	// Clean up message from POST
+	$message = pun_linebreaks(trim($_POST['req_message']));
+
+	if ($message == '')
+		$errors[] = $lang_post['No message'];
+	else if (strlen($message) > 65535)
+		$errors[] = $lang_post['Too long message'];
+	else if ($pun_config['p_message_all_caps'] == '0' && strtoupper($message) == $message && !$pun_user['is_admmod'])
+		$message = ucwords(strtolower($message));
+
+	// Validate BBCode syntax
+	if ($pun_config['p_message_bbcode'] == '1' && strpos($message, '[') !== false && strpos($message, ']') !== false)
+	{
+		require PUN_ROOT.'include/parser.php';
+		$message = preparse_bbcode($message, $errors);
+	}
+
+
+	$hide_smilies = isset($_POST['hide_smilies']) ? intval($_POST['hide_smilies']) : 0;
+	if ($hide_smilies != '1') $hide_smilies = '0';
+
+	// Did everything go according to plan?
+	if (empty($errors) && !isset($_POST['preview']))
+	{
+		($hook = get_hook('ed_pre_post_edited')) ? eval($hook) : null;
+
+		if ($db_type != 'mysql' && $db_type != 'mysqli')
+			require PUN_ROOT.'include/search_idx.php';
+
+		if ($can_edit_subject)
+		{
+			// Update the topic and any redirect topics
+			$query = array(
+				'UPDATE'	=> 'topics',
+				'SET'		=> 'subject=\''.$pun_db->escape($subject).'\'',
+				'WHERE'		=> 'id='.$cur_post['tid'].' OR moved_to='.$cur_post['tid']
+			);
+
+			($hook = get_hook('ed_qr_update_subject')) ? eval($hook) : null;
+			$pun_db->query_build($query) or error(__FILE__, __LINE__);
+
+			// We changed the subject, so we need to take that into account when we update the search words
+			if ($db_type != 'mysql' && $db_type != 'mysqli')
+				update_search_index('edit', $id, $message, $subject);
+		}
+		else if ($db_type != 'mysql' && $db_type != 'mysqli')
+			update_search_index('edit', $id, $message);
+
+		// Update the post
+		$query = array(
+			'UPDATE'	=> 'posts',
+			'SET'		=> 'message=\''.$pun_db->escape($message).'\', hide_smilies=\''.$hide_smilies.'\'',
+			'WHERE'		=> 'id='.$id
+		);
+
+		if (!isset($_POST['silent']) || !$pun_user['is_admmod'])
+			$query['SET'] .= ', edited='.time().', edited_by=\''.$pun_db->escape($pun_user['username']).'\'';
+
+		($hook = get_hook('ed_qr_update_post')) ? eval($hook) : null;
+		$pun_db->query_build($query) or error(__FILE__, __LINE__);
+
+		pun_redirect(pun_link($pun_url['post'], $id), $lang_post['Edit redirect']);
+	}
+}
+
+// Setup error messages
+if (!empty($errors))
+{
+	$pun_page['errors'] = array();
+
+	while (list(, $cur_error) = each($errors))
+		$pun_page['errors'][] = '<li><span>'.$cur_error.'</span></li>';
+}
+
+// Setup form
+$pun_page['set_count'] = $pun_page['fld_count'] = 0;
+$pun_page['form_action'] = pun_link($pun_url['edit'], $id);
+
+$pun_page['hidden_fields'][] = '<input type="hidden" name="form_sent" value="1" />';
+if ($pun_user['is_admmod'])
+	$pun_page['hidden_fields'][] = '<input type="hidden" name="csrf_token" value="'.generate_form_token($pun_page['form_action']).'" />';
+
+// Setup help
+$pun_page['main_head_options'] = array();
+if ($pun_config['p_message_bbcode'] == '1')
+	$pun_page['main_head_options'][] = '<a class="exthelp" href="'.pun_link($pun_url['help'], 'bbcode').'" title="'.sprintf($lang_common['Help page'], $lang_common['BBCode']).'">'.$lang_common['BBCode'].'</a>';
+if ($pun_config['p_message_img_tag'] == '1')
+	$pun_page['main_head_options'][] = '<a class="exthelp" href="'.pun_link($pun_url['help'], 'img').'" title="'.sprintf($lang_common['Help page'], $lang_common['Images']).'">'.$lang_common['Images'].'</a>';
+if ($pun_config['o_smilies'] == '1')
+	$pun_page['main_head_options'][] = '<a class="exthelp" href="'.pun_link($pun_url['help'], 'smilies').'" title="'.sprintf($lang_common['Help page'], $lang_common['Smilies']).'">'.$lang_common['Smilies'].'</a>';
+
+// Setup main heading
+$pun_page['main_head'] = sprintf($lang_post['Edit this'], (($id == $cur_post['first_post_id']) ? $lang_post['Topic'] : $lang_post['Reply']), $cur_post['poster']);
+
+// Setup breadcrumbs
+$pun_page['crumbs'] = array(
+	array($pun_config['o_board_title'], pun_link($pun_url['index'])),
+	array($cur_post['forum_name'], pun_link($pun_url['forum'], $cur_post['fid'])),
+	array($cur_post['subject'], pun_link($pun_url['topic'], $cur_post['tid'])),
+	$lang_post['Edit post']
+);
+
+($hook = get_hook('ed_pre_header_load')) ? eval($hook) : null;
+
+define('PUN_PAGE', 'postedit');
+require PUN_ROOT.'header.php';
+
+?>
+<div id="pun-main" class="main">
+
+	<h1><span><?php echo end($pun_page['crumbs']) ?></span></h1>
+<?php
+
+// If preview selected and there are no errors
+if (isset($_POST['preview']) && empty($pun_page['errors']))
+{
+	require_once PUN_ROOT.'include/parser.php';
+	$pun_page['preview_message'] = parse_message(trim($_POST['req_message']), $hide_smilies);
+
+?>
+	<div class="main-head">
+		<h2><span><?php echo $lang_post['Preview reply'] ?></span></h2>
+	</div>
+
+	<div id="post-preview" class="main-content topic">
+		<div class="post firstpost">
+			<div class="postmain">
+				<div class="posthead">
+					<h3><?php echo $lang_post['Preview info'] ?></h3>
+				</div>
+				<div class="postbody">
+					<div class="user">
+						<h4 class="user-ident"><strong class="username"><?php echo $cur_post['poster'] ?></strong></h4>
+					</div>
+					<div class="post-entry">
+						<div class="entry-content">
+						<?php echo $pun_page['preview_message']."\n" ?>
+						</div>
+					</div>
+				</div>
+			</div>
+		</div>
+	</div>
+<?php
+
+}
+
+?>
+	<div class="main-head">
+		<h2><span><?php echo $pun_page['main_head'] ?></span></h2>
+<?php if (!empty($pun_page['main_head_options'])): ?>		<p class="main-options"><?php printf($lang_common['You may use'], implode(' ', $pun_page['main_head_options'])) ?></p>
+<?php endif; ?>	</div>
+
+	<div class="main-content frm">
+<?php
+
+// If there were any errors, show them
+if (isset($pun_page['errors']))
+{
+
+?>
+		<div class="frm-error">
+			<h3 class="warn"><?php echo $lang_post['Post errors'] ?></h3>
+			<ul>
+				<?php echo implode("\n\t\t\t\t\t", $pun_page['errors'])."\n" ?>
+			</ul>
+		</div>
+<?php
+
+}
+
+?>
+		<div id="req-msg" class="frm-warn">
+			<p class="important"><?php printf($lang_common['Required warn'], '<em class="req-text">'.$lang_common['Required'].'</em>') ?></p>
+		</div>
+		<form id="afocus" class="frm-form" method="post" accept-charset="utf-8" action="<?php echo $pun_page['form_action'] ?>">
+			<div class="hidden">
+				<?php echo implode("\n\t\t\t\t", $pun_page['hidden_fields'])."\n" ?>
+			</div>
+<?php ($hook = get_hook('ed_pre_main_fieldset')) ? eval($hook) : null; ?>
+			<fieldset class="frm-set set<?php echo ++$pun_page['set_count'] ?>">
+				<legend class="frm-legend"><strong><?php echo $lang_post['Edit post legend'] ?></strong></legend>
+<?php if ($can_edit_subject): ?>				<div class="frm-fld text longtext required">
+					<label for="fld<?php echo ++ $pun_page['fld_count'] ?>">
+						<span class="fld-label"><?php echo $lang_post['Topic subject'] ?></span><br />
+						<span class="fld-input"><input id="fld<?php echo $pun_page['fld_count'] ?>" type="text" name="req_subject" size="80" maxlength="70" value="<?php echo htmlspecialchars(isset($_POST['req_subject']) ? $_POST['req_subject'] : $cur_post['subject']) ?>" /></span>
+						<em class="req-text"><?php echo $lang_common['Required'] ?></em>
+					</label>
+				</div>
+<?php endif; ($hook = get_hook('ed_pre_message_box')) ? eval($hook) : null; ?>				<div class="frm-fld text textarea required">
+					<label for="fld<?php echo ++ $pun_page['fld_count'] ?>">
+						<span class="fld-label"><?php echo $lang_post['Write message'] ?></span><br />
+						<span class="fld-input"><textarea id="fld<?php echo $pun_page['fld_count'] ?>" name="req_message" rows="14" cols="95"><?php echo htmlspecialchars(isset($_POST['req_message']) ? $message : $cur_post['message']) ?></textarea></span>
+						<em class="req-text"><?php echo $lang_common['Required'] ?></em>
+					</label>
+				</div>
+			</fieldset>
+<?php
+
+$pun_page['checkboxes'] = array();
+if ($pun_config['o_smilies'] == '1')
+{
+	if (isset($_POST['hide_smilies']) || $cur_post['hide_smilies'] == '1')
+		$pun_page['checkboxes'][] = '<div class="radbox"><label for="fld'.(++$pun_page['fld_count']).'"><input type="checkbox" id="fld'.$pun_page['fld_count'].'" name="hide_smilies" value="1" checked="checked" /> '.$lang_post['Hide smilies'].'</label></div>';
+	else
+		$pun_page['checkboxes'][] = '<div class="radbox"><label for="fld'.(++$pun_page['fld_count']).'"><input type="checkbox" id="fld'.$pun_page['fld_count'].'" name="hide_smilies" value="1" /> '.$lang_post['Hide smilies'].'</label></div>';
+}
+
+if ($pun_user['is_admmod'])
+{
+	if ((isset($_POST['form_sent']) && isset($_POST['silent'])) || !isset($_POST['form_sent']))
+		$pun_page['checkboxes'][] = '<div class="radbox"><label for="fld'.(++$pun_page['fld_count']).'"><input type="checkbox" id="fld'.$pun_page['fld_count'].'" name="silent" value="1" checked="checked" /> '.$lang_post['Silent edit'].'</label></div>';
+	else
+		$pun_page['checkboxes'][] = '<div class="radbox"><label for="fld'.(++$pun_page['fld_count']).'"><input type="checkbox" id="fld'.$pun_page['fld_count'].'" name="silent" value="1" /> '.$lang_post['Silent edit'].'</label></div>';
+}
+
+($hook = get_hook('ed_pre_checkbox_display')) ? eval($hook) : null;
+
+if (!empty($pun_page['checkboxes']))
+{
+
+?>
+			<fieldset class="frm-set set<?php echo ++$pun_page['set_count'] ?>">
+				<legend class="frm-legend"><strong><?php echo $lang_post['Optional legend'] ?></strong></legend>
+				<fieldset class="frm-group">
+					<legend><span><?php echo $lang_post['Post settings'] ?></span></legend>
+					<?php echo implode("\n\t\t\t\t\t\t", $pun_page['checkboxes'])."\n"; ?>
+				</fieldset>
+			</fieldset>
+
+<?php
+
+}
+
+($hook = get_hook('ed_post_checkbox_display')) ? eval($hook) : null;
+
+?>
+			<div class="frm-buttons">
+				<span class="submit"><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" accesskey="s" title="<?php echo $lang_common['Submit title'] ?>" /></span>
+				<span class="submit"><input type="submit" name="preview" value="<?php echo $lang_common['Preview'] ?>" accesskey="p" title="<?php echo $lang_common['Preview title'] ?>" /></span>
+			</div>
+		</form>
+	</div>
+
+</div>
+<?php
+
+($hook = get_hook('ed_end')) ? eval($hook) : null;
+
+require PUN_ROOT.'footer.php';
PunBB for Enano