-
+
+
diff -r 5e1f1e916419 -r 98bbc533541c punbb/delete.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/punbb/delete.php Sun Apr 06 00:28:50 2008 -0400 @@ -0,0 +1,199 @@ + $_ ) +{ + $$key =& $GLOBALS[$key]; +} + +($hook = get_hook('dl_start')) ? eval($hook) : null; + +if ($pun_user['g_read_board'] == '0') + message($lang_common['No view']); + +// Load the delete.php language file +require PUN_ROOT.'lang/'.$pun_user['language'].'/delete.php'; + + +$id = isset($_GET['id']) ? intval($_GET['id']) : 0; +if ($id < 1) + message($lang_common['Bad request']); + + +// Fetch some info about the post, the topic and the forum +$query = array( + 'SELECT' => 'f.id AS fid, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics, t.id AS tid, t.subject, t.posted, t.first_post_id, t.closed, p.poster, p.poster_id, p.message, p.hide_smilies', + 'FROM' => 'posts AS p', + 'JOINS' => array( + array( + 'INNER JOIN' => 'topics AS t', + 'ON' => 't.id=p.topic_id' + ), + array( + 'INNER JOIN' => 'forums AS f', + 'ON' => 'f.id=t.forum_id' + ), + array( + 'LEFT JOIN' => 'forum_perms AS fp', + 'ON' => '(fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].')' + ) + ), + 'WHERE' => '(fp.read_forum IS NULL OR fp.read_forum=1) AND p.id='.$id +); + +($hook = get_hook('dl_qr_get_post_info')) ? eval($hook) : null; +$result = $pun_db->query_build($query) or error(__FILE__, __LINE__); +if (!$pun_db->num_rows($result)) + message($lang_common['Bad request']); + +$cur_post = $pun_db->fetch_assoc($result); + +// Sort out who the moderators are and if we are currently a moderator (or an admin) +$mods_array = ($cur_post['moderators'] != '') ? unserialize($cur_post['moderators']) : array(); +$pun_user['is_admmod'] = ($session->user_level >= USER_LEVEL_ADMIN || ($pun_user['g_moderator'] == '1' && array_key_exists($pun_user['username'], $mods_array))) ? true : false; + +$cur_post['is_topic'] = ($id == $cur_post['first_post_id']) ? true : false; + +// Do we have permission to delete this post? +if (($pun_user['g_delete_posts'] == '0' || + ($pun_user['g_delete_topics'] == '0' && $cur_post['is_topic']) || + $cur_post['poster_id'] != $pun_user['id'] || + $cur_post['closed'] == '1') && + !$pun_user['is_admmod']) + message($lang_common['No permission']); + + +// User pressed the cancel button +if (isset($_POST['cancel'])) + pun_redirect(pun_link($pun_url['post'], $id), $lang_common['Cancel redirect']); + +// User pressed the delete button +else if (isset($_POST['delete'])) +{ + ($hook = get_hook('dl_form_submitted')) ? eval($hook) : null; + + if (isset($_POST['req_confirm'])) + { + if ($cur_post['is_topic']) + { + // Delete the topic and all of it's posts + delete_topic($cur_post['tid'], $cur_post['fid']); + + pun_redirect(pun_link($pun_url['forum'], $cur_post['fid']), $lang_delete['Topic del redirect']); + } + else + { + // Delete just this one post + delete_post($id, $cur_post['tid'], $cur_post['fid']); + + pun_redirect(pun_link($pun_url['topic'], $cur_post['tid']), $lang_delete['Post del redirect']); + } + } + else + pun_redirect(pun_link($pun_url['post'], $id), $lang_common['No confirm redirect']); +} + +// Run the post through the parser +require PUN_ROOT.'include/parser.php'; +$cur_post['message'] = parse_message($cur_post['message'], $cur_post['hide_smilies']); + +// Setup form +$pun_page['set_count'] = $pun_page['fld_count'] = 0; +$pun_page['form_action'] = pun_link($pun_url['delete'], $id); + +$pun_page['hidden_fields'][] = ''; +if ($pun_user['is_admmod']) + $pun_page['hidden_fields'][] = ''; + +// Setup form information +$pun_page['frm_info'] = array( + '