diff -r 5e1f1e916419 -r 98bbc533541c punbb/edit.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/punbb/edit.php Sun Apr 06 00:28:50 2008 -0400 @@ -0,0 +1,361 @@ + $_ ) +{ + $$key =& $GLOBALS[$key]; +} + +($hook = get_hook('ed_start')) ? eval($hook) : null; + +if ($pun_user['g_read_board'] == '0') + message($lang_common['No view']); + +// Load the post.php/edit.php language file +require PUN_ROOT.'lang/'.$pun_user['language'].'/post.php'; + + +$id = isset($_GET['id']) ? intval($_GET['id']) : 0; +if ($id < 1) + message($lang_common['Bad request']); + + +// Fetch some info about the post, the topic and the forum +$query = array( + 'SELECT' => 'f.id AS fid, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics, t.id AS tid, t.subject, t.posted, t.first_post_id, t.closed, p.poster, p.poster_id, p.message, p.hide_smilies', + 'FROM' => 'posts AS p', + 'JOINS' => array( + array( + 'INNER JOIN' => 'topics AS t', + 'ON' => 't.id=p.topic_id' + ), + array( + 'INNER JOIN' => 'forums AS f', + 'ON' => 'f.id=t.forum_id' + ), + array( + 'LEFT JOIN' => 'forum_perms AS fp', + 'ON' => '(fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].')' + ) + ), + 'WHERE' => '(fp.read_forum IS NULL OR fp.read_forum=1) AND p.id='.$id +); + +($hook = get_hook('ed_qr_get_post_info')) ? eval($hook) : null; +$result = $pun_db->query_build($query) or error(__FILE__, __LINE__); +if (!$pun_db->num_rows($result)) + message($lang_common['Bad request']); + +$cur_post = $pun_db->fetch_assoc($result); + +// Sort out who the moderators are and if we are currently a moderator (or an admin) +$mods_array = ($cur_post['moderators'] != '') ? unserialize($cur_post['moderators']) : array(); +$pun_user['is_admmod'] = ($session->user_level >= USER_LEVEL_ADMIN || ($pun_user['g_moderator'] == '1' && array_key_exists($pun_user['username'], $mods_array))) ? true : false; + +$can_edit_subject = ($id == $cur_post['first_post_id'] && (($pun_user['g_edit_subjects_interval'] == '0' || (time() - $cur_post['posted']) < $pun_user['g_edit_subjects_interval']) || $pun_user['is_admmod'])) ? true : false; + +// Do we have permission to edit this post? +if (($pun_user['g_edit_posts'] == '0' || + $cur_post['poster_id'] != $pun_user['id'] || + $cur_post['closed'] == '1') && + !$pun_user['is_admmod']) + message($lang_common['No permission']); + + +// Start with a clean slate +$errors = array(); + +if (isset($_POST['form_sent'])) +{ + ($hook = get_hook('ed_form_submitted')) ? eval($hook) : null; + + // If it is a topic it must contain a subject + if ($can_edit_subject) + { + $subject = trim($_POST['req_subject']); + + if ($subject == '') + $errors[] = $lang_post['No subject']; + else if (pun_strlen($subject) > 70) + $errors[] = $lang_post['Too long subject']; + else if ($pun_config['p_subject_all_caps'] == '0' && strtoupper($subject) == $subject && !$pun_user['is_admmod']) + $subject = ucwords(strtolower($subject)); + } + + // Clean up message from POST + $message = pun_linebreaks(trim($_POST['req_message'])); + + if ($message == '') + $errors[] = $lang_post['No message']; + else if (strlen($message) > 65535) + $errors[] = $lang_post['Too long message']; + else if ($pun_config['p_message_all_caps'] == '0' && strtoupper($message) == $message && !$pun_user['is_admmod']) + $message = ucwords(strtolower($message)); + + // Validate BBCode syntax + if ($pun_config['p_message_bbcode'] == '1' && strpos($message, '[') !== false && strpos($message, ']') !== false) + { + require PUN_ROOT.'include/parser.php'; + $message = preparse_bbcode($message, $errors); + } + + + $hide_smilies = isset($_POST['hide_smilies']) ? intval($_POST['hide_smilies']) : 0; + if ($hide_smilies != '1') $hide_smilies = '0'; + + // Did everything go according to plan? + if (empty($errors) && !isset($_POST['preview'])) + { + ($hook = get_hook('ed_pre_post_edited')) ? eval($hook) : null; + + if ($db_type != 'mysql' && $db_type != 'mysqli') + require PUN_ROOT.'include/search_idx.php'; + + if ($can_edit_subject) + { + // Update the topic and any redirect topics + $query = array( + 'UPDATE' => 'topics', + 'SET' => 'subject=\''.$pun_db->escape($subject).'\'', + 'WHERE' => 'id='.$cur_post['tid'].' OR moved_to='.$cur_post['tid'] + ); + + ($hook = get_hook('ed_qr_update_subject')) ? eval($hook) : null; + $pun_db->query_build($query) or error(__FILE__, __LINE__); + + // We changed the subject, so we need to take that into account when we update the search words + if ($db_type != 'mysql' && $db_type != 'mysqli') + update_search_index('edit', $id, $message, $subject); + } + else if ($db_type != 'mysql' && $db_type != 'mysqli') + update_search_index('edit', $id, $message); + + // Update the post + $query = array( + 'UPDATE' => 'posts', + 'SET' => 'message=\''.$pun_db->escape($message).'\', hide_smilies=\''.$hide_smilies.'\'', + 'WHERE' => 'id='.$id + ); + + if (!isset($_POST['silent']) || !$pun_user['is_admmod']) + $query['SET'] .= ', edited='.time().', edited_by=\''.$pun_db->escape($pun_user['username']).'\''; + + ($hook = get_hook('ed_qr_update_post')) ? eval($hook) : null; + $pun_db->query_build($query) or error(__FILE__, __LINE__); + + pun_redirect(pun_link($pun_url['post'], $id), $lang_post['Edit redirect']); + } +} + +// Setup error messages +if (!empty($errors)) +{ + $pun_page['errors'] = array(); + + while (list(, $cur_error) = each($errors)) + $pun_page['errors'][] = '
  • '.$cur_error.'
    • '; +} + +// Setup form +$pun_page['set_count'] = $pun_page['fld_count'] = 0; +$pun_page['form_action'] = pun_link($pun_url['edit'], $id); + +$pun_page['hidden_fields'][] = ''; +if ($pun_user['is_admmod']) + $pun_page['hidden_fields'][] = ''; + +// Setup help +$pun_page['main_head_options'] = array(); +if ($pun_config['p_message_bbcode'] == '1') + $pun_page['main_head_options'][] = ''.$lang_common['BBCode'].''; +if ($pun_config['p_message_img_tag'] == '1') + $pun_page['main_head_options'][] = ''.$lang_common['Images'].''; +if ($pun_config['o_smilies'] == '1') + $pun_page['main_head_options'][] = ''.$lang_common['Smilies'].''; + +// Setup main heading +$pun_page['main_head'] = sprintf($lang_post['Edit this'], (($id == $cur_post['first_post_id']) ? $lang_post['Topic'] : $lang_post['Reply']), $cur_post['poster']); + +// Setup breadcrumbs +$pun_page['crumbs'] = array( + array($pun_config['o_board_title'], pun_link($pun_url['index'])), + array($cur_post['forum_name'], pun_link($pun_url['forum'], $cur_post['fid'])), + array($cur_post['subject'], pun_link($pun_url['topic'], $cur_post['tid'])), + $lang_post['Edit post'] +); + +($hook = get_hook('ed_pre_header_load')) ? eval($hook) : null; + +define('PUN_PAGE', 'postedit'); +require PUN_ROOT.'header.php'; + +?> +
    + +

    + +
    +

    +
    + +
    +
    +
    +
    +

    +
    +
    +
    +

    +
    +
    +
    + +
    +
    +
    +
    +
    +
    + +
    +

    +

    +
    + +
    + +
    +

    +
      + +
    +
    + +
    +

    '.$lang_common['Required'].'') ?>

    +
    +
    + + +
    + +
    + +
    +
    + +
    +
    +
    '; + else + $pun_page['checkboxes'][] = '
    '; +} + +if ($pun_user['is_admmod']) +{ + if ((isset($_POST['form_sent']) && isset($_POST['silent'])) || !isset($_POST['form_sent'])) + $pun_page['checkboxes'][] = '
    '; + else + $pun_page['checkboxes'][] = '
    '; +} + +($hook = get_hook('ed_pre_checkbox_display')) ? eval($hook) : null; + +if (!empty($pun_page['checkboxes'])) +{ + +?> +
    + +
    + + +
    +
    + + +
    + + +
    + +
    + + +