| Zeile 6 | Zeile 6 |
|---|
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*
|
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*
|
* $Id: newreply.php 4188 2008-09-14 05:05:26Z Tikitiki $
| * $Id: newreply.php 4864 2010-04-10 09:13:19Z RyanGordon $
|
*/
define("IN_MYBB", 1);
| */
define("IN_MYBB", 1);
|
| Zeile 132 | Zeile 132 |
|---|
{
if(!$mybb->input['previewpost'] && $mybb->input['action'] != "do_newreply")
{
|
{
if(!$mybb->input['previewpost'] && $mybb->input['action'] != "do_newreply")
{
|
$username = $lang->guest;
| $username = '';
|
}
elseif($mybb->input['previewpost'])
{
| }
elseif($mybb->input['previewpost'])
{
|
| Zeile 196 | Zeile 196 |
|---|
if(!$mybb->input['submit'])
{
$mybb->input['action'] = "newreply";
|
if(!$mybb->input['submit'])
{
$mybb->input['action'] = "newreply";
|
| | $editdraftpid = "<input type=\"hidden\" name=\"pid\" value=\"$pid\" />";
|
}
}
| }
}
|
| Zeile 207 | Zeile 208 |
|---|
if(!$mybb->input['submit'])
{
$mybb->input['action'] = "newreply";
|
if(!$mybb->input['submit'])
{
$mybb->input['action'] = "newreply";
|
| | $editdraftpid = "<input type=\"hidden\" name=\"pid\" value=\"$pid\" />";
|
}
}
// Setup our posthash for managing attachments.
if(!$mybb->input['posthash'] && $mybb->input['action'] != "editdraft")
{
|
}
}
// Setup our posthash for managing attachments.
if(!$mybb->input['posthash'] && $mybb->input['action'] != "editdraft")
{
|
mt_srand ((double) microtime() * 1000000);
$mybb->input['posthash'] = md5($thread['tid'].$mybb->user['uid'].mt_rand());
| $mybb->input['posthash'] = md5($thread['tid'].$mybb->user['uid'].random_str());
|
}
$reply_errors = "";
| }
$reply_errors = "";
|
| Zeile 263 | Zeile 264 |
|---|
if(!$mybb->user['uid'])
{
my_setcookie('loginattempts', $logins + 1);
|
if(!$mybb->user['uid'])
{
my_setcookie('loginattempts', $logins + 1);
|
$db->write_query("UPDATE ".TABLE_PREFIX."sessions SET loginattempts=loginattempts+1 WHERE sid = '{$session->sid}'");
| $db->write_query("UPDATE ".TABLE_PREFIX."users SET loginattempts=loginattempts+1 WHERE username = '".$db->escape_string($mybb->input['username'])."'");
|
if($mybb->settings['failedlogintext'] == 1)
{
$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins);
|
if($mybb->settings['failedlogintext'] == 1)
{
$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins);
|
}
| }
|
error($lang->error_invalidpassword.$login_text);
}
// Otherwise they've logged in successfully.
| error($lang->error_invalidpassword.$login_text);
}
// Otherwise they've logged in successfully.
|
| Zeile 279 | Zeile 280 |
|---|
// Update the session to contain their user ID
$updated_session = array(
"uid" => $mybb->user['uid'],
|
// Update the session to contain their user ID
$updated_session = array(
"uid" => $mybb->user['uid'],
|
"loginattempts" => 0
| |
);
$db->update_query("sessions", $updated_session, "sid='{$session->sid}'");
|
);
$db->update_query("sessions", $updated_session, "sid='{$session->sid}'");
|
| |
$db->update_query("users", array("loginattempts" => 1), "uid='{$mybb->user['uid']}'");
|
// Set uid and username
$uid = $mybb->user['uid'];
|
// Set uid and username
$uid = $mybb->user['uid'];
|
| Zeile 329 | Zeile 331 |
|---|
}
if(!$mybb->input['savedraft'])
{
|
}
if(!$mybb->input['savedraft'])
{
|
$query = $db->simple_select("posts p", "p.pid", "{$user_check} AND p.tid='{$thread['tid']}' AND p.subject='".$db->escape_string($mybb->input['subject'])."' AND p.message='".$db->escape_string($mybb->input['message'])."' AND p.posthash='".$db->escape_string($mybb->input['posthash'])."'");
| $query = $db->simple_select("posts p", "p.pid", "{$user_check} AND p.tid='{$thread['tid']}' AND p.subject='".$db->escape_string($mybb->input['subject'])."' AND p.message='".$db->escape_string($mybb->input['message'])."' AND p.posthash='".$db->escape_string($mybb->input['posthash'])."' AND p.visible != '-2'");
|
$duplicate_check = $db->fetch_field($query, "pid");
if($duplicate_check)
{
| $duplicate_check = $db->fetch_field($query, "pid");
if($duplicate_check)
{
|
| Zeile 391 | Zeile 393 |
|---|
{
$post_errors = $posthandler->get_friendly_errors();
}
|
{
$post_errors = $posthandler->get_friendly_errors();
}
|
| |
// Mark thread as read
require_once MYBB_ROOT."inc/functions_indicators.php";
mark_thread_read($tid, $fid);
|
// Check captcha image
if($mybb->settings['captchaimage'] == 1 && function_exists("imagepng") && !$mybb->user['uid'])
|
// Check captcha image
if($mybb->settings['captchaimage'] == 1 && function_exists("imagepng") && !$mybb->user['uid'])
|
{
| {
|
$imagehash = $db->escape_string($mybb->input['imagehash']);
$imagestring = $db->escape_string($mybb->input['imagestring']);
$query = $db->simple_select("captcha", "*", "imagehash='$imagehash'");
$imgcheck = $db->fetch_array($query);
if(my_strtolower($imgcheck['imagestring']) != my_strtolower($imagestring) || !$imgcheck['imagehash'])
|
$imagehash = $db->escape_string($mybb->input['imagehash']);
$imagestring = $db->escape_string($mybb->input['imagestring']);
$query = $db->simple_select("captcha", "*", "imagehash='$imagehash'");
$imgcheck = $db->fetch_array($query);
if(my_strtolower($imgcheck['imagestring']) != my_strtolower($imagestring) || !$imgcheck['imagehash'])
|
{
| {
|
$post_errors[] = $lang->invalid_captcha;
}
else
| $post_errors[] = $lang->invalid_captcha;
}
else
|
| Zeile 435 | Zeile 442 |
|---|
{
$reply_errors = inline_error($post_errors);
$mybb->input['action'] = "newreply";
|
{
$reply_errors = inline_error($post_errors);
$mybb->input['action'] = "newreply";
|
}
else
{
| }
else
{
|
$postinfo = $posthandler->insert_post();
$pid = $postinfo['pid'];
$visible = $postinfo['visible'];
| $postinfo = $posthandler->insert_post();
$pid = $postinfo['pid'];
$visible = $postinfo['visible'];
|
| Zeile 458 | Zeile 465 |
|---|
else
{
// Moderated post
|
else
{
// Moderated post
|
$lang->redirect_newreply .= $lang->redirect_newreply_moderation;
| $lang->redirect_newreply .= '<br />'.$lang->redirect_newreply_moderation;
|
$url = get_thread_link($tid);
}
| $url = get_thread_link($tid);
}
|
| Zeile 469 | Zeile 476 |
|---|
if($mybb->input['quoted_ids'] == "all")
{
my_unsetcookie("multiquote");
|
if($mybb->input['quoted_ids'] == "all")
{
my_unsetcookie("multiquote");
|
}
| }
|
// Only quoted a few - attempt to remove them from the cookie
else
{
| // Only quoted a few - attempt to remove them from the cookie
else
{
|
| Zeile 499 | Zeile 506 |
|---|
}
}
}
|
}
}
}
|
// Mark thread as read
require_once MYBB_ROOT."inc/functions_indicators.php";
mark_thread_read($tid, $fid);
|
|
$plugins->run_hooks("newreply_do_newreply_end");
// This was a post made via the ajax quick reply - we need to do some special things here
| $plugins->run_hooks("newreply_do_newreply_end");
// This was a post made via the ajax quick reply - we need to do some special things here
|
| Zeile 587 | Zeile 590 |
|---|
echo $post;
// Build a new posthash incase the user wishes to quick reply again
|
echo $post;
// Build a new posthash incase the user wishes to quick reply again
|
mt_srand((double) microtime() * 1000000);
$new_posthash = md5($mybb->user['uid'].mt_rand());
| $new_posthash = md5($mybb->user['uid'].random_str());
|
echo "<script type=\"text/javascript\">\n";
echo "var hash = document.getElementById('posthash'); if(hash) { hash.value = '{$new_posthash}'; }\n";
echo "if(typeof(inlineModeration) != 'undefined') { Event.observe($('inlinemod_{$pid}'), 'click', inlineModeration.checkItem); }\n";
| echo "<script type=\"text/javascript\">\n";
echo "var hash = document.getElementById('posthash'); if(hash) { hash.value = '{$new_posthash}'; }\n";
echo "if(typeof(inlineModeration) != 'undefined') { Event.observe($('inlinemod_{$pid}'), 'click', inlineModeration.checkItem); }\n";
|
| Zeile 596 | Zeile 598 |
|---|
exit;
}
// Post is in the moderation queue
|
exit;
}
// Post is in the moderation queue
|
else
| else
|
{
redirect(get_thread_link($tid, 0, "lastpost"), $lang->redirect_newreply_moderation);
exit;
| {
redirect(get_thread_link($tid, 0, "lastpost"), $lang->redirect_newreply_moderation);
exit;
|
| Zeile 618 | Zeile 620 |
|---|
$quote_ids = '';
// If this isn't a preview and we're not editing a draft, then handle quoted posts
|
$quote_ids = '';
// If this isn't a preview and we're not editing a draft, then handle quoted posts
|
if(!$mybb->input['previewpost'] && !$reply_errors && $mybb->input['action'] != "editdraft")
| if(!$mybb->input['previewpost'] && !$reply_errors && $mybb->input['action'] != "editdraft" && !$mybb->input['attachmentaid'] && !$mybb->input['newattachment'] && !$mybb->input['updateattachment'] && !$mybb->input['rem'])
|
{
$message = '';
$quoted_posts = array();
| {
$message = '';
$quoted_posts = array();
|
| Zeile 750 | Zeile 752 |
|---|
$postoptions_subscriptionmethod_dont = "checked=\"checked\"";
}
if($postoptions['disablesmilies'] == 1)
|
$postoptions_subscriptionmethod_dont = "checked=\"checked\"";
}
if($postoptions['disablesmilies'] == 1)
|
{
$postoptionschecked['disablesmilies'] = " checked=\"checked\"";
| {
$postoptionschecked['disablesmilies'] = " checked=\"checked\"";
|
}
$subject = $mybb->input['subject'];
}
elseif($mybb->input['action'] == "editdraft" && $mybb->user['uid'])
|
}
$subject = $mybb->input['subject'];
}
elseif($mybb->input['action'] == "editdraft" && $mybb->user['uid'])
|
{
| {
|
$message = htmlspecialchars_uni($post['message']);
$subject = $post['subject'];
if($post['includesig'] != 0)
|
$message = htmlspecialchars_uni($post['message']);
$subject = $post['subject'];
if($post['includesig'] != 0)
|
{
$postoptionschecked['signature'] = " checked=\"checked\"";
| {
$postoptionschecked['signature'] = " checked=\"checked\"";
|
}
if($post['smilieoff'] == 1)
{
$postoptionschecked['disablesmilies'] = " checked=\"checked\"";
|
}
if($post['smilieoff'] == 1)
{
$postoptionschecked['disablesmilies'] = " checked=\"checked\"";
|
}
| }
|
$mybb->input['icon'] = $post['icon'];
}
else
| $mybb->input['icon'] = $post['icon'];
}
else
|
| Zeile 776 | Zeile 778 |
|---|
$postoptionschecked['signature'] = " checked=\"checked\"";
}
if($mybb->user['subscriptionmethod'] == 1)
|
$postoptionschecked['signature'] = " checked=\"checked\"";
}
if($mybb->user['subscriptionmethod'] == 1)
|
{
| {
|
$postoptions_subscriptionmethod_none = "checked=\"checked\"";
}
else if($mybb->user['subscriptionmethod'] == 2)
| $postoptions_subscriptionmethod_none = "checked=\"checked\"";
}
else if($mybb->user['subscriptionmethod'] == 2)
|
| Zeile 792 | Zeile 794 |
|---|
if($forum['allowpicons'] != 0)
{
$posticons = get_post_icons();
|
if($forum['allowpicons'] != 0)
{
$posticons = get_post_icons();
|
| | }
// No subject, but post info?
if(!$subject && $mybb->input['subject'])
{
$subject = $mybb->input['subject'];
|
}
// Preview a post that was written.
| }
// Preview a post that was written.
|
| Zeile 903 | Zeile 911 |
|---|
{
$subject = "RE: " . $thread['subject'];
}
|
{
$subject = "RE: " . $thread['subject'];
}
|
| |
|
// Setup a unique posthash for attachment management
if(!$mybb->input['posthash'] && $mybb->input['action'] != "editdraft")
{
|
// Setup a unique posthash for attachment management
if(!$mybb->input['posthash'] && $mybb->input['action'] != "editdraft")
{
|
mt_srand ((double) microtime() * 1000000);
$posthash = md5($mybb->user['uid'].mt_rand());
| $posthash = md5($mybb->user['uid'].random_str());
}
elseif($mybb->input['action'] == "editdraft")
{
// Drafts have posthashes, too...
$posthash = $post['posthash'];
|
}
else
{
| }
else
{
|