Vergleich newreply.php - 1.4.4 - 1.4.16

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 6Zeile 6
 * Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*

 * Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*

 * $Id: newreply.php 4277 2008-11-23 20:47:16Z Tikitiki $

 * $Id: newreply.php 5379 2011-02-21 11:06:42Z Tomm $

 */

define("IN_MYBB", 1);

 */

define("IN_MYBB", 1);

Zeile 132Zeile 132
{
if(!$mybb->input['previewpost'] && $mybb->input['action'] != "do_newreply")
{

{
if(!$mybb->input['previewpost'] && $mybb->input['action'] != "do_newreply")
{

		$username = $lang->guest;

		$username = '';

	}
elseif($mybb->input['previewpost'])
{

	}
elseif($mybb->input['previewpost'])
{

Zeile 169Zeile 169

if(!$mybb->input['attachmentaid'] && ($mybb->input['newattachment'] || ($mybb->input['action'] == "do_newreply" && $mybb->input['submit'] && $_FILES['attachment'])))
{


if(!$mybb->input['attachmentaid'] && ($mybb->input['newattachment'] || ($mybb->input['action'] == "do_newreply" && $mybb->input['submit'] && $_FILES['attachment'])))
{

 
	// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


	if($mybb->input['action'] == "editdraft" || ($mybb->input['tid'] && $mybb->input['pid']))
{
$attachwhere = "pid='{$pid}'";

	if($mybb->input['action'] == "editdraft" || ($mybb->input['tid'] && $mybb->input['pid']))
{
$attachwhere = "pid='{$pid}'";

Zeile 190Zeile 193
	if($attachedfile['error'])
{
eval("\$attacherror = \"".$templates->get("error_attacherror")."\";");

	if($attachedfile['error'])
{
eval("\$attacherror = \"".$templates->get("error_attacherror")."\";");

		$mybb->input['action'] = "newreply";
}

		$mybb->input['action'] = "newreply";
}

	
if(!$mybb->input['submit'])
{
$mybb->input['action'] = "newreply";

	
if(!$mybb->input['submit'])
{
$mybb->input['action'] = "newreply";

 
		$editdraftpid = "<input type=\"hidden\" name=\"pid\" value=\"$pid\" />";

	}
}

// Remove an attachment.
if($mybb->input['attachmentaid'] && $mybb->input['posthash'])
{

	}
}

// Remove an attachment.
if($mybb->input['attachmentaid'] && $mybb->input['posthash'])
{

 
	// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


	require_once MYBB_ROOT."inc/functions_upload.php";
remove_attachment(0, $mybb->input['posthash'], $mybb->input['attachmentaid']);
if(!$mybb->input['submit'])
{
$mybb->input['action'] = "newreply";

	require_once MYBB_ROOT."inc/functions_upload.php";
remove_attachment(0, $mybb->input['posthash'], $mybb->input['attachmentaid']);
if(!$mybb->input['submit'])
{
$mybb->input['action'] = "newreply";

 
		$editdraftpid = "<input type=\"hidden\" name=\"pid\" value=\"$pid\" />";

	}
}

// Setup our posthash for managing attachments.
if(!$mybb->input['posthash'] && $mybb->input['action'] != "editdraft")

	}
}

// Setup our posthash for managing attachments.
if(!$mybb->input['posthash'] && $mybb->input['action'] != "editdraft")

{
mt_srand ((double) microtime() * 1000000);
$mybb->input['posthash'] = md5($thread['tid'].$mybb->user['uid'].mt_rand());
}


{
$mybb->input['posthash'] = md5($thread['tid'].$mybb->user['uid'].random_str());
}



$reply_errors = "";
$hide_captcha = false;


$reply_errors = "";
$hide_captcha = false;


Zeile 227Zeile 234
	$query = $db->simple_select("posts", "COUNT(*) AS posts_today", "uid='{$mybb->user['uid']}' AND visible='1' AND dateline>{$daycut}");
$post_count = $db->fetch_field($query, "posts_today");
if($post_count >= $mybb->settings['maxposts'])

	$query = $db->simple_select("posts", "COUNT(*) AS posts_today", "uid='{$mybb->user['uid']}' AND visible='1' AND dateline>{$daycut}");
$post_count = $db->fetch_field($query, "posts_today");
if($post_count >= $mybb->settings['maxposts'])

	{

	{

		$lang->error_maxposts = $lang->sprintf($lang->error_maxposts, $mybb->settings['maxposts']);
error($lang->error_maxposts);
}
}

		$lang->error_maxposts = $lang->sprintf($lang->error_maxposts, $mybb->settings['maxposts']);
error($lang->error_maxposts);
}
}





if($mybb->input['action'] == "do_newreply" && $mybb->request_method == "post")
{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);

$plugins->run_hooks("newreply_do_newreply_start");

if($mybb->input['action'] == "do_newreply" && $mybb->request_method == "post")
{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);

$plugins->run_hooks("newreply_do_newreply_start");





	// If this isn't a logged in user, then we need to do some special validation.
if($mybb->user['uid'] == 0)
{

	// If this isn't a logged in user, then we need to do some special validation.
if($mybb->user['uid'] == 0)
{

Zeile 261Zeile 268
			// If the user specified a password but it is wrong, throw back invalid password.
$mybb->user = validate_password_from_username($mybb->input['username'], $mybb->input['password']);
if(!$mybb->user['uid'])

			// If the user specified a password but it is wrong, throw back invalid password.
$mybb->user = validate_password_from_username($mybb->input['username'], $mybb->input['password']);
if(!$mybb->user['uid'])

			{

			{

				my_setcookie('loginattempts', $logins + 1);
$db->write_query("UPDATE ".TABLE_PREFIX."users SET loginattempts=loginattempts+1 WHERE username = '".$db->escape_string($mybb->input['username'])."'");
if($mybb->settings['failedlogintext'] == 1)

				my_setcookie('loginattempts', $logins + 1);
$db->write_query("UPDATE ".TABLE_PREFIX."users SET loginattempts=loginattempts+1 WHERE username = '".$db->escape_string($mybb->input['username'])."'");
if($mybb->settings['failedlogintext'] == 1)

Zeile 330Zeile 337
	}
if(!$mybb->input['savedraft'])
{

	}
if(!$mybb->input['savedraft'])
{

		$query = $db->simple_select("posts p", "p.pid", "{$user_check} AND p.tid='{$thread['tid']}' AND p.subject='".$db->escape_string($mybb->input['subject'])."' AND p.message='".$db->escape_string($mybb->input['message'])."' AND p.posthash='".$db->escape_string($mybb->input['posthash'])."'");

		$query = $db->simple_select("posts p", "p.pid", "{$user_check} AND p.tid='{$thread['tid']}' AND p.subject='".$db->escape_string($mybb->input['subject'])."' AND p.message='".$db->escape_string($mybb->input['message'])."' AND p.posthash='".$db->escape_string($mybb->input['posthash'])."' AND p.visible != '-2'");

		$duplicate_check = $db->fetch_field($query, "pid");
if($duplicate_check)
{

		$duplicate_check = $db->fetch_field($query, "pid");
if($duplicate_check)
{

Zeile 392Zeile 399
	{
$post_errors = $posthandler->get_friendly_errors();
}

	{
$post_errors = $posthandler->get_friendly_errors();
}

 
	
// Mark thread as read
require_once MYBB_ROOT."inc/functions_indicators.php";
mark_thread_read($tid, $fid);



// Check captcha image
if($mybb->settings['captchaimage'] == 1 && function_exists("imagepng") && !$mybb->user['uid'])


// Check captcha image
if($mybb->settings['captchaimage'] == 1 && function_exists("imagepng") && !$mybb->user['uid'])

Zeile 500Zeile 512
				}
}
}

				}
}
}


// Mark thread as read
require_once MYBB_ROOT."inc/functions_indicators.php";
mark_thread_read($tid, $fid);


		





		$plugins->run_hooks("newreply_do_newreply_end");

// This was a post made via the ajax quick reply - we need to do some special things here

		$plugins->run_hooks("newreply_do_newreply_end");

// This was a post made via the ajax quick reply - we need to do some special things here

Zeile 588Zeile 596
				echo $post;

// Build a new posthash incase the user wishes to quick reply again

				echo $post;

// Build a new posthash incase the user wishes to quick reply again

				mt_srand((double) microtime() * 1000000);
$new_posthash = md5($mybb->user['uid'].mt_rand());

			    $new_posthash = md5($mybb->user['uid'].random_str());


				echo "<script type=\"text/javascript\">\n"; 
echo "var hash = document.getElementById('posthash'); if(hash) { hash.value = '{$new_posthash}'; }\n";
echo "if(typeof(inlineModeration) != 'undefined') { Event.observe($('inlinemod_{$pid}'), 'click', inlineModeration.checkItem); }\n";

				echo "<script type=\"text/javascript\">\n"; 
echo "var hash = document.getElementById('posthash'); if(hash) { hash.value = '{$new_posthash}'; }\n";
echo "if(typeof(inlineModeration) != 'undefined') { Event.observe($('inlinemod_{$pid}'), 'click', inlineModeration.checkItem); }\n";

Zeile 619Zeile 626

$quote_ids = '';
// If this isn't a preview and we're not editing a draft, then handle quoted posts


$quote_ids = '';
// If this isn't a preview and we're not editing a draft, then handle quoted posts

	if(!$mybb->input['previewpost'] && !$reply_errors && $mybb->input['action'] != "editdraft")

	if(!$mybb->input['previewpost'] && !$reply_errors && $mybb->input['action'] != "editdraft" && !$mybb->input['attachmentaid'] && !$mybb->input['newattachment'] && !$mybb->input['updateattachment'] && !$mybb->input['rem'])

	{
$message = '';
$quoted_posts = array();

	{
$message = '';
$quoted_posts = array();

Zeile 718Zeile 725
	if($mybb->input['quoted_ids'])
{
$quoted_ids = htmlspecialchars_uni($mybb->input['quoted_ids']);

	if($mybb->input['quoted_ids'])
{
$quoted_ids = htmlspecialchars_uni($mybb->input['quoted_ids']);

	}

if($mybb->input['previewpost'])
{
$previewmessage = $mybb->input['message'];
}

	}

if($mybb->input['previewpost'])
{
$previewmessage = $mybb->input['message'];
}

	if(!$message)
{
$message = $mybb->input['message'];

	if(!$message)
{
$message = $mybb->input['message'];

Zeile 732Zeile 739

// Set up the post options.
if($mybb->input['previewpost'] || $maximageserror || $reply_errors != '')


// Set up the post options.
if($mybb->input['previewpost'] || $maximageserror || $reply_errors != '')

	{

	{

		$postoptions = $mybb->input['postoptions'];
if($postoptions['signature'] == 1)

		$postoptions = $mybb->input['postoptions'];
if($postoptions['signature'] == 1)

		{

		{

			$postoptionschecked['signature'] = " checked=\"checked\"";

			$postoptionschecked['signature'] = " checked=\"checked\"";

		}

		}

		if($postoptions['subscriptionmethod'] == "none")
{

		if($postoptions['subscriptionmethod'] == "none")
{

			$postoptions_subscriptionmethod_none = "checked=\"checked\"";
}
else if($postoptions['subscriptionmethod'] == "instant")
{
$postoptions_subscriptionmethod_instant = "checked=\"checked\"";
}
else
{
$postoptions_subscriptionmethod_dont = "checked=\"checked\"";

			$postoptions_subscriptionmethod_none = "checked=\"checked\"";
}
else if($postoptions['subscriptionmethod'] == "instant")
{
$postoptions_subscriptionmethod_instant = "checked=\"checked\"";
}
else
{
$postoptions_subscriptionmethod_dont = "checked=\"checked\"";

		}
if($postoptions['disablesmilies'] == 1)
{

		}
if($postoptions['disablesmilies'] == 1)
{

Zeile 767Zeile 774
		if($post['smilieoff'] == 1)
{
$postoptionschecked['disablesmilies'] = " checked=\"checked\"";

		if($post['smilieoff'] == 1)
{
$postoptionschecked['disablesmilies'] = " checked=\"checked\"";

		}

		}

		$mybb->input['icon'] = $post['icon'];
}
else

		$mybb->input['icon'] = $post['icon'];
}
else

Zeile 775Zeile 782
		if($mybb->user['signature'] != '')
{
$postoptionschecked['signature'] = " checked=\"checked\"";

		if($mybb->user['signature'] != '')
{
$postoptionschecked['signature'] = " checked=\"checked\"";

		}

		}

		if($mybb->user['subscriptionmethod'] ==  1)
{
$postoptions_subscriptionmethod_none = "checked=\"checked\"";

		if($mybb->user['subscriptionmethod'] ==  1)
{
$postoptions_subscriptionmethod_none = "checked=\"checked\"";

Zeile 793Zeile 800
	if($forum['allowpicons'] != 0)
{
$posticons = get_post_icons();

	if($forum['allowpicons'] != 0)
{
$posticons = get_post_icons();

 
	}

// No subject, but post info?
if(!$subject && $mybb->input['subject'])
{
$subject = $mybb->input['subject'];

	}

// Preview a post that was written.

	}

// Preview a post that was written.

Zeile 904Zeile 917
	{
$subject = "RE: " . $thread['subject'];
}

	{
$subject = "RE: " . $thread['subject'];
}

 


	// Setup a unique posthash for attachment management
if(!$mybb->input['posthash'] && $mybb->input['action'] != "editdraft")
{

	// Setup a unique posthash for attachment management
if(!$mybb->input['posthash'] && $mybb->input['action'] != "editdraft")
{

	    mt_srand ((double) microtime() * 1000000);
$posthash = md5($mybb->user['uid'].mt_rand());





	    $posthash = md5($mybb->user['uid'].random_str());
}
elseif($mybb->input['action'] == "editdraft")
{
// Drafts have posthashes, too...
$posthash = htmlspecialchars_uni($post['posthash']);

	}
else
{

	}
else
{

		$posthash = $mybb->input['posthash'];

		$posthash = htmlspecialchars_uni($mybb->input['posthash']);

	}

// Get a listing of the current attachments.

	}

// Get a listing of the current attachments.