| Zeile 6 | Zeile 6 |
|---|
* Website: http://mybb.com
* License: http://mybb.com/about/license
*
|
* Website: http://mybb.com
* License: http://mybb.com/about/license
*
|
* $Id: post.php 5380 2011-02-21 12:04:43Z Tomm $
| * $Id$
|
*/
// Disallow direct access to this file for security reasons
| */
// Disallow direct access to this file for security reasons
|
| Zeile 145 | Zeile 145 |
|---|
global $db;
$post = &$this->data;
$subject = &$post['subject'];
|
global $db;
$post = &$this->data;
$subject = &$post['subject'];
|
| | $subject = trim_blank_chrs($subject);
|
// Are we editing an existing thread or post?
if($this->method == "update" && $post['pid'])
|
// Are we editing an existing thread or post?
if($this->method == "update" && $post['pid'])
|
| Zeile 173 | Zeile 174 |
|---|
}
// If this is the first post there needs to be a subject, else make it the default one.
|
}
// If this is the first post there needs to be a subject, else make it the default one.
|
if(my_strlen(trim_blank_chrs($subject)) == 0 && $first_post)
| if(my_strlen($subject) == 0 && $first_post)
|
{
$this->set_error("firstpost_no_subject");
return false;
| {
$this->set_error("firstpost_no_subject");
return false;
|
| Zeile 188 | Zeile 189 |
|---|
// This is a new post
else if($this->action == "post")
{
|
// This is a new post
else if($this->action == "post")
{
|
if(my_strlen(trim_blank_chrs($subject)) == 0)
| if(my_strlen($subject) == 0)
|
{
$thread = get_thread($post['tid']);
$subject = "RE: ".$thread['subject'];
| {
$thread = get_thread($post['tid']);
$subject = "RE: ".$thread['subject'];
|
| Zeile 198 | Zeile 199 |
|---|
// This is a new thread and we require that a subject is present.
else
{
|
// This is a new thread and we require that a subject is present.
else
{
|
if(my_strlen(trim_blank_chrs($subject)) == 0)
| if(my_strlen($subject) == 0)
|
{
$this->set_error("missing_subject");
return false;
}
|
{
$this->set_error("missing_subject");
return false;
}
|
| | }
// If post is reply and begins with "RE: ", remove 4 from subject length.
$subject_length = my_strlen($subject);
if($this->action == "post")
{
$position_re = my_strpos($subject, "RE: ");
if($position_re !== false && $position_re == 0)
{
$subject_length = $subject_length - 4;
}
}
if($subject_length > 85)
{
// Subject is too long
$this->set_error('subject_too_long', my_strlen($subject));
return false;
|
}
// Subject is valid - return true.
return true;
}
|
}
// Subject is valid - return true.
return true;
}
|
|
|
/**
* Verifies a post message.
*
| /**
* Verifies a post message.
*
|
| Zeile 219 | Zeile 238 |
|---|
global $mybb;
$post = &$this->data;
|
global $mybb;
$post = &$this->data;
|
| $post['message'] = trim_blank_chrs($post['message']);
|
// Do we even have a message at all?
|
// Do we even have a message at all?
|
if(my_strlen(trim_blank_chrs($post['message'])) == 0)
| if(my_strlen($post['message']) == 0)
|
{
$this->set_error("missing_message");
return false;
| {
$this->set_error("missing_message");
return false;
|
| Zeile 268 | Zeile 288 |
|---|
{
global $mybb;
|
{
global $mybb;
|
$post = &$this->data;
| $post = &$this->data;
|
// Check if post flooding is enabled within MyBB or if the admin override option is specified.
if($mybb->settings['postfloodcheck'] == 1 && $post['uid'] != 0 && $this->admin_override == false)
{
| // Check if post flooding is enabled within MyBB or if the admin override option is specified.
if($mybb->settings['postfloodcheck'] == 1 && $post['uid'] != 0 && $this->admin_override == false)
{
|
| Zeile 315 | Zeile 335 |
|---|
// Are we even turned on?
if(empty($mybb->settings['postmergemins']))
|
// Are we even turned on?
if(empty($mybb->settings['postmergemins']))
|
{
| {
|
return true;
|
return true;
|
}
| }
|
// Assign a default separator if none is specified
if(trim($mybb->settings['postmergesep']) == "")
|
// Assign a default separator if none is specified
if(trim($mybb->settings['postmergesep']) == "")
|
{
| {
|
$mybb->settings['postmergesep'] = "[hr]";
}
| $mybb->settings['postmergesep'] = "[hr]";
}
|
| Zeile 331 | Zeile 351 |
|---|
$gids = explode(',', $mybb->settings['postmergeuignore']);
$gids = array_map('intval', $gids);
|
$gids = explode(',', $mybb->settings['postmergeuignore']);
$gids = array_map('intval', $gids);
|
|
|
$user_usergroups = explode(',', $mybb->user['usergroup'].",".$mybb->user['additionalgroups']);
if(count(array_intersect($user_usergroups, $gids)) > 0)
{
| $user_usergroups = explode(',', $mybb->user['usergroup'].",".$mybb->user['additionalgroups']);
if(count(array_intersect($user_usergroups, $gids)) > 0)
{
|
| Zeile 382 | Zeile 402 |
|---|
$user_check = "ipaddress='".$db->escape_string($session->ipaddress)."'";
}
|
$user_check = "ipaddress='".$db->escape_string($session->ipaddress)."'";
}
|
$query = $db->simple_select("posts", "pid,message,visible,posthash", "{$user_check} AND tid='".$post['tid']."' AND dateline='".$thread['lastpost']."'", array('order_by' => 'pid', 'order_dir' => 'DESC', 'limit' => 1));
| $query = $db->simple_select("posts", "pid,message,visible", "{$user_check} AND tid='".$post['tid']."' AND dateline='".$thread['lastpost']."'", array('order_by' => 'pid', 'order_dir' => 'DESC', 'limit' => 1));
|
return $db->fetch_array($query);
}
| return $db->fetch_array($query);
}
|
| Zeile 581 | Zeile 601 |
|---|
$time = TIME_NOW;
$this->action = "post";
|
$time = TIME_NOW;
$this->action = "post";
|
|
|
if($this->method != "update" && !$post['savedraft'])
{
$this->verify_post_flooding();
| if($this->method != "update" && !$post['savedraft'])
{
$this->verify_post_flooding();
|
| Zeile 626 | Zeile 646 |
|---|
$this->verify_options();
}
|
$this->verify_options();
}
|
$plugins->run_hooks_by_ref("datahandler_post_validate_post", $this);
| $plugins->run_hooks("datahandler_post_validate_post", $this);
|
// We are done validating, return.
$this->set_validated(true);
|
// We are done validating, return.
$this->set_validated(true);
|
| Zeile 760 | Zeile 780 |
|---|
{
$visible = 0;
}
|
{
$visible = 0;
}
|
| | }
$post['pid'] = intval($post['pid']);
$post['uid'] = intval($post['uid']);
if($post['pid'] > 0)
{
$query = $db->simple_select("posts", "tid", "pid='{$post['pid']}' AND uid='{$post['uid']}' AND visible='-2'");
$draft_check = $db->fetch_field($query, "tid");
}
else
{
$draft_check = false;
|
}
if($this->method != "update" && $visible == 1)
| }
if($this->method != "update" && $visible == 1)
|
| Zeile 771 | Zeile 804 |
|---|
{
$this->pid = $double_post['pid'];
|
{
$this->pid = $double_post['pid'];
|
$post['message'] = $double_post['message'] .= $mybb->settings['postmergesep']."\n".$post['message'];
| $post['message'] = $double_post['message'] .= "\n".$mybb->settings['postmergesep']."\n".$post['message'];
|
$update_query = array(
"message" => $db->escape_string($double_post['message'])
);
| $update_query = array(
"message" => $db->escape_string($double_post['message'])
);
|
| Zeile 779 | Zeile 812 |
|---|
$update_query['edittime'] = TIME_NOW;
$query = $db->update_query("posts", $update_query, "pid='".$double_post['pid']."'");
|
$update_query['edittime'] = TIME_NOW;
$query = $db->update_query("posts", $update_query, "pid='".$double_post['pid']."'");
|
// Assign any uploaded attachments with the specific posthash to the merged post.
if($double_post['posthash'])
| if($draft_check)
{
$db->delete_query("posts", "pid='".$post['pid']."'");
}
// Assign any uploaded attachments with the specific posthash to the merged post.
$post['posthash'] = $db->escape_string($post['posthash']);
$query = $db->simple_select("attachments", "COUNT(aid) AS attachmentcount", "pid='0' AND visible='1' AND posthash='{$post['posthash']}'");
$attachmentcount = $db->fetch_field($query, "attachmentcount");
if($attachmentcount > 0)
|
{
|
{
|
$post['posthash'] = $db->escape_string($post['posthash']);
$double_post['posthash'] = $db->escape_string($double_post['posthash']);
$query = $db->simple_select("attachments", "COUNT(aid) AS attachmentcount", "pid='0' AND visible='1' AND posthash='{$post['posthash']}'");
$attachmentcount = $db->fetch_field($query, "attachmentcount");
| // Update forum count
update_thread_counters($post['tid'], array('attachmentcount' => "+{$attachmentcount}"));
}
$attachmentassign = array(
"pid" => $double_post['pid'],
"posthash" => ''
);
$db->update_query("attachments", $attachmentassign, "posthash='{$post['posthash']}'");
|
|
|
if($attachmentcount > 0)
{
// Update forum count
update_thread_counters($post['tid'], array('attachmentcount' => "+{$attachmentcount}"));
}
$attachmentassign = array(
"pid" => $double_post['pid'],
"posthash" => $double_post['posthash'],
);
$db->update_query("attachments", $attachmentassign, "posthash='{$post['posthash']}'");
$post['posthash'] = $double_post['posthash'];
}
| |
// Return the post's pid and whether or not it is visible.
return array(
"pid" => $double_post['pid'],
| // Return the post's pid and whether or not it is visible.
return array(
"pid" => $double_post['pid'],
|
| Zeile 814 | Zeile 846 |
|---|
if($visible == 1 && $thread['visible'] == 1)
{
$now = TIME_NOW;
|
if($visible == 1 && $thread['visible'] == 1)
{
$now = TIME_NOW;
|
|
|
// Yes, the value to the lastpost key in this array has single quotes within double quotes. It's not a bug.
$update_array = array(
'lastpost' => "'{$now}'"
| // Yes, the value to the lastpost key in this array has single quotes within double quotes. It's not a bug.
$update_array = array(
'lastpost' => "'{$now}'"
|
| Zeile 825 | Zeile 857 |
|---|
}
$db->update_query("users", $update_array, "uid='{$post['uid']}'", 1, true);
|
}
$db->update_query("users", $update_array, "uid='{$post['uid']}'", 1, true);
|
}
$post['pid'] = intval($post['pid']);
$post['uid'] = intval($post['uid']);
if($post['pid'] > 0)
{
$query = $db->simple_select("posts", "tid", "pid='{$post['pid']}' AND uid='{$post['uid']}' AND visible='-2'");
$draft_check = $db->fetch_field($query, "tid");
}
else
{
$draft_check = false;
| |
}
// Are we updating a post which is already a draft? Perhaps changing it into a visible post?
| }
// Are we updating a post which is already a draft? Perhaps changing it into a visible post?
|
| Zeile 845 | Zeile 864 |
|---|
{
// Update a post that is a draft
$this->post_update_data = array(
|
{
// Update a post that is a draft
$this->post_update_data = array(
|
"subject" => $db->escape_string($post['subject']),
"icon" => intval($post['icon']),
| "subject" => $db->escape_string($post['subject']),
"icon" => intval($post['icon']),
|
"uid" => $post['uid'],
"username" => $db->escape_string($post['username']),
"dateline" => intval($post['dateline']),
|
"uid" => $post['uid'],
"username" => $db->escape_string($post['username']),
"dateline" => intval($post['dateline']),
|
"message" => $db->escape_string($post['message']),
"ipaddress" => $db->escape_string($post['ipaddress']),
"longipaddress" => intval(my_ip2long($post['ipaddress'])),
"includesig" => $post['options']['signature'],
"smilieoff" => $post['options']['disablesmilies'],
"visible" => $visible,
"posthash" => $db->escape_string($post['posthash'])
| "message" => $db->escape_string($post['message']),
"ipaddress" => $db->escape_string($post['ipaddress']),
"longipaddress" => intval(my_ip2long($post['ipaddress'])),
"includesig" => $post['options']['signature'],
"smilieoff" => $post['options']['disablesmilies'],
"visible" => $visible
|
);
|
);
|
$plugins->run_hooks_by_ref("datahandler_post_insert_post", $this);
| $plugins->run_hooks("datahandler_post_insert_post", $this);
|
$db->update_query("posts", $this->post_update_data, "pid='{$post['pid']}'");
$this->pid = $post['pid'];
|
$db->update_query("posts", $this->post_update_data, "pid='{$post['pid']}'");
$this->pid = $post['pid'];
|
| Zeile 881 | Zeile 899 |
|---|
"longipaddress" => intval(my_ip2long($post['ipaddress'])),
"includesig" => $post['options']['signature'],
"smilieoff" => $post['options']['disablesmilies'],
|
"longipaddress" => intval(my_ip2long($post['ipaddress'])),
"includesig" => $post['options']['signature'],
"smilieoff" => $post['options']['disablesmilies'],
|
"visible" => $visible,
"posthash" => $db->escape_string($post['posthash'])
| "visible" => $visible
|
);
|
);
|
$plugins->run_hooks_by_ref("datahandler_post_insert_post", $this);
| $plugins->run_hooks("datahandler_post_insert_post", $this);
|
$this->pid = $db->insert_query("posts", $this->post_insert_data);
}
|
$this->pid = $db->insert_query("posts", $this->post_insert_data);
}
|
| Zeile 895 | Zeile 912 |
|---|
{
$post['posthash'] = $db->escape_string($post['posthash']);
$attachmentassign = array(
|
{
$post['posthash'] = $db->escape_string($post['posthash']);
$attachmentassign = array(
|
"pid" => $this->pid
| "pid" => $this->pid,
"posthash" => ''
|
);
$db->update_query("attachments", $attachmentassign, "posthash='{$post['posthash']}'");
}
| );
$db->update_query("attachments", $attachmentassign, "posthash='{$post['posthash']}'");
}
|
| Zeile 1012 | Zeile 1030 |
|---|
// Update the unapproved posts count for the current forum
update_thread_counters($post['tid'], array("replies" => "+1"));
update_forum_counters($post['fid'], array("unapprovedposts" => "+1"));
|
// Update the unapproved posts count for the current forum
update_thread_counters($post['tid'], array("replies" => "+1"));
update_forum_counters($post['fid'], array("unapprovedposts" => "+1"));
|
| | }
$query = $db->simple_select("attachments", "COUNT(aid) AS attachmentcount", "pid='{$this->pid}' AND visible='1'");
$attachmentcount = $db->fetch_field($query, "attachmentcount");
if($attachmentcount > 0)
{
update_thread_counters($post['tid'], array("attachmentcount" => "+{$attachmentcount}"));
|
}
// Return the post's pid and whether or not it is visible.
| }
// Return the post's pid and whether or not it is visible.
|
| Zeile 1076 | Zeile 1101 |
|---|
$this->verify_options();
}
|
$this->verify_options();
}
|
$plugins->run_hooks_by_ref("datahandler_post_validate_thread", $this);
| $plugins->run_hooks("datahandler_post_validate_thread", $this);
|
// We are done validating, return.
$this->set_validated(true);
|
// We are done validating, return.
$this->set_validated(true);
|
| Zeile 1171 | Zeile 1196 |
|---|
"visible" => $visible
);
|
"visible" => $visible
);
|
$plugins->run_hooks_by_ref("datahandler_post_insert_thread", $this);
| $plugins->run_hooks("datahandler_post_insert_thread", $this);
|
$db->update_query("threads", $this->thread_insert_data, "tid='{$thread['tid']}'");
|
$db->update_query("threads", $this->thread_insert_data, "tid='{$thread['tid']}'");
|
| Zeile 1184 | Zeile 1209 |
|---|
"ipaddress" => $db->escape_string(get_ip()),
"includesig" => $thread['options']['signature'],
"smilieoff" => $thread['options']['disablesmilies'],
|
"ipaddress" => $db->escape_string(get_ip()),
"includesig" => $thread['options']['signature'],
"smilieoff" => $thread['options']['disablesmilies'],
|
"visible" => $visible,
"posthash" => $db->escape_string($thread['posthash'])
| "visible" => $visible
|
);
|
);
|
$plugins->run_hooks_by_ref("datahandler_post_insert_thread_post", $this);
| $plugins->run_hooks("datahandler_post_insert_thread_post", $this);
|
$db->update_query("posts", $this->post_insert_data, "pid='{$thread['pid']}'");
$this->tid = $thread['tid'];
|
$db->update_query("posts", $this->post_insert_data, "pid='{$thread['pid']}'");
$this->tid = $thread['tid'];
|
| Zeile 1201 | Zeile 1225 |
|---|
"fid" => $thread['fid'],
"subject" => $db->escape_string($thread['subject']),
"prefix" => intval($thread['prefix']),
|
"fid" => $thread['fid'],
"subject" => $db->escape_string($thread['subject']),
"prefix" => intval($thread['prefix']),
|
"icon" => intval($thread['icon']),
"uid" => $thread['uid'],
| "icon" => intval($thread['icon']),
"uid" => $thread['uid'],
|
"username" => $db->escape_string($thread['username']),
"dateline" => intval($thread['dateline']),
"lastpost" => intval($thread['dateline']),
| "username" => $db->escape_string($thread['username']),
"dateline" => intval($thread['dateline']),
"lastpost" => intval($thread['dateline']),
|
| Zeile 1213 | Zeile 1237 |
|---|
"notes" => ''
);
|
"notes" => ''
);
|
$plugins->run_hooks_by_ref("datahandler_post_insert_thread", $this);
| $plugins->run_hooks("datahandler_post_insert_thread", $this);
|
$this->tid = $db->insert_query("threads", $this->thread_insert_data);
|
$this->tid = $db->insert_query("threads", $this->thread_insert_data);
|
| Zeile 1230 | Zeile 1254 |
|---|
"longipaddress" => intval(my_ip2long(get_ip())),
"includesig" => $thread['options']['signature'],
"smilieoff" => $thread['options']['disablesmilies'],
|
"longipaddress" => intval(my_ip2long(get_ip())),
"includesig" => $thread['options']['signature'],
"smilieoff" => $thread['options']['disablesmilies'],
|
"visible" => $visible,
"posthash" => $db->escape_string($thread['posthash'])
| "visible" => $visible
|
);
|
);
|
$plugins->run_hooks_by_ref("datahandler_post_insert_thread_post", $this);
| $plugins->run_hooks("datahandler_post_insert_thread_post", $this);
|
$this->pid = $db->insert_query("posts", $this->post_insert_data);
|
$this->pid = $db->insert_query("posts", $this->post_insert_data);
|
| Zeile 1430 | Zeile 1453 |
|---|
{
$thread['posthash'] = $db->escape_string($thread['posthash']);
$attachmentassign = array(
|
{
$thread['posthash'] = $db->escape_string($thread['posthash']);
$attachmentassign = array(
|
"pid" => $this->pid
| "pid" => $this->pid,
"posthash" => ''
|
);
$db->update_query("attachments", $attachmentassign, "posthash='{$thread['posthash']}'");
}
| );
$db->update_query("attachments", $attachmentassign, "posthash='{$thread['posthash']}'");
}
|
| Zeile 1582 | Zeile 1606 |
|---|
}
if(count($this->thread_update_data) > 0)
{
|
}
if(count($this->thread_update_data) > 0)
{
|
$plugins->run_hooks_by_ref("datahandler_post_update_thread", $this);
| $plugins->run_hooks("datahandler_post_update_thread", $this);
|
$db->update_query("threads", $this->thread_update_data, "tid='".intval($post['tid'])."'");
}
|
$db->update_query("threads", $this->thread_update_data, "tid='".intval($post['tid'])."'");
}
|
| Zeile 1628 | Zeile 1652 |
|---|
$this->post_update_data['visible'] = $visible;
|
$this->post_update_data['visible'] = $visible;
|
$plugins->run_hooks_by_ref("datahandler_post_update", $this);
| $plugins->run_hooks("datahandler_post_update", $this);
|
$db->update_query("posts", $this->post_update_data, "pid='".intval($post['pid'])."'");
|
$db->update_query("posts", $this->post_update_data, "pid='".intval($post['pid'])."'");
|